www.rembrandtcasino.com Open in urlscan Pro
2606:4700:20::681a:5f1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/3NhWn4t#c19184LegIb35573nnzf4262Dxr1311dhuJ1518
Effective URL:
https://www.rembrandtcasino.com/en/register
Submission: On May 22 via api (May 22nd 2022, 1:33:11 am UTC) from BE — Scanned from DE

Summary HTTP 93 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 34 IPs in 8 countries across 32 domains to perform 93 HTTP transactions. The main IP is 2606:4700:20::681a:5f1, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.rembrandtcasino.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 24th 2021. Valid for: a year.

This is the only time www.rembrandtcasino.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.11 67.199.248.11	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	142.202.191.93 142.202.191.93	398019 (DYNU) (DYNU)
1 1	2606:4700:303... 2606:4700:3033::ac43:89dd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	212.100.228.202 212.100.228.202	15395 (RACKSPACE...) (RACKSPACE-LON)
3 27	2606:4700:20:... 2606:4700:20::681a:5f1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	37.157.5.71 37.157.5.71	198622 (ADFORM) (ADFORM)
3	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
11	174.138.107.223 174.138.107.223	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	108.157.4.113 108.157.4.113	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 2	37.157.2.238 37.157.2.238	198622 (ADFORM) (ADFORM)
3	2a00:1450:400... 2a00:1450:4001:812::200d	15169 (GOOGLE) (GOOGLE)
2 3	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1	37.157.2.234 37.157.2.234	198622 (ADFORM) (ADFORM)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1 3	185.33.221.88 185.33.221.88	29990 (ASN-APPNEX) (ASN-APPNEX)
2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 3	54.77.41.50 54.77.41.50	16509 (AMAZON-02) (AMAZON-02)
1	104.36.113.107 104.36.113.107	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	159.65.197.210 159.65.197.210	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 3	35.186.194.101 35.186.194.101	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:710... 2a02:26f0:7100:1b6::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 4	213.155.156.188 213.155.156.188	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	108.157.4.45 108.157.4.45	16509 (AMAZON-02) (AMAZON-02)
1	205.185.208.79 205.185.208.79	20446 (STACKPATH...) (STACKPATH-CDN)
1	143.204.215.65 143.204.215.65	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 1	154.57.158.48 154.57.158.48	26558 (FREEWHEEL) (FREEWHEEL)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2	104.75.88.209 104.75.88.209	16625 (AKAMAI-AS) (AKAMAI-AS)
93	34

1 67.199.248.11 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.202.191.93 (Chandler, United States) 1 redirects

ASN398019 (DYNU, US)
PTR: togomori.poix.osaka.jp

togomori.poix.osaka.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:89dd (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tracking.3-0ccc2-ll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.100.228.202 (United Kingdom) 1 redirects

ASN15395 (RACKSPACE-LON, GB)
PTR: 935077-web2.clear-reports.com

www.clear-reports.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2606:4700:20::681a:5f1 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

www.rembrandtcasino.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.rembrandtcasino.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.71 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 174.138.107.223 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-113.dus51.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.238 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.234.233 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.88 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.77.41.50 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-41-50.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.113.107 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.194.101 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 101.194.186.35.bc.googleusercontent.com

ad.sxp.smartclip.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:7100:1b6::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.155.156.188 (Uppsala, Sweden) 1 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-188.teliacarrier-cust.com

tb.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-45.dus51.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.208.79 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: vip079.ssl.hwcdn.net

static.trafficjunky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-65.fra53.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.57.158.48 (United States) 1 redirects

ASN26558 (FREEWHEEL, US)

1f2e7.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.75.88.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	rembrandtcasino.com 3 redirects www.rembrandtcasino.com s.rembrandtcasino.com	4 MB
12	bidtheatre.com adsby.bidtheatre.com — Cisco Umbrella Rank: 2523 match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2528	17 KB
9	google.com apis.google.com — Cisco Umbrella Rank: 100 www.google.com — Cisco Umbrella Rank: 7 accounts.google.com — Cisco Umbrella Rank: 82	116 KB
4	de17a.com 1 redirects tb.de17a.com — Cisco Umbrella Rank: 611208	9 KB
4	doubleclick.net 2 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 212 stats.g.doubleclick.net — Cisco Umbrella Rank: 92	1 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	198 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	40 KB
4	adform.net 1 redirects s2.adform.net — Cisco Umbrella Rank: 5663 track.adform.net — Cisco Umbrella Rank: 3865 cm.adform.net — Cisco Umbrella Rank: 2172	30 KB
3	smartclip.net 1 redirects ad.sxp.smartclip.net — Cisco Umbrella Rank: 3216	534 B
3	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 646	1 KB
3	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 240	3 KB
3	stickyadstv.com 2 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 675	2 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 645 script.hotjar.com — Cisco Umbrella Rank: 896 vars.hotjar.com — Cisco Umbrella Rank: 989	67 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 432	7 KB
2	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 856	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	500 B
2	google.de www.google.de — Cisco Umbrella Rank: 5483	564 B
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 750	19 KB
2	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 354	478 B
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 518	1 KB
2	gstatic.com www.gstatic.com	179 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 338	265 B
1	fwmrm.net 1 redirects 1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 4367	481 B
1	trafficjunky.com static.trafficjunky.com — Cisco Umbrella Rank: 13765	4 KB
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 606	436 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	64 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	1 KB
1	clear-reports.com 1 redirects www.clear-reports.com — Cisco Umbrella Rank: 405991	1 KB
1	3-0ccc2-ll.com 1 redirects tracking.3-0ccc2-ll.com	797 B
1	poix.osaka.jp 1 redirects togomori.poix.osaka.jp	503 B
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 4032	378 B
0	freegeoip.app Failed freegeoip.app Failed
93	32

	Domain	Requested by
24	www.rembrandtcasino.com	3 redirects www.rembrandtcasino.com
11	adsby.bidtheatre.com	www.rembrandtcasino.com adsby.bidtheatre.com www.googletagmanager.com
4	tb.de17a.com	1 redirects www.rembrandtcasino.com tb.de17a.com
4	connect.facebook.net	www.rembrandtcasino.com connect.facebook.net
4	www.google-analytics.com	www.rembrandtcasino.com www.google-analytics.com www.googletagmanager.com
3	ad.sxp.smartclip.net	1 redirects adsby.bidtheatre.com
3	ad.360yield.com	1 redirects adsby.bidtheatre.com
3	ib.adnxs.com	1 redirects adsby.bidtheatre.com
3	ads.stickyadstv.com	2 redirects
3	accounts.google.com	apis.google.com www.rembrandtcasino.com www.gstatic.com
3	www.google.com	www.rembrandtcasino.com
3	apis.google.com	www.rembrandtcasino.com apis.google.com
3	cdn.jsdelivr.net	www.rembrandtcasino.com cdn.jsdelivr.net
3	s.rembrandtcasino.com	www.rembrandtcasino.com
2	ct.pinterest.com	s.pinimg.com
2	www.facebook.com
2	www.google.de
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	cm.g.doubleclick.net	2 redirects
2	pixel.rubiconproject.com
2	sync.search.spotxchange.com	1 redirects
2	track.adform.net	1 redirects
2	www.gstatic.com	www.google.com accounts.google.com
1	match.adsrvr.org
1	1f2e7.v.fwmrm.net	1 redirects
1	vars.hotjar.com	static.hotjar.com
1	static.trafficjunky.com	www.rembrandtcasino.com
1	script.hotjar.com	static.hotjar.com
1	match.adsby.bidtheatre.com
1	simage2.pubmatic.com
1	cm.adform.net
1	static.hotjar.com	www.rembrandtcasino.com
1	www.googletagmanager.com	www.rembrandtcasino.com
1	fonts.googleapis.com	www.rembrandtcasino.com
1	s2.adform.net	www.rembrandtcasino.com
1	www.clear-reports.com	1 redirects
1	tracking.3-0ccc2-ll.com	1 redirects
1	togomori.poix.osaka.jp	1 redirects
1	bit.ly	1 redirects
0	freegeoip.app Failed	cdn.jsdelivr.net
93	41

This site contains links to these domains. Also see Links.

Domain
rembrandtcasino.com
authorisation.mga.org.mt
www.instagram.com
twitter.com
www.facebook.com
www.youtube.com
t.me
www.condor-affiliates.com
www.gamcare.org.uk
www.rgf.org.mt
cookie-bar.eu
ico.org.uk
support.google.com
support.mozilla.org
windows.microsoft.com
help.opera.com
support.apple.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-24` - `2022-06-23`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.bidtheatre.com Go Daddy Secure Certificate Authority - G2	`2021-12-19` - `2023-01-20`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-28` - `2022-05-29`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
ads.stickyadstv.com DigiCert SHA2 Secure Server CA	`2021-09-19` - `2022-09-20`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-05-28` - `2022-06-15`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.de17a.com Sectigo ECC Domain Validation Secure Server CA	`2021-12-20` - `2022-12-20`	a year	crt.sh
www.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.trafficjunky.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-05` - `2022-11-05`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.360yield.com Amazon	`2021-07-28` - `2022-08-26`	a year	crt.sh
*.sxp.smartclip.net GTS CA 1D4	`2022-03-26` - `2022-06-24`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.rembrandtcasino.com/en/register
Frame ID: E4E7A0FABB545C57CC72F1F66D784469
Requests: 86 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: BDAA58FFE8DE3245F0C083AF8C623ECC
Requests: 4 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-4924254a9ce4dc9b959b6e4a9b662d60.html
Frame ID: DBEFCC0C909A57139D3B8D9F3245DD4A
Requests: 1 HTTP requests in this frame

Frame: https://tb.de17a.com/api/getUid;c?data=%7B%7D&callback=$d7_cb_1
Frame ID: 552E2FBD6FDF7C8717DDB97C0BA16B89
Requests: 1 HTTP requests in this frame

Frame: https://tb.de17a.com/api/pageView?data=%7B%22action%22%3A%22pageView%22%2C%22pageId%22%3A%22YOUR_PAGE_ID%22%2C%22url%22%3A%22https%3A%2F%2Fwww.rembrandtcasino.com%2Fen%2Fregister%23c19184LegIb35573nnzf4262Dxr1311dhuJ1518%22%2C%22title%22%3A%22Register%20with%20Rembrandt%20Casino%20%7C%20Probably%20the%20Best%20Casino%20in%20the%20World%22%2C%22trackingAccountId%22%3A%2217728%22%2C%22referrer%22%3A%22%22%7D&callback=$d7_cb_2
Frame ID: 81DE9C8F3E9AFB65503A69D5451BEA9B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Register with Rembrandt Casino | Probably the Best Casino in the World

Page URL History Show full URLs

https://bit.ly/3NhWn4t HTTP 301
http://togomori.poix.osaka.jp/app/wrap/YXBwL3JlZGlyZWN0aW9uL3dyYXAucGhwP3RyYWNrPUExWEMtMVhSMlhNMVhTMjg5WFY... HTTP 302
http://tracking.3-0ccc2-ll.com/track/click.php?wcc=633c1c527709af144295130a0c9fb475&wchwcli=1135647&pp_subi... HTTP 302
https://www.clear-reports.com/track/click.php?wcc=633c1c527709af144295130a0c9fb475&wchwcli=1135647&pp_subi... HTTP 302
https://www.rembrandtcasino.com/deep/player--register/mediaCode/textlink/affiliate/87644/wgti/302559172/wgtv... HTTP 307
https://www.rembrandtcasino.com/en/deep/player--register/mediaCode/textlink/affiliate/87644/wgti/302559172/w... HTTP 302
https://www.rembrandtcasino.com/register HTTP 307
https://www.rembrandtcasino.com/en/register Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

<(?:iframe|img)[^>]+adnxs\.(?:net|com)
adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

93
Requests

90 %
HTTPS

38 %
IPv6

32
Domains

41
Subdomains

34
IPs

8
Countries

4794 kB
Transfer

7257 kB
Size

50
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://rembrandtcasino.com/en

Search URL Search Domain Scan URL

URL: https://rembrandtcasino.com/en/casino?section=gameCollection_blackjack
Title: Blackjack

Search URL Search Domain Scan URL

URL: https://rembrandtcasino.com/en/casino?section=gameCollection_poker

Search URL Search Domain Scan URL

URL: https://rembrandtcasino.com/en/casino?section=gameCollection_baccarat
Title: Baccarat

Search URL Search Domain Scan URL

URL: https://rembrandtcasino.com/en/casino?section=gameCollection_roulette
Title: Roulette

Search URL Search Domain Scan URL

URL: https://rembrandtcasino.com/en/casino?section=gameCollection_video
Title: Video Poker

Search URL Search Domain Scan URL

URL: https://rembrandtcasino.com/en/casino?section=gameCollection_scratch
Title: Scratch Cards

Search URL Search Domain Scan URL

URL: https://rembrandtcasino.com/en/slots
Title: Slots

Search URL Search Domain Scan URL

URL: https://rembrandtcasino.com/en/slots?section=gameCollection_new
Title: New

Search URL Search Domain Scan URL

URL: https://rembrandtcasino.com/en/slots?section=gameCollection_popular
Title: Popular

Search URL Search Domain Scan URL

URL: https://rembrandtcasino.com/en/slots?section=gameCollection_favourites
Title: Favorites

Search URL Search Domain Scan URL

URL: https://rembrandtcasino.com/en/slots?section=gameCollection_jackpot
Title: Jackpots

