demo.html5xcss3.com Open in urlscan Pro
172.96.191.104 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gg.gg/y9eww
Effective URL:
http://demo.html5xcss3.com/demo.php?name=online+casino+nederland&url=onlinecasino2go.com
Submission: On March 23 via manual (March 23rd 2022, 3:10:32 pm UTC) from NL — Scanned from NL

Summary HTTP 127 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 29 IPs in 6 countries across 24 domains to perform 127 HTTP transactions. The main IP is 172.96.191.104, located in Singapore, Singapore and belongs to LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG. The main domain is demo.html5xcss3.com.

This is the only time demo.html5xcss3.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	185.15.209.141 185.15.209.141	52000 (MIRHOSTING) (MIRHOSTING)
2	172.96.191.104 172.96.191.104	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (STACKPATH...) (STACKPATH-CDN)
9	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2 2	35.208.223.164 35.208.223.164	19527 (GOOGLE-2) (GOOGLE-2)
22	2606:4700:303... 2606:4700:3033::6815:5cab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2620:116:800d... 2620:116:800d:21:ee05:6a01:4b41:8c89	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	141.95.157.215 141.95.157.215	16276 (OVH) (OVH)
10	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	178.250.2.135 178.250.2.135	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.0.162 178.250.0.162	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
4	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
127	29

1 185.15.209.141 (Dronten, Netherlands) 1 redirects

ASN52000 (MIRHOSTING, NL)
PTR: nbn.topsnursingschool.com

gg.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.96.191.104 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
PTR: 172.96.191.104-static.reverse.arandomserver.com

demo.html5xcss3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.208.223.164 (Council Bluffs, United States) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 164.223.208.35.bc.googleusercontent.com

onlinecasino2go.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:4700:3033::6815:5cab (United States)

ASN13335 (CLOUDFLARENET, US)

www.onlinecasino2go.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ee05:6a01:4b41:8c89 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.157.215 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ns3212474.ip-141-95-157.eu

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	criteo.net static.criteo.net — Cisco Umbrella Rank: 600 pix.eu.criteo.net — Cisco Umbrella Rank: 7328 csm.eu.criteo.net — Cisco Umbrella Rank: 7422	225 KB
24	onlinecasino2go.com 2 redirects onlinecasino2go.com www.onlinecasino2go.com	317 KB
16	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 122	267 KB
13	gstatic.com fonts.gstatic.com	279 KB
11	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 176	35 KB
6	criteo.com rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 12341 ads.eu.criteo.com — Cisco Umbrella Rank: 7435 rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11348 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9430	111 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 57 www.google.com — Cisco Umbrella Rank: 2	1 KB
4	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 828	176 KB
3	google.nl adservice.google.nl — Cisco Umbrella Rank: 13496	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	10 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 571	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	72 KB
2	html5xcss3.com demo.html5xcss3.com	19 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	37 KB
1	gemius.pl 1 redirects googlecm.hit.gemius.pl — Cisco Umbrella Rank: 7401	337 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 289	456 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1359	350 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 794	324 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 929	463 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 716	646 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 588	33 KB
1	gg.gg 1 redirects gg.gg — Cisco Umbrella Rank: 174402	1 KB
127	24

	Domain	Requested by
22	www.onlinecasino2go.com	demo.html5xcss3.com www.onlinecasino2go.com
18	pix.eu.criteo.net	ads.eu.criteo.com
13	fonts.gstatic.com	fonts.googleapis.com www.onlinecasino2go.com
10	static.criteo.net	ads.eu.criteo.com
9	pagead2.googlesyndication.com	demo.html5xcss3.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com demo.html5xcss3.com googleads.g.doubleclick.net
4	use.fontawesome.com	www.onlinecasino2go.com
4	cm.g.doubleclick.net	googleads.g.doubleclick.net
3	csm.eu.criteo.net	ads.eu.criteo.com
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.nl	pagead2.googlesyndication.com
2	fonts.googleapis.com	cdnjs.cloudflare.com
2	cdnjs.cloudflare.com	ads.eu.criteo.com
2	cat.nl.eu.criteo.com	ads.eu.criteo.com
2	image6.pubmatic.com	2 redirects
2	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	ads.eu.criteo.com	googleads.g.doubleclick.net
2	onlinecasino2go.com	2 redirects
2	demo.html5xcss3.com	demo.html5xcss3.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.onlinecasino2go.com
1	googlecm.hit.gemius.pl	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	odr.mookie1.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	rtb.nl.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.fr.eu.criteo.com	demo.html5xcss3.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	code.jquery.com	demo.html5xcss3.com
1	gg.gg	1 redirects
127	33

This site contains links to these domains. Also see Links.

Domain
www.html5xcss3.com

Subject Issuer	Validity	Valid
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-13` - `2022-06-09`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-19` - `2022-06-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-15` - `2022-06-13`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-03` - `2022-05-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh

This page contains 12 frames:

Primary Page: http://demo.html5xcss3.com/demo.php?name=online+casino+nederland&url=onlinecasino2go.com
Frame ID: 031A4A1158B21A87ABE6F23953421767
Requests: 16 HTTP requests in this frame

Frame: https://www.onlinecasino2go.com/
Frame ID: 3D0D9173F2DAF8EDB8957B4226337228
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220317/r20190131/zrt_lookup.html
Frame ID: 5A25F3714B30A3810CF14CA2EA09BFBE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9457621606137139&output=html&h=15&slotname=5266722650&adk=3328347014&adf=120034856&pi=t.ma~as.5266722650&w=468&lmt=1648048226&psa=0&url=http%3A%2F%2Fdemo.html5xcss3.com%2Fdemo.php%3Fname%3Donline%2Bcasino%2Bnederland%26url%3Donlinecasino2go.com&wgl=1&dt=1648048226025&bpp=4&bdt=626&idt=403&shv=r20220317&mjsv=m202203170101&ptt=9&saldr=aa&abxe=1&correlator=4560837022948&frm=20&pv=2&ga_vid=1573912709.1648048226&ga_sid=1648048226&ga_hid=1100592057&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=15&ady=30&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C182982100%2C182982300%2C31065655%2C31065657&oid=2&pvsid=508628886891195&pem=97&tmod=498679221&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=dHi88AXkOF&p=http%3A//demo.html5xcss3.com&dtd=416
Frame ID: B17952AB726C7763DB5E1521F8771793
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9457621606137139&output=html&adk=1812271804&adf=3025194257&lmt=1648048226&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fdemo.html5xcss3.com%2Fdemo.php%3Fname%3Donline%2Bcasino%2Bnederland%26url%3Donlinecasino2go.com&ea=0&pra=7&wgl=1&dt=1648048226042&bpp=1&bdt=643&idt=402&shv=r20220317&mjsv=m202203170101&ptt=9&saldr=aa&abxe=1&prev_slotnames=5266722650&nras=1&correlator=4560837022948&frm=20&pv=1&ga_vid=1573912709.1648048226&ga_sid=1648048226&ga_hid=1100592057&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C182982100%2C182982300%2C31065655%2C31065657&oid=2&pvsid=508628886891195&pem=97&tmod=498679221&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=405
Frame ID: 43B838975399908B47251A562488B098
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9457621606137139&output=html&h=280&adk=3088186576&adf=1795251393&pi=t.aa~a.356315161~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1648048226&rafmt=1&to=qs&pwprc=5976604472&psa=0&format=1200x280&url=http%3A%2F%2Fdemo.html5xcss3.com%2Fdemo.php%3Fname%3Donline%2Bcasino%2Bnederland%26url%3Donlinecasino2go.com&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1648048226710&bpp=2&bdt=1311&idt=2&shv=r20220317&mjsv=m202203170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db9a601c62ed87995-22f0600763cd002a%3AT%3D1648048226%3ART%3D1648048226%3AS%3DALNI_Ma86td_MdytgOTUBqVhv0y1eUxLDA&prev_fmts=0x0&prev_slotnames=5266722650&nras=2&correlator=4560837022948&frm=20&pv=1&ga_vid=1573912709.1648048226&ga_sid=1648048226&ga_hid=1100592057&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C182982100%2C182982300%2C31065655%2C31065657&oid=2&pvsid=508628886891195&pem=97&tmod=498679221&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=62QRMyVWSj&p=http%3A//demo.html5xcss3.com&dtd=9
Frame ID: 025298C4D167A99106F01E277557BA58
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220317/r20110914/zrt_lookup.html?fsb=1
Frame ID: 98EC72B8E2B8333D9080F8F76FF89EAB
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yjs4YgAH2JEKiwyYAAOvzI8pVaSdXvPPgtbe-w&u=%7Cc8dowKV9jjibchzkFoWf%2BGfY6l%2F1kcXcLNJSeGLhbGA%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8T4u80QieWILd5TR8FoAdDIg13kdb4HiJZNiYK0kb4UV19zmtod6ByHFPftApcSx-aIjdviSzQTKAUtkhRosTODUDVlsOuq-Uu11ouOZjER3LMti8F8nHiX7N1kZnKoAraHMTvmxWb49i3tzAGHB7ykk3dguaxM40QR7wCUfR3PEQUQhvkKQWS4wequupsBBhzG95KhDsp1lZAVMf1teDeh_4eRF-0KPsbain471DfbeswS0Cm9SUMS8T2JV2XihvwgRPyH7MmxzOzxjpzhedw6bOcUP3Kows-3UQgDXXYdyGmq880-CuDwykagW-QyCCWqJr0XgvCu8WsaagLT7KNLqFANBEbWeaLbhG4Oqc9-hrft4KTQzKX3_H9E2O9Y4pBXJzA5weT5c-xYF4sgbkvghtNbvpBMyKA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmODuYjg7YpGxH5iZrATM346ACsme0rFclaKX93DAjbcBEAEgAGCRBIIBF2NhLXB1Yi05NDU3NjIxNjA2MTM3MTM5oAHVttLqA8gBCakCgPHsJnxvsj6oAwGqBPQBT9DjvEndQYlGlIHiOCH2lV7m93QrCnwTrbSTuUHMijOst6Z2k-s9YFcG6mqualeWbhnOV18IKDWQjcCVCbLnY3eBOpFwtFULsUyqHMGgY4P-5gE6BBCyKy_msV6lI7uT4TZEi7VNGASqEpFMpRS4aHc-aWfbdAUOp2hbBMQUjcBiG5XjZu2KhrD-sbuQrq-LBjcFw9OOv6hXiiqfjwv9w_jH-t1oaMUaSRzARiAkzesridhUQdbysAlfYRgfwzw-6bsbRat3snb9FzpsgtwP6iYHv08aNvFl1FEuCG8eF8qXUd06LIpT6mGYg2g3sZZ82ZPzjoAG1daz7vPW055WoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1r6vizdzcArcMsZ7K8Y7QKVOzI3A%26client%3Dca-pub-9457621606137139%26adurl%3D
Frame ID: C50C0B896C682B99DC1E17453377D543
Requests: 19 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yjs4YgALpJ4KwkpqAAiaMPxG_HVPSFL27MKneg&u=%7Cc8dowKV9jjgPNr0zyt5efRbE8bRC%2FibUD4qyryjMXHE%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8T4u80QieWILd5TR8FoAdDIA2zyblZUiaCGuTlswq9ZmLUN1E-VCSG1HY5NSdVMwLv5D5IlClH4HEhtrPumFEXrri2LZpEaGmd5qy12K4CRd1EoG2TdIazUXkIefTelmHn_VDPD5QqRkOstKb8Zzh3WVpDIWKNBjzaUY9aqlaJhCYaUp0nHm46PqtR0wdHW655tbsyMYyeTOt159uO1_xlqcoNrs1vgaw5ogv5hNFZmDtomrFLfDhOeVCKIQNXzjNeJArL_pnhdNadDaHhnNkqCw2dZTiAc_i-KsmwQ6GRplE7Hhox4pnACv6K-KzX0EywL2-Txii_TQdo03txzoOHW3TWeB2G-l120B18uy8Ok0_kiwa379-N-x3VMmH69avr6cZGsJy_ah1gget9biRr5nY2RLl86gX38vOaeAR3v8g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP1blYjg7Yp7JLuqUiQawtKL4Ccme0rFczfHi3YgBwI23ARABIABgkQSCARdjYS1wdWItOTQ1NzYyMTYwNjEzNzEzOaAB1bbS6gPIAQmpAgMhFmK3dbI-qAMBqgT6AU_QEryLLD9pa-n9id5pAaxsQqex8Akz0wQTdw3KLGJUTcWIoAyhTX51PYPdUzRr9-JIV6osNkToLvsQqi8gqQY45rDTqdoCw2fyh_IcWHchPVfg9OouZkeJ68CZwHyguSoUJVcOUylDBTClf0vnU_QgbWRXMovyavFjgg7JjmWzDaBRAMA7Ff9FOgIMQHS3TgD9rQ5ck2n080AntjzmAwUQAzRBy2imI-8m4Ex7ACJnrE2YCXYq9FHD4MLsewt8bZYh5qD1wJbMsh4YxJXEj4Ney_GxVUaSI1VzF2t84S1Fv5jaPkrxdksbz6xYcdqtzMv7w3k9p0qml0KABtXWs-7z1tOeVqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0_egwBIFmSIR13qr3q32Y1mWDH_g%26client%3Dca-pub-9457621606137139%26adurl%3D
Frame ID: E32C9BC7C2D17BBA80D749D77584DAA6
Requests: 22 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3767B41DF47E36C86DFE835C89BA7C89
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FB6863532D81841B945DA7335E157A77
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2EF31404FCDE73A4C052FAA4909D053E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Demo Free Html5 and Css3 Templates | Html5xcss3.com

Page URL History Show full URLs

http://gg.gg/y9eww HTTP 301
http://demo.html5xcss3.com/demo.php?name=online+casino+nederland&url=onlinecasino2go.com Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

CodeIgniter (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

127
Requests

94 %
HTTPS

61 %
IPv6

24
Domains

33
Subdomains

29
IPs

6
Countries

1605 kB
Transfer

3521 kB
Size

12
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.html5xcss3.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gg.gg/y9eww HTTP 301
http://demo.html5xcss3.com/demo.php?name=online+casino+nederland&url=onlinecasino2go.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

http://onlinecasino2go.com/ HTTP 301
https://onlinecasino2go.com/ HTTP 301
https://www.onlinecasino2go.com/

Request Chain 36

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEF8vw85syUrxReb5yFrKMKQ&google_cver=1&google_push=AYg5qPLDJYKMC0g37Ps0LwTfQZEme5tAlNOhzgNALHtAb9hANyftmZzaFiZzIM1ogJf0fmmWa89SqtQUfYnNXAxDneXmtQqvJQ HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEF8vw85syUrxReb5yFrKMKQ&google_cver=1&google_push=AYg5qPLDJYKMC0g37Ps0LwTfQZEme5tAlNOhzgNALHtAb9hANyftmZzaFiZzIM1ogJf0fmmWa89SqtQUfYnNXAxDneXmtQqvJQ&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=bqh2iDSWQamGzYA3cA3bbw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLDJYKMC0g37Ps0LwTfQZEme5tAlNOhzgNALHtAb9hANyftmZzaFiZzIM1ogJf0fmmWa89SqtQUfYnNXAxDneXmtQqvJQ

Request Chain 37

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEgR6Cz9tfd5a2xhyqcT0jY&google_cver=1&google_push=AYg5qPIMfQEmFkzBamjBJaNlbeiR5VNhXy3jTgq6IUT894BVK5uib3qR7mmFNUrNhC_pG0dTolVoDBOPV3UG2GKd98KRKXU4pxI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDEzUEQySTEtTS1EMDc2&google_push=AYg5qPIMfQEmFkzBamjBJaNlbeiR5VNhXy3jTgq6IUT894BVK5uib3qR7mmFNUrNhC_pG0dTolVoDBOPV3UG2GKd98KRKXU4pxI

Request Chain 38

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBQAGiViI_pE-t686n1sjAc&google_cver=1&google_push=AYg5qPLUSNRhuxFGv_uat0tox1PyscUY_fBpKwvB0Ejw7-xND-yFRDdB_Vd0J4r7aBszWyszy4qYpECSvU2rUwiFxibB71_3XH4 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEBQAGiViI_pE-t686n1sjAc&google_push=AYg5qPLUSNRhuxFGv_uat0tox1PyscUY_fBpKwvB0Ejw7-xND-yFRDdB_Vd0J4r7aBszWyszy4qYpECSvU2rUwiFxibB71_3XH4&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yjs4Y3n0a-b0QH28FY4x0QAABJoAAAAB&google_gid=CAESEBQAGiViI_pE-t686n1sjAc&google_cver=1&google_push=AYg5qPLUSNRhuxFGv_uat0tox1PyscUY_fBpKwvB0Ejw7-xND-yFRDdB_Vd0J4r7aBszWyszy4qYpECSvU2rUwiFxibB71_3XH4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yjs4Y3n0a-b0QH28FY4x0QAABJoAAAAB&google_gid=CAESEBQAGiViI_pE-t686n1sjAc&google_cver=1&google_push=AYg5qPLUSNRhuxFGv_uat0tox1PyscUY_fBpKwvB0Ejw7-xND-yFRDdB_Vd0J4r7aBszWyszy4qYpECSvU2rUwiFxibB71_3XH4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yjs4Y3n0a-b0QH28FY4x0QAABJoAAAAB&google_gid=CAESEBQAGiViI_pE-t686n1sjAc&google_cver=1&google_push=AYg5qPLUSNRhuxFGv_uat0tox1PyscUY_fBpKwvB0Ejw7-xND-yFRDdB_Vd0J4r7aBszWyszy4qYpECSvU2rUwiFxibB71_3XH4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yjs4Y3n0a-b0QH28FY4x0QAABJoAAAAB&google_gid=CAESEBQAGiViI_pE-t686n1sjAc&google_cver=1&google_push=AYg5qPLUSNRhuxFGv_uat0tox1PyscUY_fBpKwvB0Ejw7-xND-yFRDdB_Vd0J4r7aBszWyszy4qYpECSvU2rUwiFxibB71_3XH4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yjs4Y3n0a-b0QH28FY4x0QAABJoAAAAB&google_gid=CAESEBQAGiViI_pE-t686n1sjAc&google_cver=1&google_push=AYg5qPLUSNRhuxFGv_uat0tox1PyscUY_fBpKwvB0Ejw7-xND-yFRDdB_Vd0J4r7aBszWyszy4qYpECSvU2rUwiFxibB71_3XH4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yjs4Y3n0a-b0QH28FY4x0QAABJoAAAAB&google_gid=CAESEBQAGiViI_pE-t686n1sjAc&google_cver=1&google_push=AYg5qPLUSNRhuxFGv_uat0tox1PyscUY_fBpKwvB0Ejw7-xND-yFRDdB_Vd0J4r7aBszWyszy4qYpECSvU2rUwiFxibB71_3XH4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yjs4Y3n0a-b0QH28FY4x0QAABJoAAAAB&google_gid=CAESEBQAGiViI_pE-t686n1sjAc&google_cver=1&google_push=AYg5qPLUSNRhuxFGv_uat0tox1PyscUY_fBpKwvB0Ejw7-xND-yFRDdB_Vd0J4r7aBszWyszy4qYpECSvU2rUwiFxibB71_3XH4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yjs4Y3n0a-b0QH28FY4x0QAABJoAAAAB&google_gid=CAESEBQAGiViI_pE-t686n1sjAc&google_cver=1&google_push=AYg5qPLUSNRhuxFGv_uat0tox1PyscUY_fBpKwvB0Ejw7-xND-yFRDdB_Vd0J4r7aBszWyszy4qYpECSvU2rUwiFxibB71_3XH4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yjs4Y3n0a-b0QH28FY4x0QAABJoAAAAB&google_gid=CAESEBQAGiViI_pE-t686n1sjAc&google_cver=1&google_push=AYg5qPLUSNRhuxFGv_uat0tox1PyscUY_fBpKwvB0Ejw7-xND-yFRDdB_Vd0J4r7aBszWyszy4qYpECSvU2rUwiFxibB71_3XH4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yjs4Y3n0a-b0QH28FY4x0QAABJoAAAAB&google_gid=CAESEBQAGiViI_pE-t686n1sjAc&google_cver=1&google_push=AYg5qPLUSNRhuxFGv_uat0tox1PyscUY_fBpKwvB0Ejw7-xND-yFRDdB_Vd0J4r7aBszWyszy4qYpECSvU2rUwiFxibB71_3XH4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yjs4Y3n0a-b0QH28FY4x0QAABJoAAAAB&google_gid=CAESEBQAGiViI_pE-t686n1sjAc&google_cver=1&google_push=AYg5qPLUSNRhuxFGv_uat0tox1PyscUY_fBpKwvB0Ejw7-xND-yFRDdB_Vd0J4r7aBszWyszy4qYpECSvU2rUwiFxibB71_3XH4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yjs4Y3n0a-b0QH28FY4x0QAABJoAAAAB&google_gid=CAESEBQAGiViI_pE-t686n1sjAc&google_cver=1&google_push=AYg5qPLUSNRhuxFGv_uat0tox1PyscUY_fBpKwvB0Ejw7-xND-yFRDdB_Vd0J4r7aBszWyszy4qYpECSvU2rUwiFxibB71_3XH4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yjs4Y3n0a-b0QH28FY4x0QAABJoAAAAB&google_gid=CAESEBQAGiViI_pE-t686n1sjAc&google_cver=1&google_push=AYg5qPLUSNRhuxFGv_uat0tox1PyscUY_fBpKwvB0Ejw7-xND-yFRDdB_Vd0J4r7aBszWyszy4qYpECSvU2rUwiFxibB71_3XH4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yjs4Y3n0a-b0QH28FY4x0QAABJoAAAAB&google_gid=CAESEBQAGiViI_pE-t686n1sjAc&google_cver=1&google_push=AYg5qPLUSNRhuxFGv_uat0tox1PyscUY_fBpKwvB0Ejw7-xND-yFRDdB_Vd0J4r7aBszWyszy4qYpECSvU2rUwiFxibB71_3XH4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yjs4Y3n0a-b0QH28FY4x0QAABJoAAAAB&google_gid=CAESEBQAGiViI_pE-t686n1sjAc&google_cver=1&google_push=AYg5qPLUSNRhuxFGv_uat0tox1PyscUY_fBpKwvB0Ejw7-xND-yFRDdB_Vd0J4r7aBszWyszy4qYpECSvU2rUwiFxibB71_3XH4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yjs4Y3n0a-b0QH28FY4x0QAABJoAAAAB&google_gid=CAESEBQAGiViI_pE-t686n1sjAc&google_cver=1&google_push=AYg5qPLUSNRhuxFGv_uat0tox1PyscUY_fBpKwvB0Ejw7-xND-yFRDdB_Vd0J4r7aBszWyszy4qYpECSvU2rUwiFxibB71_3XH4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yjs4Y3n0a-b0QH28FY4x0QAABJoAAAAB&google_gid=CAESEBQAGiViI_pE-t686n1sjAc&google_cver=1&google_push=AYg5qPLUSNRhuxFGv_uat0tox1PyscUY_fBpKwvB0Ejw7-xND-yFRDdB_Vd0J4r7aBszWyszy4qYpECSvU2rUwiFxibB71_3XH4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yjs4Y3n0a-b0QH28FY4x0QAABJoAAAAB&google_gid=CAESEBQAGiViI_pE-t686n1sjAc&google_cver=1&google_push=AYg5qPLUSNRhuxFGv_uat0tox1PyscUY_fBpKwvB0Ejw7-xND-yFRDdB_Vd0J4r7aBszWyszy4qYpECSvU2rUwiFxibB71_3XH4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yjs4Y3n0a-b0QH28FY4x0QAABJoAAAAB&google_gid=CAESEBQAGiViI_pE-t686n1sjAc&google_cver=1&google_push=AYg5qPLUSNRhuxFGv_uat0tox1PyscUY_fBpKwvB0Ejw7-xND-yFRDdB_Vd0J4r7aBszWyszy4qYpECSvU2rUwiFxibB71_3XH4

Request Chain 39

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEAu4BmBFgjIdIIl8wPzAziw&google_cver=1&google_push=AYg5qPITRs0NsqPMKGc52Y7Igr0yiBxivmbmFh3TCd2FhGnZ4xokLAzINtyQUQvTMXBEzjV9cy4LBWjSdvvMlIUheKtvUEvuk9M HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPITRs0NsqPMKGc52Y7Igr0yiBxivmbmFh3TCd2FhGnZ4xokLAzINtyQUQvTMXBEzjV9cy4LBWjSdvvMlIUheKtvUEvuk9M&google_hm=

127 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request demo.php Show response
demo.html5xcss3.com/
Redirect Chain

http://gg.gg/y9eww
http://demo.html5xcss3.com/demo.php?name=online+casino+nederland&url=onlinecasino2go.com

7 KB
3 KB

364ms
183ms

Document
text/html

172.96.191.104
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: http://demo.html5xcss3.com/demo.php?name=online+casino+nederland&url=onlinecasino2go.com
Protocol: HTTP/1.1
Server: 172.96.191.104 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.104-static.reverse.arandomserver.com
Software: LiteSpeed / PHP/7.2.34
Resource Hash: 6bfe4b3828ecbdcda91ccd69e60b9f32dfedd3c2d2f11b805ab983757da6976d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9

Response headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-length: 2966
content-encoding: gzip
vary: Accept-Encoding
date: Wed, 23 Mar 2022 15:10:25 GMT
server: LiteSpeed

Redirect headers

Date: Wed, 23 Mar 2022 15:10:25 GMT
Server: Apache/2.2.22 (@RELEASE@)
X-Powered-By: PHP/5.3.3
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Wed, 23 Mar 2022 15:10:25 GMT
Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Pragma: no-cache
Location: http://demo.html5xcss3.com/demo.php?name=online+casino+nederland&url=onlinecasino2go.com
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H2 200 jquery-1.7.1.min.js Show response
code.jquery.com/ 92 KB
33 KB 409ms
136ms Script
application/javascript 2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.7.1.min.js
Requested by: Host: demo.html5xcss3.com
URL: http://demo.html5xcss3.com/demo.php?name=online+casino+nederland&url=onlinecasino2go.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://demo.html5xcss3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:25 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-16eac"
vary: Accept-Encoding
x-hw: 1648048225.dop201.de1.t,1648048225.cds032.de1.hn,1648048225.cds028.de1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33120

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
54 KB 64ms
42ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: demo.html5xcss3.com
URL: http://demo.html5xcss3.com/demo.php?name=online+casino+nederland&url=onlinecasino2go.com

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c26557d38df3fd6f670d399e622dda71c0bb94005681404917f585193321da0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://demo.html5xcss3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Wed, 23 Mar 2022 15:10:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 16854981755411490016
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 54636
X-XSS-Protection: 0
Expires: Wed, 23 Mar 2022 15:10:25 GMT

GET
H/1.1 200
OK logoh5c3.png
demo.html5xcss3.com/images/ 15 KB
15 KB 181ms
181ms Image
image/png 172.96.191.104
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://demo.html5xcss3.com/images/logoh5c3.png
Requested by: Host: demo.html5xcss3.com
URL: http://demo.html5xcss3.com/demo.php?name=online+casino+nederland&url=onlinecasino2go.com
Protocol: HTTP/1.1
Server: 172.96.191.104 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.104-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: b46d87ade6c7e92a04362c95381636726edf0f1f0c4b1faa2f929501781ccf5c

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://demo.html5xcss3.com/demo.php?name=online+casino+nederland&url=onlinecasino2go.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:25 GMT
last-modified: Wed, 06 May 2015 17:17:42 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 15529
expires: Wed, 30 Mar 2022 15:10:25 GMT