Search URL Search Domain Scan URL

URL: https://rembrandtcasino.com/en/home
Title: Home

Search URL Search Domain Scan URL

URL: https://authorisation.mga.org.mt/verification.aspx?lang=en&company=9d971e88-8e16-4751-b548-77358f11892e&details=1

Search URL Search Domain Scan URL

URL: https://www.instagram.com/rembrandt_casino

Search URL Search Domain Scan URL

URL: https://twitter.com/RembrandtCasino

Search URL Search Domain Scan URL

URL: https://www.facebook.com/rembrandtcasinosportsbook

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCDLGFIEkSikebCHv7FzOShQ

Search URL Search Domain Scan URL

URL: https://t.me/+5cSQYkN9J6A5NGNk
Title: Follow us on Telegram

Search URL Search Domain Scan URL

URL: https://www.condor-affiliates.com/
Title: Condor Affiliates

Search URL Search Domain Scan URL

URL: http://www.gamcare.org.uk/

Search URL Search Domain Scan URL

URL: http://www.rgf.org.mt/

Search URL Search Domain Scan URL

URL: https://rembrandtcasino.com/en/casino
Title: Back To Casino

Search URL Search Domain Scan URL

URL: https://cookie-bar.eu/
Title: cookie bar

Search URL Search Domain Scan URL

URL: https://ico.org.uk/for-organisations/guide-to-pecr/cookies-and-similar-technologies/
Title: Information Commissioner's Office

Search URL Search Domain Scan URL

URL: https://support.google.com/accounts/answer/61416?hl=en
Title: Chrome

Search URL Search Domain Scan URL

URL: https://support.mozilla.org/en-GB/kb/enable-and-disable-cookies-website-preferences
Title: Firefox

Search URL Search Domain Scan URL

URL: http://windows.microsoft.com/en-gb/internet-explorer/delete-manage-cookies#ie=ie-11
Title: Internet Explorer

Search URL Search Domain Scan URL

URL: https://help.opera.com/en/latest/web-preferences/#cookies
Title: Opera

Search URL Search Domain Scan URL

URL: https://support.apple.com/en-gb/guide/safari/sfri11471/mac
Title: Safari

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/3NhWn4t HTTP 301
http://togomori.poix.osaka.jp/app/wrap/YXBwL3JlZGlyZWN0aW9uL3dyYXAucGhwP3RyYWNrPUExWEMtMVhSMlhNMVhTMjg5WFYwWE4xMFhPMzI2WFcwWFAwWEwwWFUwWFQxWA== HTTP 302
http://tracking.3-0ccc2-ll.com/track/click.php?wcc=633c1c527709af144295130a0c9fb475&wchwcli=1135647&pp_subid=YOUR_SUBID&pp_custom1=YOUR_CLICKID&wcdest=&s1=&s2=2&s3=A1XC-1XR2XM1XS289XV0XN10XO326XW0XP0XL0XU0XT1X&s4=-1&s5=0 HTTP 302
https://www.clear-reports.com/track/click.php?wcc=633c1c527709af144295130a0c9fb475&wchwcli=1135647&pp_subid=YOUR_SUBID&pp_custom1=YOUR_CLICKID HTTP 302
https://www.rembrandtcasino.com/deep/player--register/mediaCode/textlink/affiliate/87644/wgti/302559172/wgtv/0/pci/302559172 HTTP 307
https://www.rembrandtcasino.com/en/deep/player--register/mediaCode/textlink/affiliate/87644/wgti/302559172/wgtv/0/pci/302559172 HTTP 302
https://www.rembrandtcasino.com/register HTTP 307
https://www.rembrandtcasino.com/en/register Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://track.adform.net/Serving/TrackPoint/?pm=2238486&ADFPageName=https%3A%2F%2Fwww.rembrandtcasino.com%7CGeneral%20%20%7CRetargeting%20RB%7CRetargeting%20RB&ADFdivider=%7C&ord=800330875271&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.rembrandtcasino.com%2Fen%2Fregister%23c19184LegIb35573nnzf4262Dxr1311dhuJ1518 HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2238486&ADFPageName=https%3A%2F%2Fwww.rembrandtcasino.com%7CGeneral%20%20%7CRetargeting%20RB%7CRetargeting%20RB&ADFdivider=%7C&ord=800330875271&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.rembrandtcasino.com%2Fen%2Fregister%23c19184LegIb35573nnzf4262Dxr1311dhuJ1518

Request Chain 43

https://sync.search.spotxchange.com/partner?adv_id=8380&img=1&uid=e405ebff-cbfa-4c1d-a04f-5c934146e865 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8380&img=1&uid=e405ebff-cbfa-4c1d-a04f-5c934146e865&__user_check__=1&sync_id=206bfece-d96f-11ec-a681-1c5660560406

Request Chain 44

https://ib.adnxs.com/setuid?entity=107&code=e405ebff-cbfa-4c1d-a04f-5c934146e865&seg=1433491 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D107%26code%3De405ebff-cbfa-4c1d-a04f-5c934146e865%26seg%3D1433491

Request Chain 46

https://ad.360yield.com/match?dsp_callback=1&publisher_dsp_id=69&gdpr=0&gdpr_consent=&external_user_id=e405ebff-cbfa-4c1d-a04f-5c934146e865 HTTP 302
https://ad.360yield.com/ul_cb/match?dsp_callback=1&publisher_dsp_id=69&gdpr=0&gdpr_consent=&external_user_id=e405ebff-cbfa-4c1d-a04f-5c934146e865

Request Chain 48

https://cm.g.doubleclick.net/pixel?google_nid=bt&google_ula=8233808&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_ula=8233808&google_cm=&google_tc= HTTP 302
https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESELSxQ56VLD4ZusypFuf7zqc&google_cver=1&google_ula=8233808,0

Request Chain 49

https://ad.sxp.smartclip.net/sync?type=host&dsp=44&dspuuid=e405ebff-cbfa-4c1d-a04f-5c934146e865 HTTP 302
https://ad.sxp.smartclip.net/sync?type=host&dsp=44&dspuuid=e405ebff-cbfa-4c1d-a04f-5c934146e865&ang_testid=1

Request Chain 76

https://ads.stickyadstv.com/user-registering?dataProviderId=191&userId=e405ebff-cbfa-4c1d-a04f-5c934146e865 HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=d4f320e286d5c2bdfe1a3d3d7a44ad1&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g098_7100367713873084819&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=

Request Chain 82

https://tb.de17a.com/api/getUid?data=%7B%7D&callback=$d7_cb_1 HTTP 307
https://tb.de17a.com/api/getUid;c?data=%7B%7D&callback=$d7_cb_1

93 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request register Show response
www.rembrandtcasino.com/en/
Redirect Chain

https://bit.ly/3NhWn4t
http://togomori.poix.osaka.jp/app/wrap/YXBwL3JlZGlyZWN0aW9uL3dyYXAucGhwP3RyYWNrPUExWEMtMVhSMlhNMVhTMjg5WFYwWE4xMFhPMzI2WFcwWFAwWEwwWFUwWFQxWA==
http://tracking.3-0ccc2-ll.com/track/click.php?wcc=633c1c527709af144295130a0c9fb475&wchwcli=1135647&pp_subid=YOUR_SUBID&pp_custom1=YOUR_CLICKID&wcdest=&s1=&s2=2&s3=A1XC-1XR2XM1XS289XV0XN10XO326XW0X...
https://www.clear-reports.com/track/click.php?wcc=633c1c527709af144295130a0c9fb475&wchwcli=1135647&pp_subid=YOUR_SUBID&pp_custom1=YOUR_CLICKID
https://www.rembrandtcasino.com/deep/player--register/mediaCode/textlink/affiliate/87644/wgti/302559172/wgtv/0/pci/302559172
https://www.rembrandtcasino.com/en/deep/player--register/mediaCode/textlink/affiliate/87644/wgti/302559172/wgtv/0/pci/302559172
https://www.rembrandtcasino.com/register
https://www.rembrandtcasino.com/en/register

38 KB
10 KB

320ms
319ms

Document
text/html

2606:4700:20::681a:5f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rembrandtcasino.com/en/register

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea7b9c169069c269c82d6d754694d64e8bdb8047d8da1bb406d2b4576b25e6e7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.biahosted.com https://.paymentiq.io https://*.safecharge.com
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 70f1cd2fbe6d3744-MXP
content-encoding: br
content-security-policy: frame-ancestors 'self' https://*.biahosted.com https://*.paymentiq.io https://*.safecharge.com
content-type: text/html; charset=UTF-8
date: Sun, 22 May 2022 01:33:03 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OO6ZymBl4%2BNZORxQdDjKNgn%2FSUyvuyQKcu4MlN0M%2FQmTl6yFtKaMQnr%2BuTmJz1tFEn1rv3mW%2B5l5ru%2FTqwvcBB%2FZ4Yg1f4fAIXHdGCMXKG4GLQz9xj3IlBsLUsheWRQeqscmuWzFOfonyuH4fID7EMOyfMUW"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=16070400; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-ua-compatible: IE=edge

Redirect headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 70f1cd2ecdba3744-MXP
content-security-policy: frame-ancestors 'self' https://*.biahosted.com https://*.paymentiq.io https://*.safecharge.com
content-type: text/html; charset=UTF-8
date: Sun, 22 May 2022 01:33:03 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: /en/register
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BRTD2%2FNCICrUH5HLuDUsOhbMCg%2B1RrjlrSW%2FMU7YRIvQyx0ke6sCJ4Idh%2FHqIJCJZruAVyIhsZvFeoF2yCFAPm4iQ73m8idbi75Ac51yvdNqIq2LBuELAhRj3xoF51VyHL2GzP1GaT%2B7fLUup9F3E%2B3augV3"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
x-ua-compatible: IE=edge

GET
H2 200 main.1652353489.css
www.rembrandtcasino.com/css/ 699 KB
120 KB 366ms
365ms Stylesheet
text/css 2606:4700:20::681a:5f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rembrandtcasino.com/css/main.1652353489.css

Requested by

Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/en/register

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6050573b169613adddb0a0fba54a03c4d501dd4a397b44ccce8080601d812410

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/en/register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 01:33:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 12 May 2022 11:04:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6b1e0AGP5JUi0hMAVdjm2AvjrvQRa0%2BdSeVQI3swW%2Bnui70NI1WW5sj0SaXyWKwRDB4uE1bPBw4ygx18d7mFDFqZroq7741Cd1%2F438fxpjBZ1Ajd4XG9gLEda1KyoRd4xoQf7Xsycz688jRREJbhyXezH4H2"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=16070400; includeSubDomains
cf-ray: 70f1cd31e8203744-MXP
expires: Sun, 22 May 2022 05:33:03 GMT

GET
H2 200 live-chat.png
s.rembrandtcasino.com/images/ 4 KB
4 KB 344ms
336ms Image
image/png 2606:4700:20::681a:5f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.rembrandtcasino.com/images/live-chat.png
Requested by: Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/en/register
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a46acd67d45747dd3d2e2d563f398050d191ec1c1aa772adacb8e90daf34d04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 01:33:03 GMT
cf-cache-status: MISS
last-modified: Thu, 30 Apr 2020 12:56:22 GMT
server: cloudflare
etag: "f49-5a481977e9ca7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JZK7CZ%2FBi54XFrSvrdG%2FPlyAc205sNZfL9BsnYu3uh1RniG64f0TD0cZmJAr%2FsyouYL77wcqzPGm66DEU4x4TF6YB8UiPkbUxXP8gsYXyWukNEiVqgLH%2BnL3bRYtlb5HfiuQ4SIWok6GbtzPQNMWRV%2BDCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 70f1cd3238593744-MXP
content-length: 3913
expires: Sun, 22 May 2022 05:33:03 GMT

GET
H2 200 logo.png
www.rembrandtcasino.com/assets/ 14 KB
14 KB 304ms
301ms Image
image/png 2606:4700:20::681a:5f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rembrandtcasino.com/assets/logo.png

Requested by

Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/en/register

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f220823c9f76b043d68ac64c0560b9812d5f60379dd982f979a52afbbf84393

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/en/register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 01:33:03 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=16070400; includeSubDomains
content-length: 13828
last-modified: Thu, 12 May 2022 11:04:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xjv2OkcoOGbzLODeQiXDx%2BFWqj%2FIOZla%2FONhhr1FqXzMK7QlHlkVQCkm%2BS2QvqzeGS9PQUAU%2BbXm5qOXQ36h%2BYrxAr5bQG4Nk5M5UrF6fFDh32KCRBUdIQ%2B1s5lKpLrTOsVIruKXj2L1WI7%2BPSJRyDksxbs8"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 70f1cd31e8213744-MXP
expires: Sun, 22 May 2022 05:33:03 GMT

GET
H2 200 REM-reg-book-of-death-318-147-de.png
s.rembrandtcasino.com/images/amkt/ 71 KB
71 KB 86ms
80ms Image
image/webp 2606:4700:20::681a:5f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.rembrandtcasino.com/images/amkt/REM-reg-book-of-death-318-147-de.png
Requested by: Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/en/register
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a45e06780a388e6a21e4f1cab845ce14b2181f12576d89123fa516cefd722330

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 01:33:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13451
cf-polished: origFmt=png, origSize=103466
last-modified: Thu, 14 Apr 2022 13:03:17 GMT
content-disposition: inline; filename="REM-reg-book-of-death-318-147-de.webp"
content-length: 72426
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "1942a-5dc9ceae3e1c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2cJpnxvsv3MZuWe3%2B2zOc9lVuxidQ7BRSfwR%2FK38q%2FXHbkeof6p3iwIqunwkyqOMbM%2BH9HNZOqSks%2FLse%2Fu9JKy1ponQ2CKA2tJ9QE1ZP9x5iowuT5Qxl2zPEjMehDu2O2Yk%2F7smPjs95%2Bm5Gd%2FYd0yM%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 70f1cd3238573744-MXP
expires: Sun, 22 May 2022 05:33:03 GMT