GET
H2

200

/ Show response
www.onlinecasino2go.com/ Frame 3D0D
Redirect Chain

http://onlinecasino2go.com/
https://onlinecasino2go.com/
https://www.onlinecasino2go.com/

132 KB
23 KB

644ms
604ms

Document
text/html

2606:4700:3033::6815:5cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onlinecasino2go.com/

Requested by

Host: demo.html5xcss3.com
URL: http://demo.html5xcss3.com/demo.php?name=online+casino+nederland&url=onlinecasino2go.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:5cab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / www.onlinecasino2go.com

Resource Hash

9b481b8ae49e44f09694ce1de8e38911b1d89e601d423b759510410dc2a7b405

Security Headers

Name	Value
Content-Security-Policy	report-uri https://onlinecasino2go.com
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Security-Policy	default-src 'self'; img-src ; media-src data:;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: http://demo.html5xcss3.com/

Response headers

date: Wed, 23 Mar 2022 15:10:27 GMT
content-type: text/html; charset=UTF-8
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-origin: null
cache-control: s-maxage=604800, max-age=60
cf-railgun: direct (waiting for pending WAN connection)
content-security-policy: report-uri https://onlinecasino2go.com
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-embedder-policy-report-only: require-corp; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
expect-ct: max-age=7776000, enforce
host-header: 8441280b0c35cbc1147f8ba998a563a7
link: <https://www.onlinecasino2go.com/wp-json/>; rel="https://api.w.org/", <https://www.onlinecasino2go.com/wp-json/wp/v2/pages/276>; rel="alternate"; type="application/json", <https://www.onlinecasino2go.com/>; rel=shortlink
permissions-policy: geolocation=(self "https://onlinecasino2go.com"), microphone=(), accelerometer=(), gyroscope=(), magnetometer=(), interest-cohort=()
referrer-policy: no-referrer-when-downgrade
sg-f-cache: BYPASS
sg-optimizer-cache-control: s-maxage=604800, max-age=60
strict-dynamic: https: 'self'; default-src 'self'
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-cache-enabled: True
x-content-security-policy: default-src 'self'; img-src *; media-src * data:;
x-content-type-options: nosniff
x-httpd: 1
x-powered-by: www.onlinecasino2go.com
x-proxy-cache: HIT
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AbpHenGmDWY4Lt40A4KD0M%2FaxTh5gW3m23afsKemeuh7982DghOW7yaeJkiaHNp7Pa4nAWRWhm4FugXzik0APZnxPWIFAFowXoSu8XuTVtumqhWNNk4pAZlAtknbJQ%2Bnt82XFkGnCHbxG8BH9wSd5MG0HmOxYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6f081809cc560c21-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

server: nginx
date: Wed, 23 Mar 2022 15:10:26 GMT
content-type: text/html; charset=iso-8859-1
content-length: 240
location: https://www.onlinecasino2go.com/
host-header: 6b7412fb82ca5edfd0917e3957f05d89
x-proxy-cache: MISS
x-proxy-cache-info: 0301 NC:000000 UP:

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203170101/ 297 KB
108 KB 335ms
48ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9457621606137139&plah=demo.html5xcss3.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9edff5351590042e096317d7d8bbc8fd8cc3d6d20c06dbc23b736afa260f4e7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://demo.html5xcss3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109609
x-xss-protection: 0
server: cafe
etag: 4466462811135523527
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 23 Mar 2022 15:10:26 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220317/r20190131/ Frame 5A25 10 KB
5 KB 88ms
24ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220317/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: http://demo.html5xcss3.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Tue, 22 Mar 2022 23:16:13 GMT
expires: Tue, 05 Apr 2022 23:16:13 GMT
cache-control: public, max-age=1209600
age: 57253
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 218 B
646 B 83ms
31ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=demo.html5xcss3.com&callback=_gfp_s_&client=ca-pub-9457621606137139

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9457621606137139&plah=demo.html5xcss3.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

490051ea56e96213d26e59620174b44dda9726a4980c8da095953f9eff6ee261

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://demo.html5xcss3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 202
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
792 B 122ms
31ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=demo.html5xcss3.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://demo.html5xcss3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Mar 2022 15:10:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 98ms
32ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=demo.html5xcss3.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://demo.html5xcss3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Mar 2022 15:10:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B179 603 B
248 B 52ms
51ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9457621606137139&output=html&h=15&slotname=5266722650&adk=3328347014&adf=120034856&pi=t.ma~as.5266722650&w=468&lmt=1648048226&psa=0&url=http%3A%2F%2Fdemo.html5xcss3.com%2Fdemo.php%3Fname%3Donline%2Bcasino%2Bnederland%26url%3Donlinecasino2go.com&wgl=1&dt=1648048226025&bpp=4&bdt=626&idt=403&shv=r20220317&mjsv=m202203170101&ptt=9&saldr=aa&abxe=1&correlator=4560837022948&frm=20&pv=2&ga_vid=1573912709.1648048226&ga_sid=1648048226&ga_hid=1100592057&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=15&ady=30&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C182982100%2C182982300%2C31065655%2C31065657&oid=2&pvsid=508628886891195&pem=97&tmod=498679221&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=dHi88AXkOF&p=http%3A//demo.html5xcss3.com&dtd=416

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: http://demo.html5xcss3.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 23 Mar 2022 15:10:26 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 23 Mar 2022 15:10:26 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 43B8 43 KB
14 KB 233ms
233ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9457621606137139&output=html&adk=1812271804&adf=3025194257&lmt=1648048226&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fdemo.html5xcss3.com%2Fdemo.php%3Fname%3Donline%2Bcasino%2Bnederland%26url%3Donlinecasino2go.com&ea=0&pra=7&wgl=1&dt=1648048226042&bpp=1&bdt=643&idt=402&shv=r20220317&mjsv=m202203170101&ptt=9&saldr=aa&abxe=1&prev_slotnames=5266722650&nras=1&correlator=4560837022948&frm=20&pv=1&ga_vid=1573912709.1648048226&ga_sid=1648048226&ga_hid=1100592057&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C182982100%2C182982300%2C31065655%2C31065657&oid=2&pvsid=508628886891195&pem=97&tmod=498679221&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=405

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9353576d1f01242b800db085ea5a5ee1ce4cff71d2193b475c5e35c1327715f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: http://demo.html5xcss3.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 23 Mar 2022 15:10:26 GMT
server: cafe
content-length: 13686
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 23 Mar 2022 15:10:26 GMT
cache-control: private

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203170101/ 152 KB
54 KB 73ms
43ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203170101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab817d4319c2ef47622dfc43df3e6bb3c5643b6a9d5a122aed8399fc812285fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://demo.html5xcss3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55148
x-xss-protection: 0
server: cafe
etag: 7373752672641371575
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Mar 2022 15:10:26 GMT

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
122 B 59ms
30ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=demo.html5xcss3.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://demo.html5xcss3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Mar 2022 15:10:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 62ms
32ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=demo.html5xcss3.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://demo.html5xcss3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Mar 2022 15:10:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0252 26 KB
12 KB 196ms
196ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9457621606137139&output=html&h=280&adk=3088186576&adf=1795251393&pi=t.aa~a.356315161~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1648048226&rafmt=1&to=qs&pwprc=5976604472&psa=0&format=1200x280&url=http%3A%2F%2Fdemo.html5xcss3.com%2Fdemo.php%3Fname%3Donline%2Bcasino%2Bnederland%26url%3Donlinecasino2go.com&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1648048226710&bpp=2&bdt=1311&idt=2&shv=r20220317&mjsv=m202203170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db9a601c62ed87995-22f0600763cd002a%3AT%3D1648048226%3ART%3D1648048226%3AS%3DALNI_Ma86td_MdytgOTUBqVhv0y1eUxLDA&prev_fmts=0x0&prev_slotnames=5266722650&nras=2&correlator=4560837022948&frm=20&pv=1&ga_vid=1573912709.1648048226&ga_sid=1648048226&ga_hid=1100592057&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C182982100%2C182982300%2C31065655%2C31065657&oid=2&pvsid=508628886891195&pem=97&tmod=498679221&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=62QRMyVWSj&p=http%3A//demo.html5xcss3.com&dtd=9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f386886a97806563500770fe27dd84c997da105a7c7a11786dbfe9b86182173

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: http://demo.html5xcss3.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 23 Mar 2022 15:10:26 GMT
server: cafe
content-length: 11762
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 23 Mar 2022 15:10:26 GMT
cache-control: private

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
122 B 32ms
32ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=demo.html5xcss3.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://demo.html5xcss3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Mar 2022 15:10:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
30ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=demo.html5xcss3.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://demo.html5xcss3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Mar 2022 15:10:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220317/r20110914/ Frame 98EC 10 KB
4 KB 22ms
22ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220317/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: http://demo.html5xcss3.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Tue, 22 Mar 2022 23:13:42 GMT
expires: Tue, 05 Apr 2022 23:13:42 GMT
cache-control: public, max-age=1209600
age: 57404
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 98EC 0
0 67ms
67ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CqwhgYjg7YpGxH5iZrATM346ACsme0rFclaKX93DAjbcBEAEgAGCRBIIBF2NhLXB1Yi05NDU3NjIxNjA2MTM3MTM5oAHVttLqA8gBCakCgPHsJnxvsj6oAwGqBPEBT9DjvEndQYlGlIHiOCH2lV7m93QrCnwTrbSTuUHMijOst6Z2k-s9YFcG6mqualeWbhnOV18IKDWQjcCVCbLnY3eBOpFwtFULsUyqHMGgY4P-5gE6BBCyKy_msV6lI7uT4TZEi7VNGASqEpFMpRS4aHc-aWfbdAUOp2hbBMQUjcBiG5XjZu2KhrD-sbuQrq-LBjcFw9OOv6hXiiqfjwv9w_jH-t1oaMUaSRzARiAkzesridhUQdbysAlfYRgfwzw-6bsbRat3snb9FzougP2dbambrPCGIlK16ffWAXsUocC5SV-O5Lf1GN6Gr3CyGxJvZoAG1daz7vPW055WoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItOTQ1NzYyMTYwNjEzNzEzORgA&sigh=LPJjzD1IqKA&uach_m=[UACH]&cid=CAQSGwCNIrLMEInPMNk40Pf_k5QTe9YnrEN9q4LzoRgB

Requested by

Host: demo.html5xcss3.com
URL: http://demo.html5xcss3.com/demo.php?name=online+casino+nederland&url=onlinecasino2go.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220317/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 23 Mar 2022 15:10:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 23 Mar 2022 15:10:26 GMT

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 98EC 0
0 79ms
25ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=UK3rErz6RO0HfJ2DYgICAAAAmYulz8ZvV6YQYjg7Yp1ndiuxZjjYF7LFABI&wp=Yjs4YgAH2JEKiwyYAAOvzI8pVaSdXvPPgtbe-w

Requested by

Host: demo.html5xcss3.com
URL: http://demo.html5xcss3.com/demo.php?name=online+casino+nederland&url=onlinecasino2go.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:26 GMT
server: Kestrel
server-processing-duration-in-ticks: 248661
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame C50C 167 KB
51 KB 170ms
136ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Yjs4YgAH2JEKiwyYAAOvzI8pVaSdXvPPgtbe-w&u=%7Cc8dowKV9jjibchzkFoWf%2BGfY6l%2F1kcXcLNJSeGLhbGA%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8T4u80QieWILd5TR8FoAdDIg13kdb4HiJZNiYK0kb4UV19zmtod6ByHFPftApcSx-aIjdviSzQTKAUtkhRosTODUDVlsOuq-Uu11ouOZjER3LMti8F8nHiX7N1kZnKoAraHMTvmxWb49i3tzAGHB7ykk3dguaxM40QR7wCUfR3PEQUQhvkKQWS4wequupsBBhzG95KhDsp1lZAVMf1teDeh_4eRF-0KPsbain471DfbeswS0Cm9SUMS8T2JV2XihvwgRPyH7MmxzOzxjpzhedw6bOcUP3Kows-3UQgDXXYdyGmq880-CuDwykagW-QyCCWqJr0XgvCu8WsaagLT7KNLqFANBEbWeaLbhG4Oqc9-hrft4KTQzKX3_H9E2O9Y4pBXJzA5weT5c-xYF4sgbkvghtNbvpBMyKA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmODuYjg7YpGxH5iZrATM346ACsme0rFclaKX93DAjbcBEAEgAGCRBIIBF2NhLXB1Yi05NDU3NjIxNjA2MTM3MTM5oAHVttLqA8gBCakCgPHsJnxvsj6oAwGqBPQBT9DjvEndQYlGlIHiOCH2lV7m93QrCnwTrbSTuUHMijOst6Z2k-s9YFcG6mqualeWbhnOV18IKDWQjcCVCbLnY3eBOpFwtFULsUyqHMGgY4P-5gE6BBCyKy_msV6lI7uT4TZEi7VNGASqEpFMpRS4aHc-aWfbdAUOp2hbBMQUjcBiG5XjZu2KhrD-sbuQrq-LBjcFw9OOv6hXiiqfjwv9w_jH-t1oaMUaSRzARiAkzesridhUQdbysAlfYRgfwzw-6bsbRat3snb9FzpsgtwP6iYHv08aNvFl1FEuCG8eF8qXUd06LIpT6mGYg2g3sZZ82ZPzjoAG1daz7vPW055WoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1r6vizdzcArcMsZ7K8Y7QKVOzI3A%26client%3Dca-pub-9457621606137139%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220317/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4556d0dcde6f8ddaf47b86e9c819264715daba716727e44dc5436a1573b78790