GET
H2 200 REM-reg-book-of-death-450x747-de.png
s.rembrandtcasino.com/images/amkt/ 395 KB
396 KB 111ms
104ms Image
image/webp 2606:4700:20::681a:5f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.rembrandtcasino.com/images/amkt/REM-reg-book-of-death-450x747-de.png
Requested by: Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/en/register
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9603b28d8747269c0490c2a826a198ddf405a9c4f4c3a5cc3e8a83e5336fca56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 01:33:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13451
cf-polished: origFmt=png, origSize=586124
last-modified: Thu, 14 Apr 2022 13:03:18 GMT
content-disposition: inline; filename="REM-reg-book-of-death-450x747-de.webp"
content-length: 404628
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "8f18c-5dc9ceafb51ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R5zzmaIlJmTYrx51FCJYjYMBpLTgCKQVp9q%2BOUYQxPvmzPVc0qcvk6KMN0jd6TNOhpv8lPliWCbNeBIEgGWb8KCabXjFM46Sh90BFcSNTsMy2eO1S1gSR7dzQo%2F7IY6Fjg6oIHDNqSY0bRFrVMAYqpjQvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 70f1cd32385a3744-MXP
expires: Sun, 22 May 2022 05:33:03 GMT

GET
H2 200 sticky-home.png
www.rembrandtcasino.com/assets/sticky-navigation/ 322 B
615 B 231ms
229ms Image
image/png 2606:4700:20::681a:5f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rembrandtcasino.com/assets/sticky-navigation/sticky-home.png

Requested by

Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/en/register

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec3269a0b093909eeb0012337a47ef00b014cf453526640d6de9ce7ce5484682

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/en/register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 01:33:03 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=16070400; includeSubDomains
content-length: 322
last-modified: Thu, 12 May 2022 11:04:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zhutXI4eTUL7oXETWwVh00EBKxyr6c9%2FT%2FW1j35XyFcOIbK0t%2BdOLyLGxRk6d075Ad7ekCQ5QnwlY1HDWzTW1UXGKWnwkQAsqRExN17JAaavxU2TfRQU6p7sbw2hHDv6qKkYzPTUY7VbsABN51IyGhNYdYG1"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 70f1cd31e8233744-MXP
expires: Sun, 22 May 2022 05:33:03 GMT

GET
H2 200 sticky-promotions.png
www.rembrandtcasino.com/assets/sticky-navigation/ 506 B
1 KB 218ms
216ms Image
image/png 2606:4700:20::681a:5f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rembrandtcasino.com/assets/sticky-navigation/sticky-promotions.png

Requested by

Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/en/register

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11fe0973f094bbcdee787d633f05588aabf87e5c88644d3999c877222c32c2d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/en/register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 01:33:03 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=16070400; includeSubDomains
content-length: 506
last-modified: Thu, 12 May 2022 11:04:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hj5AsfgpI9Y3fvvVEBnZKvO7udWGUDcg0R05lQ5%2FxD7OtBPBgSdVC%2Bt7hD0jJF53SH1xZ5QAHItrfzMTt426W4fUbkuhKpBR42YaGC19z9CsTcoLaSEjlvhXiYGtZfN9qqHQvZOVhfv%2FjMxbaIKIJNbb9YvO"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 70f1cd31e8243744-MXP
expires: Sun, 22 May 2022 05:33:03 GMT

GET
H2 200 sticky-search.png
www.rembrandtcasino.com/assets/sticky-navigation/ 439 B
736 B 238ms
236ms Image
image/png 2606:4700:20::681a:5f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rembrandtcasino.com/assets/sticky-navigation/sticky-search.png

Requested by

Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/en/register

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e2bfc562b5cdae70b2a43c28f09ee345599f4940e927f54cac4f79cfbfd3026

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/en/register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 01:33:03 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=16070400; includeSubDomains
content-length: 439
last-modified: Thu, 12 May 2022 11:04:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pkLynQYrKY7nkqKJRHGLg1eb%2Ff8QXxbqEtNfuUo7kaUf6lJAy1mtED6vVyw3c%2BMgLzuL893dcVE2SfztBj5SWL9veztO4P4%2BDnOuSGItUzSc6nJwdDwwSgZIS8vm%2F%2Brf7jSqfJNdhWATyo%2Fuilq2w1oaeTUv"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 70f1cd31e8253744-MXP
expires: Sun, 22 May 2022 05:33:03 GMT

GET
H2 200 sticky-support.png
www.rembrandtcasino.com/assets/sticky-navigation/ 108 B
424 B 230ms
229ms Image
image/png 2606:4700:20::681a:5f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rembrandtcasino.com/assets/sticky-navigation/sticky-support.png

Requested by

Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/en/register

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a943889fbb59caf5e073422b568e0b1a86404b9993fd6f075a4209bfc80b21ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/en/register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 01:33:03 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=16070400; includeSubDomains
content-length: 108
last-modified: Thu, 12 May 2022 11:04:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iefwEvgYjJBHYx%2BxNL%2FB0ZfprG7ZIOlRXJT95lar4hch8212Bg2YYPyPr9fCsrDqKWR%2Fg6K6uUO9YBAAKtlrWBNvP8HMvjMlzYdSUDM8r5gPQWYe6KZ0MBNQna3Sw5jBpxxcEqqpeNIj2AbOgaoMhs9xbEEj"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 70f1cd31e8273744-MXP
expires: Sun, 22 May 2022 05:33:03 GMT

GET
H2 200 sticky-account.png
www.rembrandtcasino.com/assets/sticky-navigation/ 195 B
494 B 301ms
300ms Image
image/png 2606:4700:20::681a:5f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rembrandtcasino.com/assets/sticky-navigation/sticky-account.png

Requested by

Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/en/register

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c972ddc1cb54b96c0df7ec714dae8c7ee86017d525b02a9341ddedf30dfaffe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/en/register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 01:33:03 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=16070400; includeSubDomains
content-length: 195
last-modified: Thu, 12 May 2022 11:04:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MivxrfI0KLiYp%2FtDDaTtT8AuiwRaA2t65iWY9k7lrOrj%2FFjv4QsquPhmwa8DW0IyQ%2F8z%2B30ZIWPZ8Xg5gGbAC2wy%2BtxDf%2BHr1z%2FeKEoK06jJrLXiIEgTA409k00QqcfO2cSgAMYS%2FXvauatPBTWOu5bVmW5K"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 70f1cd31e8293744-MXP
expires: Sun, 22 May 2022 05:33:03 GMT

GET
H2 200 mga-logo.png
www.rembrandtcasino.com/assets/ 4 KB
4 KB 302ms
301ms Image
image/png 2606:4700:20::681a:5f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rembrandtcasino.com/assets/mga-logo.png

Requested by

Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/en/register

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2631a9be2c6879f8134f18445146f9adbf7c852210b104a6ccd096cec063e5c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/en/register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 01:33:03 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=16070400; includeSubDomains
content-length: 4116
last-modified: Thu, 12 May 2022 11:04:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cbWjuog4vHQY1KhxJUf4qBKVonsbUX8h%2BmVa%2BWS5LjdFNLs9OrTZsnp7QTN1MF23RyF1BxGduVzX70iuHayV3FuTAQz%2BOu8RVG3oe%2FjKQfjhn3HVJdhJ%2F8N%2BT396MhaVxxWqmk88pah63yX9hMBsrD7ZByLO"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 70f1cd31e82a3744-MXP
expires: Sun, 22 May 2022 05:33:03 GMT

GET
H2 200 rem_telegram_c.png
www.rembrandtcasino.com/assets/telegram-qr-codes/ 45 KB
45 KB 330ms
329ms Image
image/png 2606:4700:20::681a:5f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rembrandtcasino.com/assets/telegram-qr-codes/rem_telegram_c.png

Requested by

Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/en/register

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

426e6c3e89bb2a4db8c060583e337c123e1f9378c6c3a932f54320f7723e4c14

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/en/register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 01:33:03 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=16070400; includeSubDomains
content-length: 46085
last-modified: Thu, 12 May 2022 11:04:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ye48E09DKOw9p9SVwmHpPbsExvOn1cq0kEoO41u%2FpciHGCplG1isZPzkBB93EBYnw0cpo1YbEZgRBrdg0E0NRPGYwl2Z36%2FdIkzmKrl6IfHergo31%2BIzPIQ1muTr%2Bz2ythkeX8%2FgmRB5yRcdheJ7kqeAuUat"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 70f1cd31e82c3744-MXP
expires: Sun, 22 May 2022 05:33:03 GMT

GET
H2 200 rocket-loader.min.js Show response
www.rembrandtcasino.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 33ms
32ms Script
application/javascript 2606:4700:20::681a:5f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rembrandtcasino.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/en/register

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/en/register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 01:33:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 May 2022 19:29:40 GMT
server: cloudflare
etag: W/"6283f7a4-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pv9e%2FLBEV5s1HorvRz2wdIwsn4hgf3IJoz6%2B25vVIY0LPagGQwuCb4KCuTTpANxtF4G4R3WYksyHQn8pRsBX3P%2BKgAboqYfPTTo1I2Bhlx2Bxq6IGjdFqw6Z%2Bv1TsnQenFgEUBSUNfrbzSg%2Fs4iWvtELhZxf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70f1cd31e82e3744-MXP
vary: Accept-Encoding
expires: Tue, 24 May 2022 01:33:03 GMT

GET
H2 200 trackpoint-sync.js Show response
s2.adform.net/banners/scripts/st/ 79 KB
29 KB 162ms
50ms Script
application/x-javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-sync.js
Requested by: Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 00c74e10067c6c1caf8fa816a7095f774ebe3ae486cb03617027eb971911a738

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 01:33:03 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 14:10:54 GMT
server: nginx
etag: W/"61f1566e-13dda"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 app.1652353448510.js Show response
www.rembrandtcasino.com/js/ 171 KB
48 KB 347ms
344ms Script
application/javascript 2606:4700:20::681a:5f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rembrandtcasino.com/js/app.1652353448510.js

Requested by

Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

521abcca6b54a45096f3f8e22d0f71b17f4d1add0fdeedb8240293bd072c9b9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/en/register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 01:33:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 12 May 2022 11:04:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c8AnMEbBP46Y1tMIFBZNB2zwW7Cc476%2B59F4StbYn0K3DwN%2FN4i%2BRRApcm292kMTzCXijsOAAVZ9HYYoYFyGapGJ7y9p73dz2GPj78uaU0RBZa4aPElDZupPwBcASksMgTiowU4BaAfTEMLRjSN9tt3EfiN%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=16070400; includeSubDomains
cf-ray: 70f1cd32687c3744-MXP
expires: Sun, 22 May 2022 05:33:03 GMT

GET
H2 200 vendor.1652353448510.js Show response
www.rembrandtcasino.com/js/ 372 KB
111 KB 392ms
388ms Script
application/javascript 2606:4700:20::681a:5f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rembrandtcasino.com/js/vendor.1652353448510.js

Requested by

Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6bbfa373040cc9524bf78266a4d3fd4320c34b218ff522322791fd813ce09de

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/en/register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 01:33:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 12 May 2022 11:04:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wjxephw8g1YqGVrdANQNP5xsLXKG64%2FFCG5nHks%2FkElNHUVdQmVJPJU%2BZYnmK%2BD%2Bxnb%2BpBddOUPZ59gAUfWq3GG1ggLBTI1AupgQxWXJ89uTwb1zOclw4%2B7pUUcWS6%2BYyJjYsvTsnm6lvojpsHMc2IY7cfPO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=16070400; includeSubDomains
cf-ray: 70f1cd3268803744-MXP
expires: Sun, 22 May 2022 05:33:03 GMT

GET
H2 200 cookiebar-latest.min.js Show response
cdn.jsdelivr.net/npm/cookie-bar/ 7 KB
3 KB 300ms
22ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookie-bar/cookiebar-latest.min.js?forceLang=en&theme=flying&tracking=1&thirdparty=1&always=1&hideDetailsBtn=1&showPolicyLink=1&privacyPage=%2Fprivacy

Requested by

Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d9e56ea137c84a417dfc43c2b05c93556ed6d01c7670c733d8cd74e9ff1c9be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 01:33:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 13870
x-jsd-version: 1.9.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19146-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"1bbd-yU/UFfPus6JR5XRBDSGjIs6rCTc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MfTZ1e3wQ1dWkPb%2Bn%2FQv%2BTgfB2Xg2X7OSQsdyPANCm5ntk8X44kEsGtUIf4nrHP47FHTY8lQbORermb9GFOmImzfi0SsJry%2BcdhXaj9GQPvm4DCUZxD3hMQFO%2FeTx2uqEY261B0sRL4UFCCq1ls%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 70f1cd341ccc0229-ZRH

GET
H2 200 api:client.js Show response
apis.google.com/js/ 14 KB
6 KB 57ms
14ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api:client.js

Requested by

Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f351bf72961f59f69d6b2f626da1fc76a4e0eef71258e55e259bf61c88eb3a6d

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5544
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Sun, 22 May 2022 01:33:03 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "bd7d21773a00baac"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 May 2022 01:33:03 GMT

GET
H/1.1 200
200 asx_track.min.js Show response
adsby.bidtheatre.com/js/ 7 KB
2 KB 93ms
36ms Script
application/javascript 174.138.107.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://adsby.bidtheatre.com/js/asx_track.min.js
Requested by: Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 174.138.107.223 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: 7464584122eea6d02b01347b8f092b8a627793bd3270d71e92ed7c5a6544822e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sun, 22 May 2022 01:33:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 May 2022 14:47:14 GMT
Server: Apache
ETag: W/"7091-1652194034000-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2419200
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=3000
Content-Length: 1946
Expires: Sun, 19 Jun 2022 01:33:03 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
967 B 296ms
255ms Script
text/javascript 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7eb0d21ad8b5f6db08f3b4ae96aa3e92a7923fe25b8da9cca40cecd9474725d7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 01:33:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 554
x-xss-protection: 1; mode=block
expires: Sun, 22 May 2022 01:33:03 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 50ms
24ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli:400,600,700,800|Raleway&display=swap

Requested by

Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/css/main.1652353489.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

96a110f30765f9038215cffb7b05a98721e7fe8ddbc574df547d0ee2aaa848e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 22 May 2022 01:33:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 22 May 2022 01:33:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 22 May 2022 01:33:04 GMT

GET
H2 200 rem-bg-login.png
www.rembrandtcasino.com/assets/soft-themes/ 3 MB
3 MB 313ms
312ms Image
image/png 2606:4700:20::681a:5f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rembrandtcasino.com/assets/soft-themes/rem-bg-login.png

Requested by

Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/en/register

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9373579b2838041a012f6ce7b4b171ef974b5a7a8b69fb651a48b4e515a87b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/en/register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 01:33:04 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=16070400; includeSubDomains
content-length: 2666431
last-modified: Thu, 12 May 2022 11:04:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KqQMda3cmDTNl%2F74s5v1xEg8JylAoiBNW2R25FWizQbFnN6b%2BTCDAkgYVtAGHHZ7q%2BwGWeUYbV%2BbwD19TGpy91Lmz%2FluSDkajxQEMtgvj4qLlGqz4yWnn%2B7%2FUwtfjM8QG4rlm%2F5EP9uhpqpdXMnOA8X2uBQC"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 70f1cd34ea173744-MXP
expires: Sun, 22 May 2022 05:33:04 GMT

GET
H2 200 sprites.1652353448510.png
www.rembrandtcasino.com/assets/ 470 KB
470 KB 310ms
309ms Image
image/png 2606:4700:20::681a:5f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rembrandtcasino.com/assets/sprites.1652353448510.png

Requested by

Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/css/main.1652353489.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8408d14f30a92b8d0672a068920017bf25920a13ffb0b60970f88d74491d3666

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/css/main.1652353489.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 01:33:04 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=16070400; includeSubDomains
content-length: 480792
last-modified: Thu, 12 May 2022 11:04:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RMNrOowA1zUoLTifSI6GahNmn6Fkmms3ehvt%2BHH4rfBMboEmdPL9lhSVrqJy0vJRNgHzBdKCOVcmdF8OlAHitXHY327PhTDHHwFg%2FYKQJ6Gz5QGvjlQRWIGKD%2BJPQFCfwprxGY8OlWURJ2GjkEGPnfca5T1q"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 70f1cd34ea183744-MXP
expires: Sun, 22 May 2022 05:33:04 GMT

GET
H2 200 open-sans-v17-latin-regular.woff2
www.rembrandtcasino.com/css/fonts/OpenSans/ 14 KB
14 KB 258ms
258ms Font
application/font-woff2 2606:4700:20::681a:5f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rembrandtcasino.com/css/fonts/OpenSans/open-sans-v17-latin-regular.woff2

Requested by

Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/css/main.1652353489.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rembrandtcasino.com/css/main.1652353489.css
Origin: https://www.rembrandtcasino.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 01:33:04 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=16070400; includeSubDomains
content-length: 14380
last-modified: Thu, 12 May 2022 11:04:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GqXZdxRZl8B4Ha4W%2BJE%2BXikjIl7ukpqBYfeiOlIZHnSfcOPzYfnncekdtwdQ7sH1%2F08AeovFAWf7NS%2FQ52Q5qpp8W5%2BOnxLJ2Ye5eT3iWF5Rjzbg%2Bm2qjySNkL73UtB%2BZSAXUAuFoglExASyVVT0bqMEXUcM"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 70f1cd34fa1c3744-MXP
expires: Sun, 22 May 2022 05:33:04 GMT

GET
H2 404 lb_banner_register_1.png
www.rembrandtcasino.com/assets/banners/ 196 B
196 B 84ms
83ms Image
text/html 2606:4700:20::681a:5f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rembrandtcasino.com/assets/banners/lb_banner_register_1.png

Requested by

Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/en/register

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/en/register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 01:33:04 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GxNSS6LHZRR9wmP6Ywa1Bjvm5rBpd4ZltexUn3NIEFuv4wbXGdBrdCNq%2BZDJu6CMHI8EntSaxLQuPq%2FD7H75Kmut1R9368vnJnFlrRxh7Agv%2Ffchkt30%2Btv7BSkhcod60tkR7KPXxI4DxJgHl6V622fEv9%2BO"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: public, max-age=14400
strict-transport-security: max-age=16070400; includeSubDomains
cf-ray: 70f1cd34fa1d3744-MXP
expires: Sun, 22 May 2022 05:33:04 GMT

GET
H2 200 responsible-gaming.png
www.rembrandtcasino.com/assets/ 4 KB
5 KB 84ms
83ms Image
image/png 2606:4700:20::681a:5f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rembrandtcasino.com/assets/responsible-gaming.png

Requested by

Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/css/main.1652353489.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71e0fe9ebdf88dbe8371969e59587596d8e498162628ebb4c44d5f9231567edc

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/css/main.1652353489.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 01:33:04 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=16070400; includeSubDomains
content-length: 4588
last-modified: Thu, 12 May 2022 11:04:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U0tW51ukjiHxc2uhLgYp1Pu7%2FKATdIVD4%2FuNCPYCzuo2VEUXPA1Lb7cz4SC2m8lzKowiSpeQw%2BX9BnT%2BALQLvh30nb5b73xs5cN5EMkzbiB%2FquTZzoqAlOUu%2BjK3Y8otM%2BVIAgu69oOvQZw3wTvXY9qnYCzr"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 70f1cd34fa213744-MXP
expires: Sun, 22 May 2022 05:33:04 GMT

GET
H2 200 fa-solid-900.woff2
www.rembrandtcasino.com/css/fonts/font-awesome/ 78 KB
79 KB 334ms
333ms Font
application/font-woff2 2606:4700:20::681a:5f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rembrandtcasino.com/css/fonts/font-awesome/fa-solid-900.woff2

Requested by

Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/css/main.1652353489.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rembrandtcasino.com/css/main.1652353489.css
Origin: https://www.rembrandtcasino.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 01:33:04 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=16070400; includeSubDomains
content-length: 80300
last-modified: Thu, 12 May 2022 11:04:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VOqblt6FKdEdWscAr31j%2BBKco7KaGedWAv%2FOs58jUS4gfEc4IFPH9mfj7f4K1pGSFc9TZwDbZcd0qxoUWDuJboSh5NqznccRG78iSBpd%2BmsjjnsAV2aD3K6QfznQJf%2BoIr5Ow0dU5QQ3k72%2FBVWsc%2FeqNvIa"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 70f1cd34fa223744-MXP
expires: Sun, 22 May 2022 05:33:04 GMT

GET
H2 200 open-sans-v17-latin-600.woff2
www.rembrandtcasino.com/css/fonts/OpenSans/ 15 KB
15 KB 267ms
266ms Font
application/font-woff2 2606:4700:20::681a:5f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rembrandtcasino.com/css/fonts/OpenSans/open-sans-v17-latin-600.woff2

Requested by

Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/css/main.1652353489.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rembrandtcasino.com/css/main.1652353489.css
Origin: https://www.rembrandtcasino.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 01:33:04 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=16070400; includeSubDomains
content-length: 14880
last-modified: Thu, 12 May 2022 11:04:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sUHjgP%2FFabkwuUjZx5O0WLEAM7Ehu5UbJ4VlOBLnOTH7VjiAQ8Ik4GcRgpi6IbOm33TL1SCUO%2BFqG24pj%2Bdm8WKiH%2Bt8MTQzPtv3fsTWu1YWWZM95P%2BMe1c1P68wquRCrK86RYNqr0%2B5X64pd7Sk2%2FbSk0Eq"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 70f1cd34fa253744-MXP
expires: Sun, 22 May 2022 05:33:04 GMT

GET
H2 200 open-sans-v17-latin-700.woff2
www.rembrandtcasino.com/css/fonts/OpenSans/ 15 KB
15 KB 267ms
264ms Font
application/font-woff2 2606:4700:20::681a:5f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rembrandtcasino.com/css/fonts/OpenSans/open-sans-v17-latin-700.woff2

Requested by

Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/css/main.1652353489.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rembrandtcasino.com/css/main.1652353489.css
Origin: https://www.rembrandtcasino.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 01:33:04 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=16070400; includeSubDomains
content-length: 15056
last-modified: Thu, 12 May 2022 11:04:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NrWAbNuc%2BS%2B3PHis%2BYjpacwYccxKmCNCb1hPS7PiLYU8bKW0L6SVyZd20VYQJjsxaSvM6nV%2B795MfD%2B%2FkD67zaDteEhnl%2FFurfQBZoS0dfKv%2BJU0JxdcMe90dlCaZ8yHEKF0dRoPZCuXsieidRUNHLFhdcHS"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 70f1cd350a293744-MXP
expires: Sun, 22 May 2022 05:33:04 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 179 KB
64 KB 66ms
28ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M8C5L3P

Requested by

Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/en/register

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

48e6c053da4d2c93d1ec11956e0c75df579b9960e3308f6f33c9e9d8fdba4725

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 01:33:04 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65362
x-xss-protection: 0
last-modified: Sun, 22 May 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 22 May 2022 01:33:04 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ 365 KB
145 KB 52ms
13ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

195fc406dbdbe81846387873a37f88b81514ddedd3877b59e1a4615e90b18173

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rembrandtcasino.com/
Origin: https://www.rembrandtcasino.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 22:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10011
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147703
x-xss-protection: 0
last-modified: Mon, 16 May 2022 04:03:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 May 2023 22:46:13 GMT

GET
H/1.1 200
200 checkpoint Show response
adsby.bidtheatre.com/ 4 KB
4 KB 41ms
41ms Script
text/javascript 174.138.107.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://adsby.bidtheatre.com/checkpoint?c=7487&rnd=440089785&output=javascript&ref=https%3A%2F%2Fwww.rembrandtcasino.com%2Fen%2Fregister%23c19184LegIb35573nnzf4262Dxr1311dhuJ1518
Requested by: Host: adsby.bidtheatre.com
URL: https://adsby.bidtheatre.com/js/asx_track.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 174.138.107.223 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: ba53449a1c5421c12fc2b497e8c57586e03caf6c9ecd50d36fb7f92b0ce635e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sun, 22 May 2022 01:33:04 GMT
Server: Apache
Connection: Keep-Alive
Content-Type: text/javascript;charset=ISO-8859-1
Keep-Alive: timeout=5, max=2999
Content-Length: 3672
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xpRpP2dSg9Q.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA/ 313 KB
106 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xpRpP2dSg9Q.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api:client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e5d4be918200081673a10df00301d8f01706f51d1947bf78e98e8b5bbea2f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 05:42:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 417054
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108245
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 15:20:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 May 2023 05:42:10 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 51ms
14ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/en/register

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 7098
date: Sat, 21 May 2022 23:34:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 22 May 2022 01:34:46 GMT

GET
H2 200 hotjar-1239133.js Show response
static.hotjar.com/c/ 5 KB
2 KB 344ms
53ms Script
application/javascript 108.157.4.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1239133.js?sv=6

Requested by

Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/en/register

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-113.dus51.r.cloudfront.net

Software

Resource Hash

fa5a5489957a94b6649299290401fe1f84e351d43f6a0d4d47862df3e4ff03f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 01:33:05 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: DUS51-P2
etag: W/02795dd5a88bf628cbe887e32a9a238f
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: jl0vzIiO8EChjGb_40V8MaDjPb4e_T3GssmIu7-sTSVpfwqEiXn6kQ==
via: 1.1 68ce2f06efd4c9639aadce9f9d7fb096.cloudfront.net (CloudFront)

GET
H2 200 sdk.js Show response
connect.facebook.net/en_DE/ 3 KB
2 KB 59ms
18ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_DE/sdk.js

Requested by

Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/js/app.1652353448510.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aad68dfebcb737dcbf21bf83039f6a773313731f8ac981e6c98b92927e35e8ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: gi1floCQ5rtqpb+l+wjD1A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: IDWmRgj+lKR3r7y6q/kTMfD1KHlFw7QjVP/+jioXIWgaBoANlNNHpImT2uNEf8VSJ0EHO1DukNu8XxMXO94f+w==
x-fb-trip-id: 917726464
x-fb-content-md5: e50350b06f46ed07b793db3d8f6451ea
x-frame-options: DENY
date: Sun, 22 May 2022 01:33:04 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "3b93d6522ced993a2ff2b821459a7193"
timing-allow-origin: *
priority: u=3,i
expires: Sun, 22 May 2022 01:41:07 GMT

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xpRpP2dSg9Q.O/m=auth2/exm=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA/ 62 B
154 B 20ms
19ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xpRpP2dSg9Q.O/m=auth2/exm=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api:client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27095d13a9c6e755cb20dc225c60d419aaea91a9ec240b842527daea5c98a3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 23:37:03 GMT
x-content-type-options: nosniff
age: 266161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 15:20:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 May 2023 23:37:03 GMT

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=2238486&ADFPageName=https%3A%2F%2Fwww.rembrandtcasino.com%7CGeneral%20%20%7CRetargeting%20RB%7CRetargeting%20RB&ADFdivider=%7C&ord=800330875271&Set1=...
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2238486&ADFPageName=https%3A%2F%2Fwww.rembrandtcasino.com%7CGeneral%20%20%7CRetargeting%20RB%7CRetargeting%20RB&ADFdivider=%7C&ord=800330875271&...