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Wed, 23 Mar 2022 15:10:26 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=3ftS7L9mdD82hb-j03oDLuIMuMyD0R7g1A4Wq-KoTLBWfnOZmBZLeHBGXjcXBQ5peJ2VRkqGGKP8OZXxuR9EsyyH4V7lQ1O6Q7GiLrnL25Iiv_ohgs1X9nkN9DBVNWYAGWHAhvFLXeeqfqNmAsCO45adNoaWjQqfmpUXFEQJ9JZ7Ud8zhGhEPOXx-DVKZHJ0asjll6j_xoF5aYjBf-YRPFxUn0OTG4y9g3QQJXur6dUttyr1JYr6m73duTg"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 119335475
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/ Frame 98EC 2 KB
1 KB 75ms
24ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220317/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Apr 2022 15:10:13 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/ Frame 98EC 15 KB
7 KB 73ms
21ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220317/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:08:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Apr 2022 15:08:51 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 98EC 118 KB
36 KB 96ms
34ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220317/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f74c04529f8d5f9c248eda87caec654de5e5c61dd40e9ac4696b026d2841b131

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36708
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647862282720048"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Mar 2022 15:10:26 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/ Frame 0252 2 KB
1 KB 56ms
23ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9457621606137139&output=html&h=280&adk=3088186576&adf=1795251393&pi=t.aa~a.356315161~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1648048226&rafmt=1&to=qs&pwprc=5976604472&psa=0&format=1200x280&url=http%3A%2F%2Fdemo.html5xcss3.com%2Fdemo.php%3Fname%3Donline%2Bcasino%2Bnederland%26url%3Donlinecasino2go.com&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1648048226710&bpp=2&bdt=1311&idt=2&shv=r20220317&mjsv=m202203170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db9a601c62ed87995-22f0600763cd002a%3AT%3D1648048226%3ART%3D1648048226%3AS%3DALNI_Ma86td_MdytgOTUBqVhv0y1eUxLDA&prev_fmts=0x0&prev_slotnames=5266722650&nras=2&correlator=4560837022948&frm=20&pv=1&ga_vid=1573912709.1648048226&ga_sid=1648048226&ga_hid=1100592057&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C182982100%2C182982300%2C31065655%2C31065657&oid=2&pvsid=508628886891195&pem=97&tmod=498679221&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=62QRMyVWSj&p=http%3A//demo.html5xcss3.com&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Apr 2022 15:10:13 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/ Frame 0252 15 KB
6 KB 54ms
21ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:08:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Apr 2022 15:08:51 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 0252 0
0 82ms
30ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ2kAzJDz7bs7x4oEuRIEqcRy2qlsdFuRuvTVLwiXzhdkk4TJdPySjFLwABR9Vj0wIrxb79Wu3xCpm1UFmn_DaVgUdKWA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9457621606137139&output=html&h=280&adk=3088186576&adf=1795251393&pi=t.aa~a.356315161~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1648048226&rafmt=1&to=qs&pwprc=5976604472&psa=0&format=1200x280&url=http%3A%2F%2Fdemo.html5xcss3.com%2Fdemo.php%3Fname%3Donline%2Bcasino%2Bnederland%26url%3Donlinecasino2go.com&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1648048226710&bpp=2&bdt=1311&idt=2&shv=r20220317&mjsv=m202203170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db9a601c62ed87995-22f0600763cd002a%3AT%3D1648048226%3ART%3D1648048226%3AS%3DALNI_Ma86td_MdytgOTUBqVhv0y1eUxLDA&prev_fmts=0x0&prev_slotnames=5266722650&nras=2&correlator=4560837022948&frm=20&pv=1&ga_vid=1573912709.1648048226&ga_sid=1648048226&ga_hid=1100592057&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C182982100%2C182982300%2C31065655%2C31065657&oid=2&pvsid=508628886891195&pem=97&tmod=498679221&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=62QRMyVWSj&p=http%3A//demo.html5xcss3.com&dtd=9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0252 118 KB
36 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f74c04529f8d5f9c248eda87caec654de5e5c61dd40e9ac4696b026d2841b131

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36708
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647862282720048"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Mar 2022 15:10:26 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0252 0
0 62ms
62ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CxPmxYjg7Yp7JLuqUiQawtKL4Ccme0rFczfHi3YgBwI23ARABIABgkQSCARdjYS1wdWItOTQ1NzYyMTYwNjEzNzEzOaAB1bbS6gPIAQmpAgMhFmK3dbI-qAMBqgT3AU_QEryLLD9pa-n9id5pAaxsQqex8Akz0wQTdw3KLGJUTcWIoAyhTX51PYPdUzRr9-JIV6osNkToLvsQqi8gqQY45rDTqdoCw2fyh_IcWHchPVfg9OouZkeJ68CZwHyguSoUJVcOUylDBTClf0vnU_QgbWRXMovyavFjgg7JjmWzDaBRAMA7Ff9FOgIMQHS3TgD9rQ5ck2n080AntjzmAwUQAzRBy2imI-8m4Ex7ACJnrE2YCXYq9FHD4MLsewt8bZYh5qD1wJbMsh4YxJXEj4NeifOQx8Edv0bMi3_fMRDjR5HONPz7WFOZe2Rl1ygS0ufjRtO5tPWABtXWs-7z1tOeVqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTk0NTc2MjE2MDYxMzcxMzkYAA&sigh=Pm--HpWgHZA&uach_m=[UACH]&cid=CAQSPACNIrLM1SHGX8rjm4COew68H65eMAuDGQGBOFHxg3LDr3WJ7TN8_BHWbu_W8HpJ9suFffaDZbqWt8hS7hgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9457621606137139&output=html&h=280&adk=3088186576&adf=1795251393&pi=t.aa~a.356315161~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1648048226&rafmt=1&to=qs&pwprc=5976604472&psa=0&format=1200x280&url=http%3A%2F%2Fdemo.html5xcss3.com%2Fdemo.php%3Fname%3Donline%2Bcasino%2Bnederland%26url%3Donlinecasino2go.com&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1648048226710&bpp=2&bdt=1311&idt=2&shv=r20220317&mjsv=m202203170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db9a601c62ed87995-22f0600763cd002a%3AT%3D1648048226%3ART%3D1648048226%3AS%3DALNI_Ma86td_MdytgOTUBqVhv0y1eUxLDA&prev_fmts=0x0&prev_slotnames=5266722650&nras=2&correlator=4560837022948&frm=20&pv=1&ga_vid=1573912709.1648048226&ga_sid=1648048226&ga_hid=1100592057&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C182982100%2C182982300%2C31065655%2C31065657&oid=2&pvsid=508628886891195&pem=97&tmod=498679221&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=62QRMyVWSj&p=http%3A//demo.html5xcss3.com&dtd=9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 23 Mar 2022 15:10:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 0252 0
0 48ms
16ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=UK3rErz6RLAJmAKdg2ICAgAAAJmLpc_Gb1emEGI4O2Jv5wAJOjt1tQEmYAAS&wp=Yjs4YgALpJ4KwkpqAAiaMPxG_HVPSFL27MKneg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:26 GMT
server: Kestrel
server-processing-duration-in-ticks: 256023
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame E32C 212 KB
59 KB 186ms
186ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Yjs4YgALpJ4KwkpqAAiaMPxG_HVPSFL27MKneg&u=%7Cc8dowKV9jjgPNr0zyt5efRbE8bRC%2FibUD4qyryjMXHE%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8T4u80QieWILd5TR8FoAdDIA2zyblZUiaCGuTlswq9ZmLUN1E-VCSG1HY5NSdVMwLv5D5IlClH4HEhtrPumFEXrri2LZpEaGmd5qy12K4CRd1EoG2TdIazUXkIefTelmHn_VDPD5QqRkOstKb8Zzh3WVpDIWKNBjzaUY9aqlaJhCYaUp0nHm46PqtR0wdHW655tbsyMYyeTOt159uO1_xlqcoNrs1vgaw5ogv5hNFZmDtomrFLfDhOeVCKIQNXzjNeJArL_pnhdNadDaHhnNkqCw2dZTiAc_i-KsmwQ6GRplE7Hhox4pnACv6K-KzX0EywL2-Txii_TQdo03txzoOHW3TWeB2G-l120B18uy8Ok0_kiwa379-N-x3VMmH69avr6cZGsJy_ah1gget9biRr5nY2RLl86gX38vOaeAR3v8g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP1blYjg7Yp7JLuqUiQawtKL4Ccme0rFczfHi3YgBwI23ARABIABgkQSCARdjYS1wdWItOTQ1NzYyMTYwNjEzNzEzOaAB1bbS6gPIAQmpAgMhFmK3dbI-qAMBqgT6AU_QEryLLD9pa-n9id5pAaxsQqex8Akz0wQTdw3KLGJUTcWIoAyhTX51PYPdUzRr9-JIV6osNkToLvsQqi8gqQY45rDTqdoCw2fyh_IcWHchPVfg9OouZkeJ68CZwHyguSoUJVcOUylDBTClf0vnU_QgbWRXMovyavFjgg7JjmWzDaBRAMA7Ff9FOgIMQHS3TgD9rQ5ck2n080AntjzmAwUQAzRBy2imI-8m4Ex7ACJnrE2YCXYq9FHD4MLsewt8bZYh5qD1wJbMsh4YxJXEj4Ney_GxVUaSI1VzF2t84S1Fv5jaPkrxdksbz6xYcdqtzMv7w3k9p0qml0KABtXWs-7z1tOeVqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0_egwBIFmSIR13qr3q32Y1mWDH_g%26client%3Dca-pub-9457621606137139%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7ee575ceb3eed7797a1380d8e1d10523fc2bad3353d070e1dcf9b985c743a3e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Wed, 23 Mar 2022 15:10:26 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=D8VSRL9mdD82hb-jaPLJvwLoJSbIqwsK-l7yiuWh4H_6WK5WxL6-Tc1I6XpyJBKlZ2geZY2ZOPTYoSxnEKt80CNPUzYAq4bLuJIdreQbBv6FX-j-TpzHePSH0V8wn3ryq2B3WmOkadEuN4YJ7E_JqhCUOtFUckQ5Vmpcm3G7oDysfSp3N8aXvDHUGX6Kkyp_1VR1NrAgDTzgk-JGprq5CMdB3sPYl2XFSOH52pDTH6q2J5-fZXTlMbZxyX2TD3XenTP2Pw"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 169530803
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3767 1 KB
749 B 22ms
21ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Wed, 23 Mar 2022 05:53:44 GMT
expires: Thu, 24 Mar 2022 05:53:44 GMT
cache-control: public, max-age=86400
age: 33402
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 98EC 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b642bedd348703b06816f08d1718e5bbf6ea431825ca0395843ed2076b0fe9fa

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 3767 35 B
463 B 72ms
23ms Image
image/gif 2620:116:800d:21:ee05:6a01:4b41:8c89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECqpSUZB6CKy4WeiHAv4VW8&google_cver=1&google_push=AYg5qPL7fni1-slw3nwdxGufIS-MsfMy9ChWbdDlX7qR3-LrUSuOshQ5NcitFeOKt_1Wzc3S3RbWnTRkgj46rjArufYKr7OMfp0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 15:10:27 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 3767 43 B
324 B 71ms
33ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEOhcQRVMwDaUGraMb0LqmcE&google_push=AYg5qPKskpyiseaqpNkogGKN_X8J5Ha9gvdg3tyksKqcFMyhufYe8x1B93edubL__AYMElshJcbHTxTU0ukbKiifeqt9M5O-uYU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9457621606137139&output=html&h=280&adk=3088186576&adf=1795251393&pi=t.aa~a.356315161~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1648048226&rafmt=1&to=qs&pwprc=5976604472&psa=0&format=1200x280&url=http%3A%2F%2Fdemo.html5xcss3.com%2Fdemo.php%3Fname%3Donline%2Bcasino%2Bnederland%26url%3Donlinecasino2go.com&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1648048226710&bpp=2&bdt=1311&idt=2&shv=r20220317&mjsv=m202203170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db9a601c62ed87995-22f0600763cd002a%3AT%3D1648048226%3ART%3D1648048226%3AS%3DALNI_Ma86td_MdytgOTUBqVhv0y1eUxLDA&prev_fmts=0x0&prev_slotnames=5266722650&nras=2&correlator=4560837022948&frm=20&pv=1&ga_vid=1573912709.1648048226&ga_sid=1648048226&ga_hid=1100592057&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C182982100%2C182982300%2C31065655%2C31065657&oid=2&pvsid=508628886891195&pem=97&tmod=498679221&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=62QRMyVWSj&p=http%3A//demo.html5xcss3.com&dtd=9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 15:10:27 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 3767 43 B
350 B 56ms
23ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEDn05SZNKvaao73A96sdWDo&google_cver=1&google_push=AYg5qPJ-FDXvAXEF3HxSKc-2YA5pfFPhoY8dOLsdnDGmLrlaSFUfPPTjOOAQ2gm4k4L-JoVmaxldD0P8a5kB0Ns2mg-nNHRAVSs
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9457621606137139&output=html&h=280&adk=3088186576&adf=1795251393&pi=t.aa~a.356315161~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1648048226&rafmt=1&to=qs&pwprc=5976604472&psa=0&format=1200x280&url=http%3A%2F%2Fdemo.html5xcss3.com%2Fdemo.php%3Fname%3Donline%2Bcasino%2Bnederland%26url%3Donlinecasino2go.com&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1648048226710&bpp=2&bdt=1311&idt=2&shv=r20220317&mjsv=m202203170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db9a601c62ed87995-22f0600763cd002a%3AT%3D1648048226%3ART%3D1648048226%3AS%3DALNI_Ma86td_MdytgOTUBqVhv0y1eUxLDA&prev_fmts=0x0&prev_slotnames=5266722650&nras=2&correlator=4560837022948&frm=20&pv=1&ga_vid=1573912709.1648048226&ga_sid=1648048226&ga_hid=1100592057&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C182982100%2C182982300%2C31065655%2C31065657&oid=2&pvsid=508628886891195&pem=97&tmod=498679221&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=62QRMyVWSj&p=http%3A//demo.html5xcss3.com&dtd=9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 15:10:26 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 8bjearilsd8bfkcnbthur8ofpinda044