171 B
633 B

22ms
21ms

Script
text/javascript

37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2238486&ADFPageName=https%3A%2F%2Fwww.rembrandtcasino.com%7CGeneral%20%20%7CRetargeting%20RB%7CRetargeting%20RB&ADFdivider=%7C&ord=800330875271&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.rembrandtcasino.com%2Fen%2Fregister%23c19184LegIb35573nnzf4262Dxr1311dhuJ1518

Protocol

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566b050c3e11dfc2b5e888ee29f3648ebf2bcfa3def82d7146216b549b8094e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 01:33:05 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 226
expires: -1

Redirect headers

pragma: no-cache
date: Sun, 22 May 2022 01:33:05 GMT
server: nginx
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2238486&ADFPageName=https%3A%2F%2Fwww.rembrandtcasino.com%7CGeneral%20%20%7CRetargeting%20RB%7CRetargeting%20RB&ADFdivider=%7C&ord=800330875271&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.rembrandtcasino.com%2Fen%2Fregister%23c19184LegIb35573nnzf4262Dxr1311dhuJ1518
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET /
freegeoip.app/json/ 0
0

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame BDAA 280 B
1 KB 89ms
43ms Document
text/html 2a00:1450:4001:812::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xpRpP2dSg9Q.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

db4b1949fd52439521f3a85ea066277d58b58fc74f9ab1ffaf5c5ef6ed56516d

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-beSYoMj2-zMcnNo_iqL3kA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rembrandtcasino.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-beSYoMj2-zMcnNo_iqL3kA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Sun, 22 May 2022 01:33:04 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
200 asx_analytics.min.js Show response
adsby.bidtheatre.com/js/ 4 KB
2 KB 26ms
24ms Script
application/javascript 174.138.107.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://adsby.bidtheatre.com/js/asx_analytics.min.js?ver=A33923C452
Requested by: Host: adsby.bidtheatre.com
URL: https://adsby.bidtheatre.com/checkpoint?c=7487&rnd=440089785&output=javascript&ref=https%3A%2F%2Fwww.rembrandtcasino.com%2Fen%2Fregister%23c19184LegIb35573nnzf4262Dxr1311dhuJ1518
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 174.138.107.223 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: 5d7c59e9ad66d6b979cc94b727c5c07b1f746dd380bcddf62784b527a18bbb80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sun, 22 May 2022 01:33:04 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 May 2022 14:47:12 GMT
Server: Apache
ETag: W/"4296-1652194032000-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2419200
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=2998
Content-Length: 1690
Expires: Sun, 19 Jun 2022 01:33:04 GMT

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ 43 B
731 B 284ms
78ms Image
image/gif 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=191&userId=e405ebff-cbfa-4c1d-a04f-5c934146e865
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 22 May 2022 01:33:05 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1653183184704030-358
Expires: Sun, 22 May 2022 01:33:05 GMT

GET
H2 200 pixel
cm.adform.net/ 43 B
163 B 593ms
16ms Image
image/gif 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=18&adform_pc=e405ebff-cbfa-4c1d-a04f-5c934146e865
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 01:33:05 GMT
last-modified: Thu, 28 Jul 2016 13:28:52 GMT
server: nginx
accept-ranges: bytes
etag: "579a0894-2b"
content-length: 43
content-type: image/gif

GET
H/1.1

200

partner
sync.search.spotxchange.com/
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=8380&img=1&uid=e405ebff-cbfa-4c1d-a04f-5c934146e865
https://sync.search.spotxchange.com/partner?adv_id=8380&img=1&uid=e405ebff-cbfa-4c1d-a04f-5c934146e865&__user_check__=1&sync_id=206bfece-d96f-11ec-a681-1c5660560406

43 B
548 B

28ms
28ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=8380&img=1&uid=e405ebff-cbfa-4c1d-a04f-5c934146e865&__user_check__=1&sync_id=206bfece-d96f-11ec-a681-1c5660560406
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sun, 22 May 2022 01:33:06 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 88
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Sun, 22 May 2022 01:33:05 GMT
Server: nginx
Location: /partner?adv_id=8380&img=1&uid=e405ebff-cbfa-4c1d-a04f-5c934146e865&__user_check__=1&sync_id=206bfece-d96f-11ec-a681-1c5660560406
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 42
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://ib.adnxs.com/setuid?entity=107&code=e405ebff-cbfa-4c1d-a04f-5c934146e865&seg=1433491
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D107%26code%3De405ebff-cbfa-4c1d-a04f-5c934146e865%26seg%3D1433491

43 B
1 KB

18ms
17ms

Image
image/gif

185.33.221.88
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D107%26code%3De405ebff-cbfa-4c1d-a04f-5c934146e865%26seg%3D1433491

Protocol

HTTP/1.1

Server

185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 22 May 2022 01:33:05 GMT
X-Proxy-Origin: 217.64.151.31; 217.64.151.31; 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: f7e21bd5-acee-4bd5-81ca-394c67776f07
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 22 May 2022 01:33:04 GMT
X-Proxy-Origin: 217.64.151.31; 217.64.151.31; 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: cf0d298c-9c6a-4ba8-82fb-7a7a8c4066d0
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D107%26code%3De405ebff-cbfa-4c1d-a04f-5c934146e865%26seg%3D1433491
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ 0
239 B 62ms
19ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&put=e405ebff-cbfa-4c1d-a04f-5c934146e865
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

GET
H2

200

match
ad.360yield.com/ul_cb/
Redirect Chain

https://ad.360yield.com/match?dsp_callback=1&publisher_dsp_id=69&gdpr=0&gdpr_consent=&external_user_id=e405ebff-cbfa-4c1d-a04f-5c934146e865
https://ad.360yield.com/ul_cb/match?dsp_callback=1&publisher_dsp_id=69&gdpr=0&gdpr_consent=&external_user_id=e405ebff-cbfa-4c1d-a04f-5c934146e865

43 B
444 B

38ms
37ms

Image
image/gif

54.77.41.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?dsp_callback=1&publisher_dsp_id=69&gdpr=0&gdpr_consent=&external_user_id=e405ebff-cbfa-4c1d-a04f-5c934146e865
Protocol: H2
Server: 54.77.41.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-41-50.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 22 May 2022 01:33:05 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?dsp_callback=1&publisher_dsp_id=69&gdpr=0&gdpr_consent=&external_user_id=e405ebff-cbfa-4c1d-a04f-5c934146e865
date: Sun, 22 May 2022 01:33:05 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ 42 B
436 B 1063ms
479ms Image
image/gif 104.36.113.107
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MjAxNjA=&gdpr=0&gdpr_consent=&piggybackCookie=e405ebff-cbfa-4c1d-a04f-5c934146e865
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 01:33:04 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
200

adxcookie
match.adsby.bidtheatre.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=bt&google_ula=8233808&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_ula=8233808&google_cm=&google_tc=
https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESELSxQ56VLD4ZusypFuf7zqc&google_cver=1&google_ula=8233808,0

43 B
446 B

1011ms
46ms

Image
image/gif

159.65.197.210
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESELSxQ56VLD4ZusypFuf7zqc&google_cver=1&google_ula=8233808,0
Protocol: HTTP/1.1
Server: 159.65.197.210 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sun, 22 May 2022 01:33:06 GMT
Server: Apache
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=5, max=3000
Content-Length: 43
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

Redirect headers

pragma: no-cache
date: Sun, 22 May 2022 01:33:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESELSxQ56VLD4ZusypFuf7zqc&google_cver=1&google_ula=8233808,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 331
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sync
ad.sxp.smartclip.net/
Redirect Chain

https://ad.sxp.smartclip.net/sync?type=host&dsp=44&dspuuid=e405ebff-cbfa-4c1d-a04f-5c934146e865
https://ad.sxp.smartclip.net/sync?type=host&dsp=44&dspuuid=e405ebff-cbfa-4c1d-a04f-5c934146e865&ang_testid=1

42 B
60 B

34ms
10ms

Image
image/gif

35.186.194.101
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.sxp.smartclip.net/sync?type=host&dsp=44&dspuuid=e405ebff-cbfa-4c1d-a04f-5c934146e865&ang_testid=1
Protocol: H3
Server: 35.186.194.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 101.194.186.35.bc.googleusercontent.com
Software: openresty/1.19.9.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 01:33:05 GMT
via: 1.1 google
server: openresty/1.19.9.1
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Sun, 22 May 2022 01:33:05 GMT
via: 1.1 google
server: openresty/1.19.9.1
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.sxp.smartclip.net/sync?type=host&dsp=44&dspuuid=e405ebff-cbfa-4c1d-a04f-5c934146e865&ang_testid=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 52ms
13ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=310074302&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rembrandtcasino.com%2Fen%2Fregister&ul=en-us&de=UTF-8&dt=Register%20with%20Rembrandt%20Casino%20%7C%20Probably%20the%20Best%20Casino%20in%20the%20World&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=60859731&gjid=1714004975&cid=2069217933.1653183185&tid=UA-82757551-1&_gid=907865319.1653183185&_r=1&_slc=1&z=840330873

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rembrandtcasino.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 22 May 2022 01:33:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rembrandtcasino.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 292 KB
83 KB 24ms
11ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=7fc541524fb2bd15813230798054bc27

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_DE/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4a1d4e378d5efa21cdc116ebcea7a4cc4594c46e3d011a94b798e98d8aaefea0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.rembrandtcasino.com/
Origin: https://www.rembrandtcasino.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 0PxfkLFAZsAcEbiqR+E2mA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85318
x-fb-rlafr: 0
x-fb-debug: AWADDI/34gbmBBU5JZ7dMTsIRI1mGLT6W+ZsX0XnwsYDs0h8oSKSVcFWlg+RSfsbKCV09p7toIooIaKEg8iVsw==
x-fb-content-md5: d81dfdc8141e8f6ffe79bbb7f933911e
x-frame-options: DENY
date: Sun, 22 May 2022 01:33:05 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "4867b36006eb4fdaafb746c783c9afef"
timing-allow-origin: *
priority: u=3,i
expires: Sun, 21 May 2023 18:04:09 GMT

GET
H3 200 cookiebar-flying.min.css
cdn.jsdelivr.net/npm/cookie-bar/themes/ 5 KB
2 KB 57ms
39ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookie-bar/themes/cookiebar-flying.min.css

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cookie-bar/cookiebar-latest.min.js?forceLang=en&theme=flying&tracking=1&thirdparty=1&always=1&hideDetailsBtn=1&showPolicyLink=1&privacyPage=%2Fprivacy

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d07d1c56b4d065242ead4e55abc7ffca25bf17aafb4ef9353883a93af18065ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 01:33:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 12958
x-jsd-version: 1.9.1
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19164-FRA, cache-itm18842-ITM
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"14b8-cZ+WTMLcka+c9Yi43BiRw9i4PwY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LLdsjUp2Gb3vhiTgYCv3wBLe8E%2BztQX4YC0DVi%2BpxmNHp3JI0JddpVsxWL3NmbHnWkU0qX%2B448X5PFkii0deBWD0q0UxHhExT1MUbLvuShVh25C1MXKDTWMa1%2B4PHm3ZTJ7wOj6Z%2BB0XqXCWrt8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 70f1cd3a6f9bcc56-ZRH

GET
H3 200 en.html Show response
cdn.jsdelivr.net/npm/cookie-bar/lang/ 5 KB
2 KB 84ms
63ms XHR
text/plain 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookie-bar/lang/en.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

796341bf23b26561aebab277e231d76afe0f2bd51c5c078011e853ca7f447bd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 01:33:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 17490
x-jsd-version: 1.9.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19162-FRA, cache-iad-kiad7000122-IAD
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"12cc-s+ZEy7AIoPkyEP8LD46kFueKHnU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TUKivpOLUK8OZ7WZMFEqU2UjFUAeOnI1yLcaZTRfBPK6P4BL7g5eTGDO2BLnlEvDXGVxpECwY3erI%2FLrq8MfC0Lq7vim5l9fciiHrunu4aktfwgNSt4IS35n8EmyXgzhB2lzOKSw9Inn2FXU2Go%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 70f1cd3a7e950200-ZRH
access-control-expose-headers: *

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
448 B 78ms
19ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-82757551-1&cid=2069217933.1653183185&jid=60859731&gjid=1714004975&_gid=907865319.1653183185&_u=IEBAAEAAAAAAAC~&z=831938472

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rembrandtcasino.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 22 May 2022 01:33:05 GMT
content-type: text/plain
access-control-allow-origin: https://www.rembrandtcasino.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 25ms
24ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=310074302&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.rembrandtcasino.com%2Fen%2Fregister&ul=en-us&de=UTF-8&dt=Register%20with%20Rembrandt%20Casino%20%7C%20Probably%20the%20Best%20Casino%20in%20the%20World&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Affiliate%20Tracking&ea=Open&el=87644&_u=aEDAAEABAAAAAC~&jid=867626404&gjid=986201888&cid=2069217933.1653183185&tid=UA-82757551-1&_gid=907865319.1653183185&_r=1&gtm=2wg5b0M8C5L3P&cd1=87644&cd3=textlink&z=1944163185

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rembrandtcasino.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 22 May 2022 01:33:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rembrandtcasino.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M8C5L3P

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 7099
date: Sat, 21 May 2022 23:34:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 22 May 2022 01:34:46 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 580ms
114ms Script
application/javascript 2a02:26f0:7100:1b6::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M8C5L3P
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b6::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
x-cdn: akamai
etag: "c4a0eea377c5e0da574e46f4d6e838e5"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1142
access-control-expose-headers: X-CDN

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 25ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/en/register

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

acbe6770b0fc8b621a9d4f7068b241fb403fe999ea33270931ee59ec4cfdf3f1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26310
x-xss-protection: 0
pragma: public
x-fb-debug: FhU81tIZp1PWsGA1kWwV1gOSQttEQk8TBebUi5JdIG9yLHtgpkFU+aFjUy9DvEQKy+rojFQJi8aWIhL0YXITNA==
x-frame-options: DENY
date: Sun, 22 May 2022 01:33:05 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 400 cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame BDAA 2 KB
849 B 56ms
35ms Other
text/html 2a00:1450:4001:812::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/_/IdpIFrameHttp/cspreport

Requested by

Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/en/register

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bbbcb5e3cdb9ebbb72bd418ed3842e4dbedf367e713aea040c5eeb4a5549990d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Sun, 22 May 2022 01:33:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 d7.js Show response
tb.de17a.com/ 17 KB
6 KB 611ms
64ms Script
application/javascript 213.155.156.188
TWELVE99 Arelion

General

Check archive.org

Show headers Download Go to

Full URL: https://tb.de17a.com/d7.js
Requested by: Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/en/register
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.155.156.188 Uppsala, Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS: 213-155-156-188.teliacarrier-cust.com
Software: nginx/1.10.1 /
Resource Hash: 3b8f4615e5a2eecbfda28f9702594512c8e764684693909d306bfc565238ad80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 01:33:05 GMT
content-encoding: gzip
last-modified: Wed, 12 Jan 2022 13:33:25 GMT
server: nginx/1.10.1
etag: W/"GkJKjCWDWj8GkJL8Gv9XV8--gzip"
vary: Accept-Encoding, User-Agent
p3p: CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"
cache-control: must-revalidate, private
content-type: application/javascript
content-length: 6185

GET
H/1.1 200
200 asx_track.min.js Show response
adsby.bidtheatre.com/js/ 7 KB
2 KB 50ms
49ms Script
application/javascript 174.138.107.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://adsby.bidtheatre.com/js/asx_track.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M8C5L3P
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 174.138.107.223 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: 7464584122eea6d02b01347b8f092b8a627793bd3270d71e92ed7c5a6544822e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sun, 22 May 2022 01:33:05 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 May 2022 14:47:14 GMT
Server: Apache
ETag: W/"7091-1652194034000-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2419200
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=2997
Content-Length: 1946
Expires: Sun, 19 Jun 2022 01:33:05 GMT

GET
H3 200 m=base Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.mmF5B-l2h6k.es5.O/d=1/rs=AOaEmlGeWQi5oXLxSOqUwyKxDq1926Z6kQ/ Frame BDAA 98 KB
34 KB 24ms
8ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.mmF5B-l2h6k.es5.O/d=1/rs=AOaEmlGeWQi5oXLxSOqUwyKxDq1926Z6kQ/m=base

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be91c77116db3a39863c8e37be23d9e2ca9c56fe890b7c597bf5a5fc99655d79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 04:46:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 420378
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34416
x-xss-protection: 0
last-modified: Fri, 13 May 2022 23:40:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 May 2023 04:46:47 GMT

GET
H/1.1 200
200 advanalytics Show response
adsby.bidtheatre.com/ 0
272 B 255ms
255ms Script
text/javascript 174.138.107.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://adsby.bidtheatre.com/advanalytics?s=e9c68b709264a24eb7bf9677ce7ae141&c=7487&cl=0&rnd=123618386
Requested by: Host: adsby.bidtheatre.com
URL: https://adsby.bidtheatre.com/js/asx_analytics.min.js?ver=A33923C452
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 174.138.107.223 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sun, 22 May 2022 01:33:05 GMT
Server: Apache
Connection: Keep-Alive
Content-Type: text/javascript
Keep-Alive: timeout=5, max=2996
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 20ms
19ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-82757551-1&cid=2069217933.1653183185&jid=867626404&gjid=986201888&_gid=907865319.1653183185&_u=aEDAAEABAAAAAC~&z=1820476875

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rembrandtcasino.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 22 May 2022 01:33:05 GMT
content-type: text/plain
access-control-allow-origin: https://www.rembrandtcasino.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 123ms
97ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-82757551-1&cid=2069217933.1653183185&jid=60859731&_u=IEBAAEAAAAAAAC~&z=2126415697

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 01:33:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 58ms
20ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-82757551-1&cid=2069217933.1653183185&jid=60859731&_u=IEBAAEAAAAAAAC~&z=2126415697

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 01:33:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 730010297732901 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 335ms
335ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/730010297732901?v=2.9.60&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0f76f40b2b911574c17c57bdf85e35dd1e232ba7065371c6f97fb59fb6f47f8f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: EUGuJpfYYvKYEYcJeFCE5OpLr+5+mTACFrKE2KojHZo054LyJPy0j0gZaDnJG/BIFKbl2x0Lw61ZQMSJlu7EsQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 22 May 2022 01:33:05 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1653183185425
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 48ms
37ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-82757551-1&cid=2069217933.1653183185&jid=867626404&_u=aEDAAEABAAAAAC~&z=136118717

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 01:33:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 215ms
26ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-82757551-1&cid=2069217933.1653183185&jid=867626404&_u=aEDAAEABAAAAAC~&z=136118717

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 01:33:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame BDAA 49 B
96 B 62ms
62ms XHR
application/json 2a00:1450:4001:812::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fwww.rembrandtcasino.com&client_id=402038084873-1o1s8472q3kq9tg19ijltmltoh87tpuk.apps.googleusercontent.com

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.mmF5B-l2h6k.es5.O/d=1/rs=AOaEmlGeWQi5oXLxSOqUwyKxDq1926Z6kQ/m=base

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-SMPVie8JQriY4d0Es0VIvw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
X-Requested-With: XmlHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 01:33:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-embedder-policy: require-corp
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: same-site
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
cross-origin-opener-policy: same-origin; report-to="IdpIFrameHttp"
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"IdpIFrameHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/IdpIFrameHttp/external"}]}
content-type: application/json; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-SMPVie8JQriY4d0Es0VIvw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
expires: Sun, 22 May 2022 01:33:05 GMT

GET
H2 200 modules.f31ba00513b7ef8234d1.js Show response
script.hotjar.com/ 243 KB
63 KB 229ms
40ms Script
application/javascript 108.157.4.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.f31ba00513b7ef8234d1.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1239133.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-45.dus51.r.cloudfront.net

Software

Resource Hash

5475ef880793a875564088fea38154cee107eede5a2af036f3774a3dec5e48e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 16:09:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 120238
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 63712
access-control-allow-origin: *
last-modified: Fri, 20 May 2022 16:08:12 GMT
etag: "bb85a92d3aefdabfa0ed466815889fc6"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 191dcfd852a6f06df8cf0ecc80b99d1c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: eHqkqweY-Yjb4ikPdFUHMXRQim-40cSXRrL9N-CErYtwtdIrFArcBw==

GET
H/1.1 200
200 checkpoint Show response
adsby.bidtheatre.com/ 4 KB
4 KB 188ms
32ms Script
text/javascript 174.138.107.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://adsby.bidtheatre.com/checkpoint?c=7061&rnd=685651287&output=javascript&ref=https%3A%2F%2Fwww.rembrandtcasino.com%2Fen%2Fregister%23c19184LegIb35573nnzf4262Dxr1311dhuJ1518
Requested by: Host: adsby.bidtheatre.com
URL: https://adsby.bidtheatre.com/js/asx_track.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 174.138.107.223 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: 91cbffcf7ee739854da20b07415a99aaa070896be6ed2c0c479445db8ac10e3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sun, 22 May 2022 01:33:05 GMT
Server: Apache
Connection: Keep-Alive
Content-Type: text/javascript;charset=ISO-8859-1
Keep-Alive: timeout=5, max=2995
Content-Length: 3672
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2 200 mp.min.js Show response
static.trafficjunky.com/js/ 10 KB
4 KB 77ms
21ms Script
application/javascript 205.185.208.79
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://static.trafficjunky.com/js/mp.min.js
Requested by: Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/en/register
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.208.79 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: vip079.ssl.hwcdn.net
Software: /
Resource Hash: ddddeb6d56c1ab493971fcce9f231318ab1c73a613b5eb53549cfa89dd4b1632

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 01:33:05 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 17:15:27 GMT
etag: "1652721327"
x-hw: 1653183185.dop010.lo4.t,1653183185.cds264.lo4.hn,1653183185.cds280.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3628

GET
H2 200 box-4924254a9ce4dc9b959b6e4a9b662d60.html Show response
vars.hotjar.com/ Frame DBEF 2 KB
1 KB 36ms
8ms Document
text/html 143.204.215.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-4924254a9ce4dc9b959b6e4a9b662d60.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1239133.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-65.fra53.r.cloudfront.net
Software: /
Resource Hash: 67f8c7fd7353ad063da1f3115924c458c494cb134f4d87de4407a132842c9bc9

Request headers

Referer: https://www.rembrandtcasino.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3336239
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 13 Apr 2022 10:49:06 GMT
etag: "1635635016e428baa170305e9282c34a"
last-modified: Wed, 13 Apr 2022 10:48:29 GMT
vary: Accept-Encoding
via: 1.1 c90147ea5199ff7ce77981c8da4247c4.cloudfront.net (CloudFront)
x-amz-cf-id: 3mSektoNHEfBnpgLCRCAZfD5cohH4PEgVm5kkIS8SVQU5RLB3TU5wA==
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 68ms
39ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=730010297732901&ev=PageView&dl=https%3A%2F%2Fwww.rembrandtcasino.com%2Fen%2Fregister%23c19184LegIb35573nnzf4262Dxr1311dhuJ1518&rl=&if=false&ts=1653183185461&sw=1600&sh=1200&v=2.9.60&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1653183185455.104021499&it=1653183185090&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 01:33:05 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Sun, 22 May 2022 01:33:05 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://ads.stickyadstv.com/user-registering?dataProviderId=191&userId=e405ebff-cbfa-4c1d-a04f-5c934146e865
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=d4f320e286d5c2bdfe1a3d3d7a44ad1&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g098_7100367713873084819&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=

70 B
265 B

366ms
38ms

Image
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Protocol: H2
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 01:33:06 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma: no-cache
Date: Sun, 22 May 2022 01:33:06 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1653183186011000-524
Expires: Sun, 22 May 2022 01:33:06 GMT

GET
H/1.1 200
OK setuid
ib.adnxs.com/ 43 B
1 KB 21ms
20ms Image
image/gif 185.33.221.88
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=107&code=e405ebff-cbfa-4c1d-a04f-5c934146e865&seg=1433491

Requested by

Host: adsby.bidtheatre.com
URL: https://adsby.bidtheatre.com/checkpoint?c=7061&rnd=685651287&output=javascript&ref=https%3A%2F%2Fwww.rembrandtcasino.com%2Fen%2Fregister%23c19184LegIb35573nnzf4262Dxr1311dhuJ1518

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 22 May 2022 01:33:05 GMT
X-Proxy-Origin: 217.64.151.31; 217.64.151.31; 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 36e352b3-9b6d-45fe-b7df-cc6d22154320
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 match
ad.360yield.com/ 43 B
443 B 33ms
30ms Image
image/gif 54.77.41.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?dsp_callback=1&publisher_dsp_id=69&gdpr=0&gdpr_consent=&external_user_id=e405ebff-cbfa-4c1d-a04f-5c934146e865
Requested by: Host: adsby.bidtheatre.com
URL: https://adsby.bidtheatre.com/checkpoint?c=7061&rnd=685651287&output=javascript&ref=https%3A%2F%2Fwww.rembrandtcasino.com%2Fen%2Fregister%23c19184LegIb35573nnzf4262Dxr1311dhuJ1518
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.41.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-41-50.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 22 May 2022 01:33:05 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3 200 sync
ad.sxp.smartclip.net/ 42 B
60 B 13ms
10ms Image
image/gif 35.186.194.101
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.sxp.smartclip.net/sync?type=host&dsp=44&dspuuid=e405ebff-cbfa-4c1d-a04f-5c934146e865
Requested by: Host: adsby.bidtheatre.com
URL: https://adsby.bidtheatre.com/checkpoint?c=7061&rnd=685651287&output=javascript&ref=https%3A%2F%2Fwww.rembrandtcasino.com%2Fen%2Fregister%23c19184LegIb35573nnzf4262Dxr1311dhuJ1518
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 101.194.186.35.bc.googleusercontent.com
Software: openresty/1.19.9.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 01:33:05 GMT
via: 1.1 google
server: openresty/1.19.9.1
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ 0
239 B 23ms
23ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&put=e405ebff-cbfa-4c1d-a04f-5c934146e865
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

GET
H2 200 main.32155010.js Show response
s.pinimg.com/ct/lib/ 52 KB
18 KB 106ms
105ms Script
application/javascript 2a02:26f0:7100:1b6::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.32155010.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b6::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: gzip
x-cdn: akamai
etag: "fd86de14455274a7c147dc95b77e18e3"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18298
access-control-expose-headers: X-CDN