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3767
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=bqh2iDSWQamGzYA3cA3bbw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

38ms
33ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=bqh2iDSWQamGzYA3cA3bbw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLDJYKMC0g37Ps0LwTfQZEme5tAlNOhzgNALHtAb9hANyftmZzaFiZzIM1ogJf0fmmWa89SqtQUfYnNXAxDneXmtQqvJQ

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 15:10:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=bqh2iDSWQamGzYA3cA3bbw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLDJYKMC0g37Ps0LwTfQZEme5tAlNOhzgNALHtAb9hANyftmZzaFiZzIM1ogJf0fmmWa89SqtQUfYnNXAxDneXmtQqvJQ
date: Wed, 23 Mar 2022 15:10:26 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3767
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEgR6Cz9tfd5a2xhyqcT0jY&google_cver=1&google_push=AYg5qPIMfQEmFkzBamjBJaNlbeiR5VNhXy3jTgq6IUT894BVK5uib3qR7mmFNUrNhC_pG0dTolV...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDEzUEQySTEtTS1EMDc2&google_push=AYg5qPIMfQEmFkzBamjBJaNlbeiR5VNhXy3jTgq6IUT894BVK5uib3qR7mmFNUrNhC_pG0dTolVoDBOPV3UG2GKd98KRKXU4pxI

170 B
188 B

63ms
33ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDEzUEQySTEtTS1EMDc2&google_push=AYg5qPIMfQEmFkzBamjBJaNlbeiR5VNhXy3jTgq6IUT894BVK5uib3qR7mmFNUrNhC_pG0dTolVoDBOPV3UG2GKd98KRKXU4pxI

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 15:10:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDEzUEQySTEtTS1EMDc2&google_push=AYg5qPIMfQEmFkzBamjBJaNlbeiR5VNhXy3jTgq6IUT894BVK5uib3qR7mmFNUrNhC_pG0dTolVoDBOPV3UG2GKd98KRKXU4pxI
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 3767
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBQAGiViI_pE-t686n1sjAc&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEBQAGiViI_pE-t686n1sjAc&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yjs4Y3n0a-b0QH28FY4x0QAABJoAAAAB&google_gid=CAESEBQAGiViI_pE-t686n1sjAc&google_cver=1&google_push=AYg5qPLUSNRhuxFGv_uat0tox1PyscUY_fBpK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yjs4Y3n0a-b0QH28FY4x0QAABJoAAAAB&google_gid=CAESEBQAGiViI_pE-t686n1sjAc&google_cver=1&google_push=AYg5qPLUSNRhuxFGv_uat0tox1PyscUY_fBpK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yjs4Y3n0a-b0QH28FY4x0QAABJoAAAAB&google_gid=CAESEBQAGiViI_pE-t686n1sjAc&google_cver=1&google_push=AYg5qPLUSNRhuxFGv_uat0tox1PyscUY_fBpK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yjs4Y3n0a-b0QH28FY4x0QAABJoAAAAB&google_gid=CAESEBQAGiViI_pE-t686n1sjAc&google_cver=1&google_push=AYg5qPLUSNRhuxFGv_uat0tox1PyscUY_fBpK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yjs4Y3n0a-b0QH28FY4x0QAABJoAAAAB&google_gid=CAESEBQAGiViI_pE-t686n1sjAc&google_cver=1&google_push=AYg5qPLUSNRhuxFGv_uat0tox1PyscUY_fBpK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yjs4Y3n0a-b0QH28FY4x0QAABJoAAAAB&google_gid=CAESEBQAGiViI_pE-t686n1sjAc&google_cver=1&google_push=AYg5qPLUSNRhuxFGv_uat0tox1PyscUY_fBpK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yjs4Y3n0a-b0QH28FY4x0QAABJoAAAAB&google_gid=CAESEBQAGiViI_pE-t686n1sjAc&google_cver=1&google_push=AYg5qPLUSNRhuxFGv_uat0tox1PyscUY_fBpK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yjs4Y3n0a-b0QH28FY4x0QAABJoAAAAB&google_gid=CAESEBQAGiViI_pE-t686n1sjAc&google_cver=1&google_push=AYg5qPLUSNRhuxFGv_uat0tox1PyscUY_fBpK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yjs4Y3n0a-b0QH28FY4x0QAABJoAAAAB&google_gid=CAESEBQAGiViI_pE-t686n1sjAc&google_cver=1&google_push=AYg5qPLUSNRhuxFGv_uat0tox1PyscUY_fBpK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yjs4Y3n0a-b0QH28FY4x0QAABJoAAAAB&google_gid=CAESEBQAGiViI_pE-t686n1sjAc&google_cver=1&google_push=AYg5qPLUSNRhuxFGv_uat0tox1PyscUY_fBpK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yjs4Y3n0a-b0QH28FY4x0QAABJoAAAAB&google_gid=CAESEBQAGiViI_pE-t686n1sjAc&google_cver=1&google_push=AYg5qPLUSNRhuxFGv_uat0tox1PyscUY_fBpK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yjs4Y3n0a-b0QH28FY4x0QAABJoAAAAB&google_gid=CAESEBQAGiViI_pE-t686n1sjAc&google_cver=1&google_push=AYg5qPLUSNRhuxFGv_uat0tox1PyscUY_fBpK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yjs4Y3n0a-b0QH28FY4x0QAABJoAAAAB&google_gid=CAESEBQAGiViI_pE-t686n1sjAc&google_cver=1&google_push=AYg5qPLUSNRhuxFGv_uat0tox1PyscUY_fBpK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yjs4Y3n0a-b0QH28FY4x0QAABJoAAAAB&google_gid=CAESEBQAGiViI_pE-t686n1sjAc&google_cver=1&google_push=AYg5qPLUSNRhuxFGv_uat0tox1PyscUY_fBpK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yjs4Y3n0a-b0QH28FY4x0QAABJoAAAAB&google_gid=CAESEBQAGiViI_pE-t686n1sjAc&google_cver=1&google_push=AYg5qPLUSNRhuxFGv_uat0tox1PyscUY_fBpK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yjs4Y3n0a-b0QH28FY4x0QAABJoAAAAB&google_gid=CAESEBQAGiViI_pE-t686n1sjAc&google_cver=1&google_push=AYg5qPLUSNRhuxFGv_uat0tox1PyscUY_fBpK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yjs4Y3n0a-b0QH28FY4x0QAABJoAAAAB&google_gid=CAESEBQAGiViI_pE-t686n1sjAc&google_cver=1&google_push=AYg5qPLUSNRhuxFGv_uat0tox1PyscUY_fBpK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yjs4Y3n0a-b0QH28FY4x0QAABJoAAAAB&google_gid=CAESEBQAGiViI_pE-t686n1sjAc&google_cver=1&google_push=AYg5qPLUSNRhuxFGv_uat0tox1PyscUY_fBpK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yjs4Y3n0a-b0QH28FY4x0QAABJoAAAAB&google_gid=CAESEBQAGiViI_pE-t686n1sjAc&google_cver=1&google_push=AYg5qPLUSNRhuxFGv_uat0tox1PyscUY_fBpK...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3767
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEAu4BmBFgjIdIIl8wPzAziw&google_cver=1&google_push=AYg5qPITRs0NsqPMKGc52Y7I...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPITRs0NsqPMKGc52Y7Igr0yiBxivmbmFh3TCd2FhGnZ4xokLAzINtyQUQvTMXBEzjV9cy4LBWjSdvvMlIUheKtvUEvuk9M&google_hm=

170 B
188 B

65ms
35ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPITRs0NsqPMKGc52Y7Igr0yiBxivmbmFh3TCd2FhGnZ4xokLAzINtyQUQvTMXBEzjV9cy4LBWjSdvvMlIUheKtvUEvuk9M&google_hm=

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 15:10:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Mar 2022 15:10:27 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPITRs0NsqPMKGc52Y7Igr0yiBxivmbmFh3TCd2FhGnZ4xokLAzINtyQUQvTMXBEzjV9cy4LBWjSdvvMlIUheKtvUEvuk9M&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Tue, 22 Mar 2022 15:10:27 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 3767 0
223 B 83ms
31ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J8upyne-4wqPx8_h8cC-r61a4SN3GDCyUymALahEf-yihNHPqT29duS3_66nYoKJDvQ9RsFA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:27 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 0252 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 58a331774d3aff9a14bebe6c271f4d025c163136c99f9e6dbe270d49677d0a17

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame C50C 2 KB
1 KB 74ms
24ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yjs4YgAH2JEKiwyYAAOvzI8pVaSdXvPPgtbe-w&u=%7Cc8dowKV9jjibchzkFoWf%2BGfY6l%2F1kcXcLNJSeGLhbGA%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8T4u80QieWILd5TR8FoAdDIg13kdb4HiJZNiYK0kb4UV19zmtod6ByHFPftApcSx-aIjdviSzQTKAUtkhRosTODUDVlsOuq-Uu11ouOZjER3LMti8F8nHiX7N1kZnKoAraHMTvmxWb49i3tzAGHB7ykk3dguaxM40QR7wCUfR3PEQUQhvkKQWS4wequupsBBhzG95KhDsp1lZAVMf1teDeh_4eRF-0KPsbain471DfbeswS0Cm9SUMS8T2JV2XihvwgRPyH7MmxzOzxjpzhedw6bOcUP3Kows-3UQgDXXYdyGmq880-CuDwykagW-QyCCWqJr0XgvCu8WsaagLT7KNLqFANBEbWeaLbhG4Oqc9-hrft4KTQzKX3_H9E2O9Y4pBXJzA5weT5c-xYF4sgbkvghtNbvpBMyKA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmODuYjg7YpGxH5iZrATM346ACsme0rFclaKX93DAjbcBEAEgAGCRBIIBF2NhLXB1Yi05NDU3NjIxNjA2MTM3MTM5oAHVttLqA8gBCakCgPHsJnxvsj6oAwGqBPQBT9DjvEndQYlGlIHiOCH2lV7m93QrCnwTrbSTuUHMijOst6Z2k-s9YFcG6mqualeWbhnOV18IKDWQjcCVCbLnY3eBOpFwtFULsUyqHMGgY4P-5gE6BBCyKy_msV6lI7uT4TZEi7VNGASqEpFMpRS4aHc-aWfbdAUOp2hbBMQUjcBiG5XjZu2KhrD-sbuQrq-LBjcFw9OOv6hXiiqfjwv9w_jH-t1oaMUaSRzARiAkzesridhUQdbysAlfYRgfwzw-6bsbRat3snb9FzpsgtwP6iYHv08aNvFl1FEuCG8eF8qXUd06LIpT6mGYg2g3sZZ82ZPzjoAG1daz7vPW055WoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1r6vizdzcArcMsZ7K8Y7QKVOzI3A%26client%3Dca-pub-9457621606137139%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:27 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 18 Mar 2023 15:10:27 GMT

GET
H2 200 adchoices_nl.svg
static.criteo.net/flash/icon/ Frame C50C 2 KB
1 KB 74ms
25ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_nl.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:27 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-754"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 18 Mar 2023 15:10:27 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame C50C 308 B
636 B 75ms
26ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:27 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 18 Mar 2023 15:10:27 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame C50C 507 B
835 B 74ms
25ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:27 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Sat, 18 Mar 2023 15:10:27 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame C50C 43 B
348 B 51ms
18ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=ORVF3Rt-4fR4J1QxDGnlSiCfs89kmB1sot4DmkeyrU5fwhP_KXgUsx5_8ak5J1ESuiV42yocGez81sMgQKDZDyjYKU8HLH3N7TzNnr_RShl2dyWXt9d7HmUwZhlWkSr_qicdpF7nqJJuYkP2bj8UM2qNQ4dQ5XwsjeqkRp119rI4vU488-V7AbcTw2sm817p7Xxum1G-dyetEPXB0IioxwgXbBq6PeDlFKn5_Lz5-vNWBAsxACniXUnJqEDOVGlEeZtLOFwB4hgFhlweGW62SiGXR94Ol1nkeU91Nz-qxEBXim9GZIIwUvA7Uq9OIFvUwn1qvcgI_N9rZUxA5jIJU3bBscCPZwWL3I3uwy4nAY05bl9pWNXpoPBIh_MsKM8w9TbdEuZfE-UFAO8Mgf0ZtQBirmewbwHwJnAbq2fBCrZdF9IMJOhdjHbvp4sWBICQPYpEjQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 15:10:27 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3138733
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame C50C 12 KB
5 KB 63ms
27ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 502632
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wBpVKkzZNYar7M9EnMtuK7bYeuIp6qhJDoN%2BPgv808UkSsrMgbiSa9r7660CXaLgrgv8Kq0wg4jyBB0Z%2F6ikD%2FysSOKbcI01pIgNCDPjcG4VwiaTgtR2yhl0lortalj%2F0EvVz9ImyFaunwYgNFRbUXvU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f08180b3b220095-AMS
expires: Mon, 13 Mar 2023 15:10:27 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame C50C 12 KB
6 KB 48ms
28ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:27 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 18 Mar 2023 15:10:27 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C50C 13 KB
13 KB 52ms
17ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=244&m=0&partner=65144&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F65144%2F210330%2F8a889ee58b4e4423b489d88dfe63dad7_logo_vertical_03.png&v=3&w=464&s=dmWYPxjiLGAckxH6Cn1D-DY3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

8b5abf902c157c372285a8277bd336ce30ac5efe1422a610d3b89e8024174e15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:26 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29590783
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 13506
expires: Wed, 01 Mar 2023 02:50:10 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C50C 8 KB
9 KB 67ms
32ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=65144&q=80&r=0&u=https%3A%2F%2Fstatic2-ecemea.acer.com%2Fmedia%2Fcatalog%2Fproduct%2F_%2Fa%2F_acer-chromebox_cxi4_premium_1000main.png&v=3&w=800&s=DBKTWd2TPhQsgqm_5S5R4xt1&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