GET
H2

200

getUid;c Show response
tb.de17a.com/api/ Frame 552E
Redirect Chain

https://tb.de17a.com/api/getUid?data=%7B%7D&callback=$d7_cb_1
https://tb.de17a.com/api/getUid;c?data=%7B%7D&callback=$d7_cb_1

61 B
205 B

337ms
337ms

Script
application/json

213.155.156.188
TWELVE99 Arelion

General

Check archive.org

Show headers Download Go to

Full URL: https://tb.de17a.com/api/getUid;c?data=%7B%7D&callback=$d7_cb_1
Protocol: H2
Server: 213.155.156.188 Uppsala, Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS: 213-155-156-188.teliacarrier-cust.com
Software: nginx/1.10.1 /
Resource Hash: e822f9af15d2332373789564b938b617fb26895dd58ef88d0093c9876f5351f0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 01:33:06 GMT
server: nginx/1.10.1
content-type: application/json
content-length: 61
p3p: CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"

Redirect headers

location: https://tb.de17a.com/api/getUid;c?data=%7B%7D&callback=$d7_cb_1
date: Sun, 22 May 2022 01:33:05 GMT
server: nginx/1.10.1
content-length: 0
p3p: CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"

GET
H2 200 / Show response
ct.pinterest.com/user/ 488 B
838 B 1280ms
38ms XHR
application/json 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2613030039972&pd=%7B%22np%22%3A%22gtm%22%2C%22gtm_aem_configs%22%3A%5B%22em%22%5D%2C%22md_frequency%22%3A1%7D&cb=1653183185768

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.32155010.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

540548b12b5a362a5fa54de526a5870cc89ef6f431387c20cd25e82b4f6cd9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 01:33:07 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: akamai
akamai-grn: 0.906656b8.1653183187.29116be6
x-envoy-upstream-service-time: 1
x-pinterest-rid: 3134406870229046
pin-unauth: dWlkPU1HRmpOMk0xWkRVdE1qVmxPUzAwTm1aakxXRTBOVE10WVRFeFptSmtNalkyWWpVeg
access-control-allow-origin: https://www.rembrandtcasino.com
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: application/json; charset=utf-8
pragma: no-cache
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
content-length: 350
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
334 B 1278ms
38ms Image
image/gif 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613030039972&pd=%7B%22np%22%3A%22gtm%22%2C%22gtm_aem_configs%22%3A%5B%22em%22%5D%2C%22md_frequency%22%3A1%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.rembrandtcasino.com%2Fen%2Fregister%23c19184LegIb35573nnzf4262Dxr1311dhuJ1518%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1653183185769

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 01:33:07 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.906656b8.1653183187.29116be8
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 1127561255298704
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 62ms
29ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=730010297732901&ev=Microdata&dl=https%3A%2F%2Fwww.rembrandtcasino.com%2Fen%2Fregister%23c19184LegIb35573nnzf4262Dxr1311dhuJ1518&rl=&if=false&ts=1653183185964&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Register%20with%20Rembrandt%20Casino%20%7C%20Probably%20the%20Best%20Casino%20in%20the%20World%22%2C%22meta%3Adescription%22%3A%22Rembrandt%20Casino%20Offers%20a%20Welcome%20Bonus%20of%20100%25%20up%20to%20%E2%82%AC200.%20Weekly%20Promotions%2C%20Casino%20Bonuses%20%26%20Free%20Spins%20Inside.%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22RembrandtCasino%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.rembrandtcasino.com%2Fen%2F%22%2C%22og%3Atitle%22%3A%22Rembrandt%20Casino%20%7C%20Probably%20the%20Best%20Casino%20in%20the%20World%22%2C%22og%3Adescription%22%3A%22Rembrandt%20has%20the%20sheer%20excellence%20of%20Online%20Casino%20and%20Video%20Slots.%20Welcome%20Bonus%20of%20100%25%20up%20to%20%E2%82%AC200%20to%20enjoy%20on%20Slots%20or%20Live%20Casino.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.rembrandtcasino.com%2Fassets%2Fmain%2Fbrand-logo.jpg%22%2C%22og%3Aimage%3Awidth%22%3A%22300%22%2C%22og%3Aimage%3Aheight%22%3A%22300%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.60&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1653183185455.104021499&it=1653183185090&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 01:33:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Sun, 22 May 2022 01:33:06 GMT

GET
H/1.1 200
200 advanalytics Show response
adsby.bidtheatre.com/ 0
272 B 20ms
20ms Script
text/javascript 174.138.107.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://adsby.bidtheatre.com/advanalytics?s=5aaa84fef99e745e74281046f76802d0&c=7061&cl=0&rnd=398354423
Requested by: Host: adsby.bidtheatre.com
URL: https://adsby.bidtheatre.com/js/asx_analytics.min.js?ver=A33923C452
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 174.138.107.223 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sun, 22 May 2022 01:33:06 GMT
Server: Apache
Connection: Keep-Alive
Content-Type: text/javascript
Keep-Alive: timeout=5, max=2994
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2 200 pageView Show response
tb.de17a.com/api/ Frame 81DE 2 KB
2 KB 33ms
33ms Script
application/json 213.155.156.188
TWELVE99 Arelion

General

Check archive.org

Show headers Download Go to

Full URL: https://tb.de17a.com/api/pageView?data=%7B%22action%22%3A%22pageView%22%2C%22pageId%22%3A%22YOUR_PAGE_ID%22%2C%22url%22%3A%22https%3A%2F%2Fwww.rembrandtcasino.com%2Fen%2Fregister%23c19184LegIb35573nnzf4262Dxr1311dhuJ1518%22%2C%22title%22%3A%22Register%20with%20Rembrandt%20Casino%20%7C%20Probably%20the%20Best%20Casino%20in%20the%20World%22%2C%22trackingAccountId%22%3A%2217728%22%2C%22referrer%22%3A%22%22%7D&callback=$d7_cb_2
Requested by: Host: tb.de17a.com
URL: https://tb.de17a.com/d7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.155.156.188 Uppsala, Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS: 213-155-156-188.teliacarrier-cust.com
Software: nginx/1.10.1 /
Resource Hash: e172e8bc74234d26c46869078b4a9a0a5396218b0d0db9fdbd6ea4cfe1f4ac68

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 01:33:06 GMT
server: nginx/1.10.1
content-type: application/json
content-length: 1969
p3p: CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"

GET
H/1.1 200
200 advanalytics Show response
adsby.bidtheatre.com/ 0
272 B 30ms
30ms Script
text/javascript 174.138.107.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://adsby.bidtheatre.com/advanalytics?s=e9c68b709264a24eb7bf9677ce7ae141&c=7487&cl=0&rnd=223233735
Requested by: Host: adsby.bidtheatre.com
URL: https://adsby.bidtheatre.com/js/asx_analytics.min.js?ver=A33923C452
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 174.138.107.223 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sun, 22 May 2022 01:33:07 GMT
Server: Apache
Connection: Keep-Alive
Content-Type: text/javascript
Keep-Alive: timeout=5, max=2993
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H/1.1 200
200 advanalytics Show response
adsby.bidtheatre.com/ 0
272 B 42ms
41ms Script
text/javascript 174.138.107.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://adsby.bidtheatre.com/advanalytics?s=5aaa84fef99e745e74281046f76802d0&c=7061&cl=0&rnd=112504029
Requested by: Host: adsby.bidtheatre.com
URL: https://adsby.bidtheatre.com/js/asx_analytics.min.js?ver=A33923C452
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 174.138.107.223 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sun, 22 May 2022 01:33:08 GMT
Server: Apache
Connection: Keep-Alive
Content-Type: text/javascript
Keep-Alive: timeout=5, max=2992
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H/1.1 200
200 advanalytics Show response
adsby.bidtheatre.com/ 0
272 B 20ms
20ms Script
text/javascript 174.138.107.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://adsby.bidtheatre.com/advanalytics?s=e9c68b709264a24eb7bf9677ce7ae141&c=7487&cl=0&rnd=100559739
Requested by: Host: adsby.bidtheatre.com
URL: https://adsby.bidtheatre.com/js/asx_analytics.min.js?ver=A33923C452
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 174.138.107.223 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sun, 22 May 2022 01:33:09 GMT
Server: Apache
Connection: Keep-Alive
Content-Type: text/javascript
Keep-Alive: timeout=5, max=2991
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H/1.1 200
200 advanalytics Show response
adsby.bidtheatre.com/ 0
272 B 26ms
26ms Script
text/javascript 174.138.107.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://adsby.bidtheatre.com/advanalytics?s=5aaa84fef99e745e74281046f76802d0&c=7061&cl=0&rnd=311518536
Requested by: Host: adsby.bidtheatre.com
URL: https://adsby.bidtheatre.com/js/asx_analytics.min.js?ver=A33923C452
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 174.138.107.223 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rembrandtcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sun, 22 May 2022 01:33:10 GMT
Server: Apache
Connection: Keep-Alive
Content-Type: text/javascript
Keep-Alive: timeout=5, max=2990
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: freegeoip.app
URL: https://freegeoip.app/json/

Verdicts & Comments Add Verdict or Comment

288 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

50 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bit.ly/	1970-01-20 07:32:15	Name: _bit Value: m4m1wX-2271595ebfb61ca912-00k
www.clear-reports.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 2q7d50952dfs7mlm8gati28kv7
www.clear-reports.com/	1970-01-20 05:22:39	Name: cr_kpiu_w_13940_d27438bfc7876e77f3455619e9726321 Value: 150953-0-1-0
www.clear-reports.com/	1970-01-20 05:22:39	Name: cr_kpiu_w_13940_d27438bfc7876e77f3455619e9726321_new Value: 150953-0-1-0
www.clear-reports.com/	1970-01-20 05:22:39	Name: cr_kpih_w_13940_d27438bfc7876e77f3455619e9726321 Value: cl-302559172
www.clear-reports.com/	1970-01-20 05:22:39	Name: cr_kpih_w_13940_d27438bfc7876e77f3455619e9726321_new Value: cl-302559172
.rembrandtcasino.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: mk3unhqsc978i1o1e7pmlk30a1
.rembrandtcasino.com/	1969-12-31 23:59:59	Name: lang Value: en
.www.rembrandtcasino.com/	1970-01-20 03:13:06	Name: api-reporting-cookie Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpYXQiOjE2NTMxODMxODIsImV4cCI6MTY1MzE4Njc4MiwidXNlcm5hbWUiOiJjb25kb3ItZnJvbnQtb2ZmaWNlIiwiYnJhbmQiOiJyZW1icmFuZHQiLCJyb2xlcyI6WyJVc2VyIl19.X77Bpk77x-3mVhUia1mBSBkj4Lc_nkvXYfO3BsnP0tIV7RvQox81wWBRK3C88EKO_DhNkXq63dJ_ZTDdzFHQrv2Nhuug56BbzHaKIORgM8QzmvDnhBClgSKsoHRsk0vzWB_0dhQPSMvZCY7Hp893JqZ0PD7HrrKLTRhA6Adn4A75L1DGV-fxjuSExNTA0OYeVPptyZd3Md_kbC5Xy6lo_LLj4lGTJAVgxfBI8vky2f06P4J0okvjieZMc8XmCTeQhLZTa0Rrawb7anHakkuMukpq_5LiPMzEkPlXAtH5f7jtDXuobQhS6vg56BPJqN55b_ttbfDbBw5X_P7mbnymG0_AeC7W7S_EzJnaIbZngWBeH_sTYo2lly3-nKL0MWBCjdOAn9-m-G0WINnN7I2qNHZC1XLQOvWCgIeBkN9F2L6PKl7kjzDvFvGax9_OakNR4R1S8kxi6dkwAYlD2QMxEq68_Pc0_3S7JhPXKO0x3ucrBwdtHUlRwQ7R59B_FzhIAt6L3y5O7DKDpDvh2oA7Z6ywglKeD120ScPF3FcesNFyrUKABdhCtRx6Ig-_T40PVvXI1p8Q91HvzxuDCqit5W186X0psEZnJanlV8g17Hn6BewAmS8Sl2msLynYYfKZBEq3ABUwCcM4ICDi5Wfw8MeZmHED9dfQvUAsb19pUms
.rembrandtcasino.com/	1970-01-21 23:01:03	Name: visited Value: Yes
.rembrandtcasino.com/	1970-01-20 03:56:15	Name: affiliate_code Value: 87644
.rembrandtcasino.com/	1970-01-20 03:56:15	Name: media_code Value: textlink
.rembrandtcasino.com/	1970-01-20 03:14:29	Name: postback_token Value: eyJ3Z3RpIjoiMzAyNTU5MTcyIiwid2d0diI6IjAiLCJwY2kiOiIzMDI1NTkxNzIifQ%3D%3D
.www.rembrandtcasino.com/	1978-01-11 21:30:57	Name: G_ENABLED_IDPS Value: google
.rembrandtcasino.com/	1970-01-20 20:44:15	Name: _ga Value: GA1.2.2069217933.1653183185
.rembrandtcasino.com/	1970-01-20 03:14:29	Name: _gid Value: GA1.2.907865319.1653183185
.rembrandtcasino.com/	1970-01-20 03:13:03	Name: _gat Value: 1
.adnxs.com/	1970-01-20 05:22:39	Name: uuid2 Value: 5802683780097147942
.adnxs.com/	1970-01-20 05:22:39	Name: anj Value: dTM7k!M4.FEVNsVF']wIg2GVOtY0JZ!]tbPl@/kG+TeR@UZ.=:NWEoxB.3BP?Lkky<`?hcHTHaVVbcE4Z9TqRQ09o7VEs!DZ=BfC<QG=%9sk@3@'s>TsofP-
.sxp.smartclip.net/	1970-01-20 03:56:15	Name: uuid Value: fe65fdbc-d192-8962-6e82-2ba7bc903ee7
.rembrandtcasino.com/	1970-01-20 03:13:03	Name: _gat_UA-82757551-1 Value: 1
.doubleclick.net/	1970-01-20 12:34:39	Name: IDE Value: AHWqTUkOV_Hm0jFA2vGOQojCyIHpVeVFcVwXc7cl6l-aadL8eElL-alb4dljgCscVz0
.sxp.smartclip.net/	1970-01-20 03:56:15	Name: dspuuid Value: 44.e405ebff-cbfa-4c1d-a04f-5c934146e865
.sxp.smartclip.net/	1970-01-20 03:56:15	Name: psyn Value: 19134.44
ads.stickyadstv.com/	1970-01-20 03:56:15	Name: UID Value: d4f320e286d5c2bdfe1a3d3d7a44ad1
ads.stickyadstv.com/	1970-01-20 04:39:27	Name: uid-bp-687 Value: e405ebff-cbfa-4c1d-a04f-5c934146e865
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: 97a717a4d75bff15d7ddcf115d2786ff
.google.com/	1970-01-20 07:36:34	Name: NID Value: 511=B7cJf7N2Avi6lGZZ3BnilsFMU_c6l0DARMFrAfM0nAjxx89cPN6ENZTQ_R95r-U9s8I8ecTFeFk-pvqY2y_WrqS_HGK7LAz5qMEAMjVBIqMzIzkObemyBoWI_kefBELXCWe6S6FfWbx-CmIKM4IfUjHCjrs5VAO2HWXsoRxpNRE
.360yield.com/	1970-01-20 05:22:39	Name: tuuid Value: ce6334f1-16fe-4048-8e25-cacea2154a93
.360yield.com/	1970-01-20 05:22:39	Name: tuuid_lu Value: 1653183185
.360yield.com/	1970-01-20 05:22:39	Name: umeh Value: !69,0,1715391185,-1
.rembrandtcasino.com/	1970-01-20 05:22:39	Name: _fbp Value: fb.1.1653183185455.104021499
.adform.net/	1970-01-20 03:57:41	Name: C Value: 1
.360yield.com/	1970-01-20 05:22:39	Name: um Value: !69,SMjjyQbts.UD1H0PTGa2lG8hME62mOUnOOVVXPU5VcMpRCDWMKkZvetaRu.iafCQnA4=,1660959185
.adform.net/	1970-01-20 04:39:27	Name: uid Value: 9009958569267586485
.facebook.com/	1970-01-20 05:22:39	Name: fr Value: 0r8oobLlFFw4iQroG..BiiZLR...1.0.BiiZLR.
.de17a.com/	1970-01-20 11:51:27	Name: guid2 Value: 1.4253027572892040705
.rembrandtcasino.com/	1970-01-20 11:58:39	Name: _hjSessionUser_1239133 Value: eyJpZCI6IjY3YjBkOTA5LTE3ODUtNTg0YS1iYTk3LTlkOTY4NzA5ZTkzNiIsImNyZWF0ZWQiOjE2NTMxODMxODU3NTEsImV4aXN0aW5nIjpmYWxzZX0=
.rembrandtcasino.com/	1970-01-20 03:13:04	Name: _hjFirstSeen Value: 1
www.rembrandtcasino.com/	1970-01-20 03:13:03	Name: _hjIncludedInSessionSample Value: 0
.rembrandtcasino.com/	1970-01-20 03:13:04	Name: _hjSession_1239133 Value: eyJpZCI6IjgxZDA1MmI1LWM4YmUtNDc1MS1hZDRiLWVhMTY4NDFmZWEzMSIsImNyZWF0ZWQiOjE2NTMxODMxODU3NjIsImluU2FtcGxlIjpmYWxzZX0=
.rembrandtcasino.com/	1970-01-20 03:13:04	Name: _hjAbsoluteSessionInProgress Value: 0
.pubmatic.com/	1970-01-20 05:22:39	Name: KRTBCOOKIE_650 Value: 12226-e405ebff-cbfa-4c1d-a04f-5c934146e865
.pubmatic.com/	1970-01-20 03:56:15	Name: PugT Value: 1653183184
.fwmrm.net/	1970-01-20 07:32:15	Name: _uid Value: "g098_7100367713873084819"
.spotxchange.com/	1970-01-20 11:58:43	Name: audience Value: 206bfe79-d96f-11ec-a681-1c5660560406
ads.stickyadstv.com/	1970-01-20 04:39:27	Name: uid-bp-36033 Value: g098_7100367713873084819
ads.stickyadstv.com/	1970-01-20 04:39:27	Name: MRM_UID Value: g098_7100367713873084819
.adsby.bidtheatre.com/	1970-01-20 03:23:07	Name: __kuid Value: e405ebff-cbfa-4c1d-a04f-5c934146e865.422397186
.rembrandtcasino.com/	1970-01-20 11:58:39	Name: _pin_unauth Value: dWlkPU1HRmpOMk0xWkRVdE1qVmxPUzAwTm1aakxXRTBOVE10WVRFeFptSmtNalkyWWpVeg

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.rembrandtcasino.com/assets/banners/lb_banner_register_1.png Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://www.rembrandtcasino.com/en/register#c19184LegIb35573nnzf4262Dxr1311dhuJ1518 Message: Access to XMLHttpRequest at 'https://freegeoip.app/json/' from origin 'https://www.rembrandtcasino.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://freegeoip.app/json/ Message: Failed to load resource: net::ERR_FAILED
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://.biahosted.com https://.paymentiq.io https://*.safecharge.com
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f2e7.v.fwmrm.net
accounts.google.com
ad.360yield.com
ad.sxp.smartclip.net
ads.stickyadstv.com
adsby.bidtheatre.com
apis.google.com
bit.ly
cdn.jsdelivr.net
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
ct.pinterest.com
fonts.googleapis.com
freegeoip.app
ib.adnxs.com
match.adsby.bidtheatre.com
match.adsrvr.org
pixel.rubiconproject.com
s.pinimg.com
s.rembrandtcasino.com
s2.adform.net
script.hotjar.com
simage2.pubmatic.com
static.hotjar.com
static.trafficjunky.com
stats.g.doubleclick.net
sync.search.spotxchange.com
tb.de17a.com
togomori.poix.osaka.jp
track.adform.net
tracking.3-0ccc2-ll.com
vars.hotjar.com
www.clear-reports.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.rembrandtcasino.com
freegeoip.app
104.36.113.107
104.75.88.209
108.157.4.113
108.157.4.45
142.202.191.93
142.250.186.66
143.204.215.65
154.57.158.48
159.65.197.210
174.138.107.223
185.33.221.88
185.94.180.125
2.18.234.233
205.185.208.79
212.100.228.202
213.155.156.188
2606:4700:20::681a:5f1
2606:4700:3033::ac43:89dd
2606:4700::6810:5914
2a00:1450:4001:802::2004
2a00:1450:4001:812::2003
2a00:1450:4001:812::200d
2a00:1450:4001:812::200e
2a00:1450:4001:813::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2008
2a00:1450:4001:830::200e
2a00:1450:400c:c0c::9c
2a02:26f0:7100:1b6::1931
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
35.186.194.101
37.157.2.234
37.157.2.238
37.157.5.71
52.223.40.198
54.77.41.50
67.199.248.11
69.173.144.138
00c74e10067c6c1caf8fa816a7095f774ebe3ae486cb03617027eb971911a738
0f76f40b2b911574c17c57bdf85e35dd1e232ba7065371c6f97fb59fb6f47f8f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11fe0973f094bbcdee787d633f05588aabf87e5c88644d3999c877222c32c2d6
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
195fc406dbdbe81846387873a37f88b81514ddedd3877b59e1a4615e90b18173
2631a9be2c6879f8134f18445146f9adbf7c852210b104a6ccd096cec063e5c5
27095d13a9c6e755cb20dc225c60d419aaea91a9ec240b842527daea5c98a3ba
2a46acd67d45747dd3d2e2d563f398050d191ec1c1aa772adacb8e90daf34d04
2e5d4be918200081673a10df00301d8f01706f51d1947bf78e98e8b5bbea2f01
2f220823c9f76b043d68ac64c0560b9812d5f60379dd982f979a52afbbf84393
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3b8f4615e5a2eecbfda28f9702594512c8e764684693909d306bfc565238ad80
426e6c3e89bb2a4db8c060583e337c123e1f9378c6c3a932f54320f7723e4c14
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
48e6c053da4d2c93d1ec11956e0c75df579b9960e3308f6f33c9e9d8fdba4725
4a1d4e378d5efa21cdc116ebcea7a4cc4594c46e3d011a94b798e98d8aaefea0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
521abcca6b54a45096f3f8e22d0f71b17f4d1add0fdeedb8240293bd072c9b9c
540548b12b5a362a5fa54de526a5870cc89ef6f431387c20cd25e82b4f6cd9d0
5475ef880793a875564088fea38154cee107eede5a2af036f3774a3dec5e48e6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
566b050c3e11dfc2b5e888ee29f3648ebf2bcfa3def82d7146216b549b8094e3
5d7c59e9ad66d6b979cc94b727c5c07b1f746dd380bcddf62784b527a18bbb80
6050573b169613adddb0a0fba54a03c4d501dd4a397b44ccce8080601d812410
67f8c7fd7353ad063da1f3115924c458c494cb134f4d87de4407a132842c9bc9
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
71e0fe9ebdf88dbe8371969e59587596d8e498162628ebb4c44d5f9231567edc
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
7464584122eea6d02b01347b8f092b8a627793bd3270d71e92ed7c5a6544822e
796341bf23b26561aebab277e231d76afe0f2bd51c5c078011e853ca7f447bd0
7eb0d21ad8b5f6db08f3b4ae96aa3e92a7923fe25b8da9cca40cecd9474725d7
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d
8408d14f30a92b8d0672a068920017bf25920a13ffb0b60970f88d74491d3666
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d9e56ea137c84a417dfc43c2b05c93556ed6d01c7670c733d8cd74e9ff1c9be
8e2bfc562b5cdae70b2a43c28f09ee345599f4940e927f54cac4f79cfbfd3026
91cbffcf7ee739854da20b07415a99aaa070896be6ed2c0c479445db8ac10e3a
9373579b2838041a012f6ce7b4b171ef974b5a7a8b69fb651a48b4e515a87b7a
9603b28d8747269c0490c2a826a198ddf405a9c4f4c3a5cc3e8a83e5336fca56
96a110f30765f9038215cffb7b05a98721e7fe8ddbc574df547d0ee2aaa848e1
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a45e06780a388e6a21e4f1cab845ce14b2181f12576d89123fa516cefd722330
a943889fbb59caf5e073422b568e0b1a86404b9993fd6f075a4209bfc80b21ce
aad68dfebcb737dcbf21bf83039f6a773313731f8ac981e6c98b92927e35e8ef
acbe6770b0fc8b621a9d4f7068b241fb403fe999ea33270931ee59ec4cfdf3f1
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
ba53449a1c5421c12fc2b497e8c57586e03caf6c9ecd50d36fb7f92b0ce635e9
bbbcb5e3cdb9ebbb72bd418ed3842e4dbedf367e713aea040c5eeb4a5549990d
be91c77116db3a39863c8e37be23d9e2ca9c56fe890b7c597bf5a5fc99655d79
c972ddc1cb54b96c0df7ec714dae8c7ee86017d525b02a9341ddedf30dfaffe7
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d07d1c56b4d065242ead4e55abc7ffca25bf17aafb4ef9353883a93af18065ce
db4b1949fd52439521f3a85ea066277d58b58fc74f9ab1ffaf5c5ef6ed56516d
ddddeb6d56c1ab493971fcce9f231318ab1c73a613b5eb53549cfa89dd4b1632
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e172e8bc74234d26c46869078b4a9a0a5396218b0d0db9fdbd6ea4cfe1f4ac68
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6bbfa373040cc9524bf78266a4d3fd4320c34b218ff522322791fd813ce09de
e822f9af15d2332373789564b938b617fb26895dd58ef88d0093c9876f5351f0
ea7b9c169069c269c82d6d754694d64e8bdb8047d8da1bb406d2b4576b25e6e7
ec3269a0b093909eeb0012337a47ef00b014cf453526640d6de9ce7ce5484682
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e
f351bf72961f59f69d6b2f626da1fc76a4e0eef71258e55e259bf61c88eb3a6d
fa5a5489957a94b6649299290401fe1f84e351d43f6a0d4d47862df3e4ff03f6

www.rembrandtcasino.com Open in urlscan Pro 2606:4700:20::681a:5f1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

93 Requests

90 %HTTPS

38 %IPv6

32 Domains

41 Subdomains

34 IPs

8 Countries

4794 kBTransfer

7257 kBSize

50 Cookies

30 Outgoing links

Page URL History

Redirected requests

93 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.rembrandtcasino.com Open in urlscan Pro
2606:4700:20::681a:5f1 Public Scan

Screenshot
Live screenshot

Full Image

93
Requests

90 %
HTTPS

38 %
IPv6

32
Domains

41
Subdomains

34
IPs

8
Countries

4794 kB
Transfer

7257 kB
Size

50
Cookies

93 HTTP transactions
0 data transactions