635fc3642d77c0ffc3368165582c4d03124eff007d5f58f6beca929f7785904a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:26 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=353164
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 8576
expires: Sun, 27 Mar 2022 17:16:31 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C50C 10 KB
10 KB 72ms
37ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=65144&q=80&r=0&u=https%3A%2F%2Fstatic2-ecemea.acer.com%2Fmedia%2Fcatalog%2Fproduct%2F_%2Fs%2F_swift-3-sf314-511-fpbl-br-main1000_nx.acseh.002.png&v=3&w=800&s=SHO1JB4liMNwzuUyjCoKedWM&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

93e21c63ad9b6ddeb3fff7229843a4b76036f45a4a1d97995d582e63a5d31faf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:26 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=166429
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 10238
expires: Fri, 25 Mar 2022 13:24:16 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C50C 10 KB
10 KB 76ms
41ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=65144&q=80&r=0&u=https%3A%2F%2Fstatic2-ecemea.acer.com%2Fmedia%2Fcatalog%2Fproduct%2F_%2Fa%2F_acer-travelmate-p2_tmp215-53-53g_fp-backlit_1000main_nx.vqbeh.007.png&v=3&w=800&s=DATv2_Kdzl50LoLUEwiRv6a2&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e60b5ae2f507c6b3008250bc07ef6245df6b6bdef292c6097e130d3cd3a8340b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:27 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=107665
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 9856
expires: Thu, 24 Mar 2022 21:04:52 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C50C 9 KB
9 KB 76ms
41ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=65144&q=80&r=0&u=https%3A%2F%2Fstatic2-ecemea.acer.com%2Fmedia%2Fcatalog%2Fproduct%2F_%2Fa%2F_acer-swift-5_sf514-55_fp_gold_1000main_nx.a35eh.007.png&v=3&w=800&s=-J-Z4BkFa9zeyEdWcY_z7Ii2&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

27cfb89c20dbf9a8c50a91a383dd87cd40fc0921d11bdd4c86725a9cf0c11136

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:26 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=268887
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 9040
expires: Sat, 26 Mar 2022 17:51:54 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame C50C 0
128 B 78ms
24ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=3ftS7L9mdD82hb-j03oDLuIMuMyD0R7g1A4Wq-KoTLBWfnOZmBZLeHBGXjcXBQ5peJ2VRkqGGKP8OZXxuR9EsyyH4V7lQ1O6Q7GiLrnL25Iiv_ohgs1X9nkN9DBVNWYAGWHAhvFLXeeqfqNmAsCO45adNoaWjQqfmpUXFEQJ9JZ7Ud8zhGhEPOXx-DVKZHJ0asjll6j_xoF5aYjBf-YRPFxUn0OTG4y9g3QQJXur6dUttyr1JYr6m73duTg&sds=2&rev=80956&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 23 Mar 2022 15:10:26 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 css
fonts.googleapis.com/ Frame C50C 2 KB
937 B 105ms
32ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c3d628f4e66cecd08fd6e79132a41585dfd209b14bd6e0695af0842025ee2768

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 14:42:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 23 Mar 2022 15:10:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Mar 2022 15:10:27 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame E32C 2 KB
1 KB 31ms
25ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yjs4YgALpJ4KwkpqAAiaMPxG_HVPSFL27MKneg&u=%7Cc8dowKV9jjgPNr0zyt5efRbE8bRC%2FibUD4qyryjMXHE%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8T4u80QieWILd5TR8FoAdDIA2zyblZUiaCGuTlswq9ZmLUN1E-VCSG1HY5NSdVMwLv5D5IlClH4HEhtrPumFEXrri2LZpEaGmd5qy12K4CRd1EoG2TdIazUXkIefTelmHn_VDPD5QqRkOstKb8Zzh3WVpDIWKNBjzaUY9aqlaJhCYaUp0nHm46PqtR0wdHW655tbsyMYyeTOt159uO1_xlqcoNrs1vgaw5ogv5hNFZmDtomrFLfDhOeVCKIQNXzjNeJArL_pnhdNadDaHhnNkqCw2dZTiAc_i-KsmwQ6GRplE7Hhox4pnACv6K-KzX0EywL2-Txii_TQdo03txzoOHW3TWeB2G-l120B18uy8Ok0_kiwa379-N-x3VMmH69avr6cZGsJy_ah1gget9biRr5nY2RLl86gX38vOaeAR3v8g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP1blYjg7Yp7JLuqUiQawtKL4Ccme0rFczfHi3YgBwI23ARABIABgkQSCARdjYS1wdWItOTQ1NzYyMTYwNjEzNzEzOaAB1bbS6gPIAQmpAgMhFmK3dbI-qAMBqgT6AU_QEryLLD9pa-n9id5pAaxsQqex8Akz0wQTdw3KLGJUTcWIoAyhTX51PYPdUzRr9-JIV6osNkToLvsQqi8gqQY45rDTqdoCw2fyh_IcWHchPVfg9OouZkeJ68CZwHyguSoUJVcOUylDBTClf0vnU_QgbWRXMovyavFjgg7JjmWzDaBRAMA7Ff9FOgIMQHS3TgD9rQ5ck2n080AntjzmAwUQAzRBy2imI-8m4Ex7ACJnrE2YCXYq9FHD4MLsewt8bZYh5qD1wJbMsh4YxJXEj4Ney_GxVUaSI1VzF2t84S1Fv5jaPkrxdksbz6xYcdqtzMv7w3k9p0qml0KABtXWs-7z1tOeVqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0_egwBIFmSIR13qr3q32Y1mWDH_g%26client%3Dca-pub-9457621606137139%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:27 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 18 Mar 2023 15:10:27 GMT

GET
H2 200 adchoices_nl.svg
static.criteo.net/flash/icon/ Frame E32C 2 KB
1 KB 25ms
23ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_nl.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:27 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-754"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 18 Mar 2023 15:10:27 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame E32C 308 B
636 B 25ms
23ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:27 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 18 Mar 2023 15:10:27 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame E32C 507 B
835 B 25ms
24ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:27 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Sat, 18 Mar 2023 15:10:27 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame E32C 43 B
347 B 20ms
19ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=6e7w2CnMOmQD60p_lE6DUZ2y3i_v1UlNIG-yaFp4LPcQ85x10KuQEIwU26VdQ5rYz-Z4ucDwMLjbKEYEtgGuzpm7AH3v-qAvKYJtI8KjHtvpf2Hiy-0f2Si5FVvzNa7I9rCnlW2zGVXjcIishmfW3I5akkK9FYkIjwNxWVmUOXQq2Auxx4ieTDrWu7PlYx2RrKBgKDONfz2vke_UxcX0nkUM6B-0Ih2AXc7tQ6NLNJAeYZApAIgq2UK9PT28p59AjDQs2X0ay8bRmrIcOHuWFNHgLBlsWCYbFBfPZ72lpebEO-dHvgpaeKN3KbBRTNmoQkk66d0xwZn8JEsH47yDpqXQ01PEGLhJCAwesK9zGAw_326LXDe5QIak9rSn4Kb5FXR87Jt97qIq7P9IrvYL6yV1w5dvO1TWcf2xrIUTd_sf3bXN3cIdVhwFMPKU0zxRpDjGPQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 15:10:26 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3524752
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame E32C 12 KB
5 KB 46ms
25ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 502632
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MFKlG82rEqd6WXPVXyLox5i7PkCX4BQ5cVL4pbPXyHGU1eGIvGNUX3HMK%2BN5jae112qBCJ%2F9PpW%2FZzU31%2BC5SggO1WeVrJMexmXlGqlU1T6TTqaknyHKZcEwJQVOUJWfMHmmb8SKcbM%2FZcH0hcom0d3W"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f08180bee38d901-AMS
expires: Mon, 13 Mar 2023 15:10:27 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame E32C 12 KB
6 KB 27ms
25ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:27 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 18 Mar 2023 15:10:27 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame E32C 8 KB
9 KB 16ms
15ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

635fc3642d77c0ffc3368165582c4d03124eff007d5f58f6beca929f7785904a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:26 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=353163
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 8576
expires: Sun, 27 Mar 2022 17:16:31 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame E32C 13 KB
13 KB 18ms
16ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=556&m=0&partner=65144&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F65144%2F210330%2F8a889ee58b4e4423b489d88dfe63dad7_logo_vertical_03.png&v=3&w=528&s=VGf1TkB9nSl_IKgORlrXVrXz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

8b5abf902c157c372285a8277bd336ce30ac5efe1422a610d3b89e8024174e15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:26 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29590783
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 13506
expires: Wed, 01 Mar 2023 02:50:10 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame E32C 9 KB
10 KB 24ms
21ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=65144&q=80&r=0&u=https%3A%2F%2Fstatic2-ecemea.acer.com%2Fmedia%2Fcatalog%2Fproduct%2F_%2Fa%2F_aspire-vero-av15-51_1000main_nx.ayceh.005.png&v=3&w=800&s=nq9N4DDkXAYQbiDfXT9ZLlnE&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

b3e94e3b9a1e07433fbc07a13858199356f7b9990169ffde395ac8fdba225059

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:27 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=609054
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 9720
expires: Wed, 30 Mar 2022 16:21:21 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame E32C 10 KB
10 KB 20ms
18ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=65144&q=80&r=0&u=https%3A%2F%2Fstatic2-ecemea.acer.com%2Fmedia%2Fcatalog%2Fproduct%2F_%2Fs%2F_swift1_sf114-34_fpbl_sv_1000main.png&v=3&w=800&s=CBWMC4Ay8nSriYCfr8yOH1jq&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

1d02a44f7a84fb9c747e8b0c3ada7aa60fbc8581dd66cd207eb39eead968341c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:26 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1191537
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 10380
expires: Wed, 06 Apr 2022 10:09:24 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame E32C 9 KB
10 KB 22ms
19ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=65144&q=80&r=0&u=https%3A%2F%2Fstatic2-ecemea.acer.com%2Fmedia%2Fcatalog%2Fproduct%2F_%2Fa%2F_acer-aspire-5_a514-54-54g_with-fp-backlit_silver_1000main_nx.a68eh.003.png&v=3&w=800&s=ocHT9O5qvvEfjXrAR-GnePNI&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

effa30b201123d9111b7d7b6f11a6923418cf7b61ba0827d50086d0e8a38d193

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:26 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=91480
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 9678
expires: Thu, 24 Mar 2022 16:35:08 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame E32C 9 KB
9 KB 39ms
37ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=65144&q=80&r=0&u=https%3A%2F%2Fstatic2-ecemea.acer.com%2Fmedia%2Fcatalog%2Fproduct%2F_%2Fa%2F_acer-swift-5_sf514-55_fp_gold_1000main_nx.a35eh.006.png&v=3&w=800&s=oUP7p_8N8Li72WUYDHABfk_J&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

27cfb89c20dbf9a8c50a91a383dd87cd40fc0921d11bdd4c86725a9cf0c11136

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:27 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=298098
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 9040
expires: Sun, 27 Mar 2022 01:58:45 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame E32C 11 KB
11 KB 25ms
23ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=65144&q=80&r=0&u=https%3A%2F%2Fstatic2-ecemea.acer.com%2Fmedia%2Fcatalog%2Fproduct%2F_%2Fa%2F_acer-swift-3_sf314-59_fp-backlit_aqua-blue_1000main_nx.a5qeh.004.png&v=3&w=800&s=Ox0N-we7IGmNQKpBSqkYMiQw&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

4d5f5c631a056cf30675fa3d25dcce89749522776b45ed5385fb5165977ce3a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:26 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=709375
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 11106
expires: Thu, 31 Mar 2022 20:13:22 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame E32C 10 KB
10 KB 25ms
23ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=65144&q=80&r=0&u=https%3A%2F%2Fstatic2-ecemea.acer.com%2Fmedia%2Fcatalog%2Fproduct%2F_%2Fs%2F_swift-3-sf314-511-fpbl-sv_1000main_nx.ableh.003.png&v=3&w=800&s=6EctNQMNB3Cqtdh5nFCqa4v-&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

2a88596d8c0a225f0cdf6b710209c1089865da2d0785d38f21dbc0e3068945ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:27 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=618453
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 10106
expires: Wed, 30 Mar 2022 18:58:00 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame E32C 11 KB
12 KB 35ms
33ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=65144&q=80&r=0&u=https%3A%2F%2Fstatic2-ecemea.acer.com%2Fmedia%2Fcatalog%2Fproduct%2F_%2Fe%2F_enduro-urban-n3-eun314-51w-51wg-bl-gr_1000main_nr.r1ceh.006.png&v=3&w=800&s=fxjFTpx9v5moGEDW1rdjsFMl&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

245408098f6dd7d80a63ef3d93354456f326d4cf1fce18a570950cdc8d3c9985

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:26 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=782780
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 11582
expires: Fri, 01 Apr 2022 16:36:47 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame E32C 33 KB
33 KB 28ms
26ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=65144&q=80&r=0&u=https%3A%2F%2Fstatic2-ecemea.acer.com%2Fmedia%2Fcatalog%2Fproduct%2Fa%2Fc%2Facer-spin-5_-sp513-55n-55na_fp-backlit_steel-gray_main_nx.a5peh.006.png&v=3&w=800&s=dGZlClT-BVuGoxHd0WL7OOKd&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

5d46bea8e4553cd5cdc3a2261c47c4ba7c01a40aa00519313afbc8a97680940d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:26 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=703050
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 34018
expires: Thu, 31 Mar 2022 18:27:57 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame E32C 0
127 B 25ms
25ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=D8VSRL9mdD82hb-jaPLJvwLoJSbIqwsK-l7yiuWh4H_6WK5WxL6-Tc1I6XpyJBKlZ2geZY2ZOPTYoSxnEKt80CNPUzYAq4bLuJIdreQbBv6FX-j-TpzHePSH0V8wn3ryq2B3WmOkadEuN4YJ7E_JqhCUOtFUckQ5Vmpcm3G7oDysfSp3N8aXvDHUGX6Kkyp_1VR1NrAgDTzgk-JGprq5CMdB3sPYl2XFSOH52pDTH6q2J5-fZXTlMbZxyX2TD3XenTP2Pw&sds=2&rev=80956&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 23 Mar 2022 15:10:27 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C50C 8 KB
9 KB 35ms
35ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

635fc3642d77c0ffc3368165582c4d03124eff007d5f58f6beca929f7785904a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:26 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=353163
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 8576
expires: Sun, 27 Mar 2022 17:16:31 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame E32C 8 KB
9 KB 19ms
16ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

635fc3642d77c0ffc3368165582c4d03124eff007d5f58f6beca929f7785904a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:26 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=353163
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 8576
expires: Sun, 27 Mar 2022 17:16:31 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E32C 2 KB
435 B 64ms
32ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c3d628f4e66cecd08fd6e79132a41585dfd209b14bd6e0695af0842025ee2768

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 13:44:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 23 Mar 2022 15:10:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Mar 2022 15:10:27 GMT

GET
H2 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v26/ Frame C50C 31 KB
31 KB 91ms
32ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v26/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e14a625deb5e7cb388813d12ff906c39d7140ead453b49a22cc7d11497035790

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 09:53:10 GMT
x-content-type-options: nosniff
age: 451037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31248
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:37:29 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 18 Mar 2023 09:53:10 GMT

GET
H2 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v26/ Frame E32C 31 KB
31 KB 43ms
43ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v26/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e14a625deb5e7cb388813d12ff906c39d7140ead453b49a22cc7d11497035790

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 09:53:10 GMT
x-content-type-options: nosniff
age: 451037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31248
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:37:29 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 18 Mar 2023 09:53:10 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.12.0/webfonts/ Frame 3D0D 74 KB
75 KB 60ms
24ms Font
font/woff2 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.12.0/webfonts/fa-solid-900.woff2
Requested by: Host: www.onlinecasino2go.com
URL: https://www.onlinecasino2go.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4

Request headers

Referer: https://www.onlinecasino2go.com/
Origin: https://www.onlinecasino2go.com
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:27 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 93227
cf-ray: 6f08180ddce34c6e-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76084
x-amz-id-2: iG2yVaZZ/rS151LbRuQ+aH26Fz4MGsPUdX1ho1846N/bH92iicz8yu1P+XaonjWK9Efs8uRMkSI=
last-modified: Wed, 30 Jun 2021 15:38:16 GMT
server: cloudflare
etag: "f6121be597a72928f54e7ab5b95512a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QW2Bf5AqyjVkzUR1k9aLbHo7P1Om1CRzLCtQrlU2u6eVBf84tfTY2tW71IxFGt%2BZ8I5hTrRsrGfxQZM9uSLq9hFkvcm2omCU8Xr%2BpzAqFYAw6HduPzYdk8VRvA6KWJBctKy5uMgPThCgo0rSIR59T4ai"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: C03A2HEV7NYKAWJH
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.12.0/webfonts/ Frame 3D0D 74 KB
75 KB 77ms
41ms Font
font/woff2 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.12.0/webfonts/fa-brands-400.woff2
Requested by: Host: www.onlinecasino2go.com
URL: https://www.onlinecasino2go.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e4560c16c7970efa47680450b2cf239d4a482c056d308acea12bb9022906c8b

Request headers

Referer: https://www.onlinecasino2go.com/
Origin: https://www.onlinecasino2go.com
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:27 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 339955
cf-ray: 6f08180ddce64c6e-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 75936
x-amz-id-2: WfnEj0EXnHpBafzRX/fm8yw4174lDfuE7M9f3Hl7HmFKlXsyG5GeUiwQVrOQOPEv8AhdaqhPRu4=
last-modified: Wed, 30 Jun 2021 15:38:16 GMT
server: cloudflare
etag: "822d94f19fe57477865209e1242a3c63"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bIz2r8%2FUMCFUls5iCaE0my%2F%2BtojARiItM3%2BFg9xB2nXITsGWVGS1ieNkdyWU8gzZkSeUvD%2Bbk%2BmBIHa%2BGc3iehlQXtlYdEdnvst1tH%2FIdBKKM8f%2BOEFGsIqh8te2dir0S%2FAQfamH9xlsvXbuTJgQItSA"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: F3BERK4EHS63FSK5
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H2 200 fa-regular-400.woff2
use.fontawesome.com/releases/v5.12.0/webfonts/ Frame 3D0D 13 KB
14 KB 76ms
39ms Font
font/woff2 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.12.0/webfonts/fa-regular-400.woff2
Requested by: Host: www.onlinecasino2go.com
URL: https://www.onlinecasino2go.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86e496b536b26ba60cdb68df9dd9143b19a63b65e30e373b0321833aab1295d6

Request headers

Referer: https://www.onlinecasino2go.com/
Origin: https://www.onlinecasino2go.com
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:27 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 339955
cf-ray: 6f08180ddce74c6e-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13576
x-amz-id-2: FBM/o0UU3mmc7hUDAVTztua+mgQz8AfcdvbCtYReHBQv173jP66uP/Wqig59Q5wQmeTZom1gLFc=
last-modified: Wed, 30 Jun 2021 15:38:16 GMT
server: cloudflare
etag: "9efb86976bd53e159166c12365f61e25"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sKkYP4rdtiTI5K92fKngtac4Chu%2BoCiuK2v80hXIuaIyIJfYee0OfwxXQMS6fT5iySS%2BcMrwwZ1ssPNEa6q4NXth2l%2FjlANa9N%2BfJbkfYf0czwhhy0pVaSBK7qm2pzVf6pR2A78Z9fjuH7SQZDzHlWyn"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: F3B2YX9D9S9YJASV
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H3 200 siteground-optimizer-combined-css-98b62e7f7e52e95d4019226768d0a8df.css
www.onlinecasino2go.com/onlinecasino/uploads/siteground-optimizer-assets/ Frame 3D0D 438 KB
51 KB 118ms
92ms Stylesheet
text/css 2606:4700:3033::6815:5cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onlinecasino2go.com/onlinecasino/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-98b62e7f7e52e95d4019226768d0a8df.css

Requested by

Host: www.onlinecasino2go.com
URL: https://www.onlinecasino2go.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:5cab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

494c0c579c2f8b364f51169d0c772e1f92149684f02f10b44dfa92f96fd2dd7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.onlinecasino2go.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3942
cf-polished: origSize=448864
x-proxy-cache-info: 0 NC:000000 UP:
last-modified: Sat, 19 Mar 2022 16:59:08 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"6d960-5da952e7fbac8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cL%2BhHRft4BdSMxLbbIBOz%2FFhFBghr8Bihmxb3E%2FXsfD1QfJImyRfk53E7YqYSHdGzOP56vYmGRQy%2FwoyupSRvnMaNlV6OcUSXd6367%2Bp1L4BlKKEqb2cnrQ9Pt8dmMTYgKS2DdCxCviy08H3aW8OuGd1gQv2wg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-httpd: 1
vary: Accept-Encoding
cache-control: max-age=16070400
cf-ray: 6f08180dc9d39707-AMS
x-proxy-cache: MISS

GET
H2 200 all.css
use.fontawesome.com/releases/v5.12.0/css/ Frame 3D0D 56 KB
13 KB 62ms
26ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.12.0/css/all.css?ver=5.12.0
Requested by: Host: www.onlinecasino2go.com
URL: https://www.onlinecasino2go.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9b46437d7418e1712daaad6d73fa17c2c6afb5681770c90339c25428415b7fd

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.onlinecasino2go.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22446181
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 1ZV9NPGEHR5K7860
x-amz-id-2: TIMZXxz+cQdTFg/X4XJwnUNMlj28eddm3Lnk0eL6y0zWZL6O36rHT0K7uKGpzVJJBp5F8hCJgmE=
last-modified: Wed, 30 Jun 2021 15:37:55 GMT
server: cloudflare
etag: W/"500d1a92f875b1d96d37a3a3f8f0438c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FLQ2s1pGGtXW1bTohiuFRy3H%2BFD2Oqstbf287Q8%2B%2Fltq23fjBsmLAwi9k7b5OAYDeByHGvLTKYlKqUt%2B5R5FV8Ay8o1j4og2T6DO0PLGw4vrD0edNkQwq0I4jczPtCZ%2BjlTSmzaRFlZKtFjIJLh4cCZo"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 6f08180ddc9b9737-AMS

GET
H3 200 onlinecasino.jpeg
www.onlinecasino2go.com/onlinecasino/uploads/2021/06/ Frame 3D0D 47 KB
48 KB 109ms
89ms Image
image/jpeg 2606:4700:3033::6815:5cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onlinecasino2go.com/onlinecasino/uploads/2021/06/onlinecasino.jpeg

Requested by

Host: www.onlinecasino2go.com
URL: https://www.onlinecasino2go.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:5cab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa5f2a04c78777c942a9eadf6e72b6c077f146fca17ebb8145c48734f0ad7dc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.onlinecasino2go.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3942
x-proxy-cache-info: 0 NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48450
last-modified: Wed, 30 Jun 2021 23:48:01 GMT
server: cloudflare
etag: "bd42-5c6045a5a4b83"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NVIztKyZPAb3REsbOKijqKYi6lW0urKAOIrCxaJiuJZUa%2Bz2Oj8WDsmakvpx2zT4ANt6opZ92PQOofOceqobOTAilaPVv60IqYenT4bqwE4OdYTysddJvFXoeicOLtLNuVcXA87LBg%2BP0fhC5tiZiL79q%2FehrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
vary: Accept-Encoding
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6f08180dc9d29707-AMS
x-proxy-cache: MISS

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc9.ttf
fonts.gstatic.com/s/roboto/v29/ Frame 3D0D 35 KB
20 KB 89ms
58ms Font
font/ttf 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc9.ttf

Requested by

Host: www.onlinecasino2go.com
URL: https://www.onlinecasino2go.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52dc362cae7e441a98741305a38b045859ac60e99377d9d88922ec32cb944cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onlinecasino2go.com/
Origin: https://www.onlinecasino2go.com
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 15:03:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173229
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20778
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Mar 2023 15:03:18 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxP.ttf
fonts.gstatic.com/s/roboto/v29/ Frame 3D0D 35 KB
20 KB 102ms
71ms Font
font/ttf 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxP.ttf

Requested by

Host: www.onlinecasino2go.com
URL: https://www.onlinecasino2go.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52e0349a641604d5204952039bfac8acde78242227defae8864d1caa48b8c5c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onlinecasino2go.com/
Origin: https://www.onlinecasino2go.com
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 15:03:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173229
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20743
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Mar 2023 15:03:18 GMT

GET
H3 200 JTURjIg1_i6t8kCHKm45_dJE3gnD-w.ttf
fonts.gstatic.com/s/montserrat/v18/ Frame 3D0D 48 KB
25 KB 115ms
85ms Font
font/ttf 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD-w.ttf

Requested by

Host: www.onlinecasino2go.com
URL: https://www.onlinecasino2go.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5c9feb0989a20d4137b6548d92d2cba0f01fdf01df125a15d401574e8d5ef99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onlinecasino2go.com/
Origin: https://www.onlinecasino2go.com
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 16:31:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 599932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25487
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 16:31:35 GMT

GET
H3 200 JTURjIg1_i6t8kCHKm45_bZF3gnD-w.ttf
fonts.gstatic.com/s/montserrat/v18/ Frame 3D0D 48 KB
25 KB 117ms
87ms Font
font/ttf 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_bZF3gnD-w.ttf

Requested by

Host: www.onlinecasino2go.com
URL: https://www.onlinecasino2go.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

654905eb947da8013b2e5ada4b01aac45537b950b4810122b1d877cc23028257

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onlinecasino2go.com/
Origin: https://www.onlinecasino2go.com
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 07:30:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 459589
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25249
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Mar 2023 07:30:38 GMT

GET
H3 200 onlinecasino.png
www.onlinecasino2go.com/onlinecasino/uploads/2022/02/ Frame 3D0D 624 B
1 KB 42ms
24ms Image
image/png 2606:4700:3033::6815:5cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onlinecasino2go.com/onlinecasino/uploads/2022/02/onlinecasino.png

Requested by

Host: www.onlinecasino2go.com
URL: https://www.onlinecasino2go.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:5cab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f80b79fb33aa0bed7fc57cea4a01eebc979819249f9bcbaf1cb5af770ece69cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.onlinecasino2go.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3482
x-proxy-cache-info: 0 NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 624
last-modified: Fri, 25 Feb 2022 21:57:28 GMT
server: cloudflare
etag: "270-5d8dec8e2a59b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hjisptDsiVbp7EftUtdw4badIr3Zd4BJhvu%2B57yLLe3C7igaPGkwES%2BerpfRx6HQ5Y0vt9n%2FjOJR%2FJQm651VcqNDRctvdahXfP2VCmYNj18shN7o1djhfDEs%2BghQ%2F3qrH%2BI%2FAIApfukbclRJ65NP3Qwg0A5oxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-httpd: 1
vary: Accept-Encoding
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6f08180dc9c19707-AMS
x-proxy-cache: MISS

GET
H3 200 batavia-casino.png
www.onlinecasino2go.com/onlinecasino/uploads/2021/12/ Frame 3D0D 8 KB
9 KB 76ms
58ms Image
image/png 2606:4700:3033::6815:5cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onlinecasino2go.com/onlinecasino/uploads/2021/12/batavia-casino.png

Requested by

Host: www.onlinecasino2go.com
URL: https://www.onlinecasino2go.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:5cab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efb8d482bba5136bff504072d541abd93886658ac1eeba6d3e3e11f68b640976

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.onlinecasino2go.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3481
x-proxy-cache-info: 0 NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8052
last-modified: Thu, 16 Dec 2021 18:39:53 GMT
server: cloudflare
etag: "1f74-5d347bf891d89"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B5dYg2lY7o%2BDEOVxmNMeLavsEnWOeNEJY08uuHFQEc4hrclKLkP5asJk6A4JXF4I5cIs2wt8XpAo3W%2FNj%2FIgyB5pBgf0K8Dxd5NONs8XQ60ntFqcbVrHduJ1i07PFyFWj9O2%2Fh9uI0dnG0wulqsLwWVQKrvhZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-httpd: 1
vary: Accept-Encoding
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6f08180dc9c39707-AMS
x-proxy-cache: MISS

GET
H3 200 tombola.png
www.onlinecasino2go.com/onlinecasino/uploads/2021/12/ Frame 3D0D 9 KB
10 KB 129ms
110ms Image
image/png 2606:4700:3033::6815:5cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onlinecasino2go.com/onlinecasino/uploads/2021/12/tombola.png

Requested by

Host: www.onlinecasino2go.com
URL: https://www.onlinecasino2go.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:5cab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a92eebb14b9f4247bc290c2f50e390a5437e025bf20644194004ccdb4ca49a85

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.onlinecasino2go.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3482
x-proxy-cache-info: 0 NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9424
last-modified: Wed, 15 Dec 2021 23:54:30 GMT
server: cloudflare
etag: "24d0-5d33806e3fa4e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=doRT5xrrfuZt00xBV5gPVE%2Fnke5FhQ%2F13hN7Nz77KCto2OykcRG%2FUAEJHPHNuwynfYxTX1n4Z2hgERN%2FifEtC%2FuoZcdvaHowqo9VY7ARjvtoEnaX7XcbVcOG9IjD%2BtlNm0lyDAUPWeaeB6XpFTNwxp2ee%2Bi0bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-httpd: 1
vary: Accept-Encoding
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6f08180dc9d49707-AMS
x-proxy-cache: MISS

GET
H3 200 betcity.png
www.onlinecasino2go.com/onlinecasino/uploads/2021/12/ Frame 3D0D 9 KB
10 KB 54ms
36ms Image
image/png 2606:4700:3033::6815:5cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onlinecasino2go.com/onlinecasino/uploads/2021/12/betcity.png

Requested by

Host: www.onlinecasino2go.com
URL: https://www.onlinecasino2go.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:5cab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3ba677463c71a3b939efe08c297addcb4ef5ef40cf76fe3077db945309373c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.onlinecasino2go.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3481
x-proxy-cache-info: 0 NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9392
last-modified: Wed, 15 Dec 2021 21:48:02 GMT
server: cloudflare
etag: "24b0-5d3364294af18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HmOILSJBgQMEBcO0JrCetfIHbQr17xgCgBfnWe%2BzMAIaQB2Hm1uMiQCKW18bTf7lC4KXFpumDN62yp%2Faq%2FWz%2Fo5F%2BmcW99r4ocSoHwtZKKS7FV8bsaFpwL%2B11BOAVrL5fliDh2BTKySugaIpKplOqJHYlSOg7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-httpd: 1
vary: Accept-Encoding
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6f08180dc9d59707-AMS
x-proxy-cache: MISS

GET
H3 200 fairplay-casino.png
www.onlinecasino2go.com/onlinecasino/uploads/2021/12/ Frame 3D0D 5 KB
6 KB 129ms
110ms Image
image/png 2606:4700:3033::6815:5cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onlinecasino2go.com/onlinecasino/uploads/2021/12/fairplay-casino.png

Requested by

Host: www.onlinecasino2go.com
URL: https://www.onlinecasino2go.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:5cab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86aa3255dc179b440b070f75caffc844f06a0258de040254748e271078bd373f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.onlinecasino2go.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3482
x-proxy-cache-info: 0 NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5623
last-modified: Wed, 15 Dec 2021 20:45:48 GMT
server: cloudflare
etag: "15f7-5d33564074dbf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7UcsTaH2TnF720Ex2cmWcYgH5vhLLpb6XFIRPuingRVDbxRntilEDRO4hAW%2BDK2zLXVE9ThAdSo6Mqt8hRPv7mJQ07aC8NeDho07N6DElTKOUSPbFDZU%2F%2FMs3%2BR6BqQpy2o5I8omo%2FaqJB25o6PgOcc1Tlt8%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-httpd: 1
vary: Accept-Encoding
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6f08180dc9d79707-AMS
x-proxy-cache: MISS

GET
H3 200 bet365-casino.png
www.onlinecasino2go.com/onlinecasino/uploads/2021/12/ Frame 3D0D 5 KB
6 KB 129ms
111ms Image
image/png 2606:4700:3033::6815:5cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onlinecasino2go.com/onlinecasino/uploads/2021/12/bet365-casino.png

Requested by

Host: www.onlinecasino2go.com
URL: https://www.onlinecasino2go.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:5cab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

172df288f96915b9b2a3e01057fedae94aca83da90c41bcbf8ad301a92fc691d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.onlinecasino2go.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3481
x-proxy-cache-info: 0 NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5473
last-modified: Wed, 15 Dec 2021 20:09:53 GMT
server: cloudflare
etag: "1561-5d334e396c629"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hhz2NEKWer09fVHuCeTfhqp4gwG6LKxJRl25R06Rxdwl8md92ZMqIW1c1q6WtsZAgf29ESt8H%2FIng%2BAxwsXhqHTUm%2BPJzd5sIiKsCyWIFr%2FqUiyCWwIZrMITpDg1Et0AJWLQV5MuNfpY0ORaI3aNjS5krvsyyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-httpd: 1
vary: Accept-Encoding
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6f08180dc9d89707-AMS
x-proxy-cache: MISS

GET
H3 200 batavia-casino-120x120.png
www.onlinecasino2go.com/onlinecasino/uploads/2021/12/ Frame 3D0D 11 KB
11 KB 130ms
111ms Image
image/png 2606:4700:3033::6815:5cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onlinecasino2go.com/onlinecasino/uploads/2021/12/batavia-casino-120x120.png

Requested by

Host: www.onlinecasino2go.com
URL: https://www.onlinecasino2go.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:5cab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

375d9187eab0c16095b7ebaefe0e2bb1c924015d5d9664eef87b8d64ed6df0cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.onlinecasino2go.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3481
x-proxy-cache-info: 0 NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10768
last-modified: Thu, 16 Dec 2021 18:39:53 GMT
server: cloudflare
etag: "2a10-5d347bf925526"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jqVOcltXhu2ACkESSO7KGC%2Fpwkg%2FuAHzIQJcdG73YfaJ%2FFI0R5g4OM0mvy7R7Ql6BqXxB2liqN67181moKRbXY0Og3Mw6qeua9YO4UKRbJxGjUJx4Z9FFc9zd5b3GpUpLZlLyf%2FYviemdyRpEKQJdR8dS%2Fy6DQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-httpd: 1
vary: Accept-Encoding
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6f08180dc9d99707-AMS
x-proxy-cache: MISS

GET
H3 200 bet365-casino-120x120.png
www.onlinecasino2go.com/onlinecasino/uploads/2021/12/ Frame 3D0D 6 KB
6 KB 76ms
59ms Image
image/png 2606:4700:3033::6815:5cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onlinecasino2go.com/onlinecasino/uploads/2021/12/bet365-casino-120x120.png

Requested by

Host: www.onlinecasino2go.com
URL: https://www.onlinecasino2go.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:5cab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a874477d792c342d5a4ad01081f8c4c140e8bc0f772f4804c056831b399d82aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.onlinecasino2go.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3481
x-proxy-cache-info: 0 NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5675
last-modified: Wed, 15 Dec 2021 20:09:54 GMT
server: cloudflare
etag: "162b-5d334e39d0012"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AGriYx0%2F0LM5LBnkaK4hjB%2FSACNcdpQ%2FQBc3Ahf1lXZinilrHK3rJbKyPTZtqYC4LtCQH%2Bb4A9ZxYdOGkRr8cHRXPuH5ji8eErT8ywhQEERHkAXLQb03gSbnVYKfHQZuQGJsxsXy3SBxLWypZwdglTpcJM%2FQZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-httpd: 1
vary: Accept-Encoding
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6f08180dc9c59707-AMS
x-proxy-cache: MISS

GET
H3 200 betcity-120x120.png
www.onlinecasino2go.com/onlinecasino/uploads/2021/12/ Frame 3D0D 9 KB
10 KB 76ms
59ms Image
image/png 2606:4700:3033::6815:5cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onlinecasino2go.com/onlinecasino/uploads/2021/12/betcity-120x120.png

Requested by

Host: www.onlinecasino2go.com
URL: https://www.onlinecasino2go.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:5cab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fc0f1cabb8b462f1857cb5b7f34ae1508a9803b49288494a1fbf8a7b501769f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.onlinecasino2go.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3481
x-proxy-cache-info: 0 NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9346
last-modified: Wed, 15 Dec 2021 21:48:02 GMT
server: cloudflare
etag: "2482-5d336429b2783"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6DDSMSZzF2IEAiGCF%2FrxxFCsfc8QDS%2Be6smGr4Zi3i%2BaLVxQEd75BJGLmw%2BxS%2BTleETNeJVSm4Y6ryYnT6kE2CVWga6HHYXzZsBhLtbvkyOYK1Rh72Q1APs24yaO6F%2BlXTLP%2BoojvmQSbtNI74h%2F0UKbE0O%2F2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-httpd: 1
vary: Accept-Encoding
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6f08180dc9c69707-AMS
x-proxy-cache: MISS

GET
H3 200 fairplay-casino-120x120.png
www.onlinecasino2go.com/onlinecasino/uploads/2021/12/ Frame 3D0D 8 KB
9 KB 77ms
59ms Image
image/png 2606:4700:3033::6815:5cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onlinecasino2go.com/onlinecasino/uploads/2021/12/fairplay-casino-120x120.png

Requested by

Host: www.onlinecasino2go.com
URL: https://www.onlinecasino2go.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:5cab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50c3b9f1ec19e62e0acb1a914c54e7d407b5d3eb9fcab1ba2dd70725e2d3cf4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.onlinecasino2go.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3481
x-proxy-cache-info: 0 NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8362
last-modified: Wed, 15 Dec 2021 20:45:48 GMT
server: cloudflare
etag: "20aa-5d335640eb091"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zLbN3ozh%2Bfttm%2FNabOtxwE6yNYi9Q8TGL3knpqC4c1Pezd0zFA0asxNTBzAKCkRk4KhEvC86octhmT6BB%2Fj2JyF3m779GHEV%2BxRjCRliSA%2BDBZ615bhzb1TRy1ktnmNvw%2F%2BPSpqLH2OwqilflQWztQWN%2FPqeHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-httpd: 1
vary: Accept-Encoding
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6f08180dc9c79707-AMS
x-proxy-cache: MISS

GET
H3 200 hoe-kies-ik-een-online-casino.jpg
www.onlinecasino2go.com/onlinecasino/uploads/2021/05/ Frame 3D0D 12 KB
12 KB 91ms
74ms Image
image/jpeg 2606:4700:3033::6815:5cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onlinecasino2go.com/onlinecasino/uploads/2021/05/hoe-kies-ik-een-online-casino.jpg

Requested by

Host: www.onlinecasino2go.com
URL: https://www.onlinecasino2go.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:5cab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0773195d9f13429ff21c789917bd687a1dc10599f2081e4493e7bb9311b4a9be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.onlinecasino2go.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3481
x-proxy-cache-info: 0 NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11826
last-modified: Fri, 14 May 2021 22:54:22 GMT
server: cloudflare
etag: "2e32-5c2521feec8d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dvCP471X7ijQxDk6DjjXWGGIhYVFN9s0hKb1PjuiR1mspAHsjrQucuLxRlR6Wzkq2XGOavPVcWSdjrqHlEELPnUGYkTDQn8Nqr9xg3qSDk7UvM3urjNQJz85GTC%2B%2FB8MVFNRb682jRwBMQpQmNIHiOaOUJW0OA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
vary: Accept-Encoding
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6f08180dc9c99707-AMS
x-proxy-cache: MISS

GET
H3 200 nederland.jpg
www.onlinecasino2go.com/onlinecasino/uploads/2021/05/ Frame 3D0D 18 KB
19 KB 42ms
25ms Image
image/jpeg 2606:4700:3033::6815:5cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onlinecasino2go.com/onlinecasino/uploads/2021/05/nederland.jpg

Requested by

Host: www.onlinecasino2go.com
URL: https://www.onlinecasino2go.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:5cab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ba727db90e53a3d604b8afa5437bf343324adecd3b9a2905c93073a920ba1fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.onlinecasino2go.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3481
x-proxy-cache-info: 0 NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18604
last-modified: Fri, 14 May 2021 22:57:48 GMT
server: cloudflare
etag: "48ac-5c2522c366eb4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y6XNQW%2FPef9v7QxiyJDN1pwhH6ddGwYc4p%2F75xds5VR1rg4PPxZva0JtfF%2F1v6F4lYW7MZ1fK%2BGiCKxGDEgMhh0H827dKiJqYbIK2QG0zC%2BC%2BW%2FUSYlqMRRVvubUn7U0t17S8u8bp4YYQgrKCuiQeWjRfhTRCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
vary: Accept-Encoding
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6f08180dc9cb9707-AMS
x-proxy-cache: MISS

GET
H3 200 18-online-casino.png
www.onlinecasino2go.com/onlinecasino/uploads/2021/12/ Frame 3D0D 4 KB
5 KB 92ms
75ms Image
image/png 2606:4700:3033::6815:5cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onlinecasino2go.com/onlinecasino/uploads/2021/12/18-online-casino.png

Requested by

Host: www.onlinecasino2go.com
URL: https://www.onlinecasino2go.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:5cab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

190d036d3fa829adf505df72f0a4e09d0e68347d4e79db9851d7ac8d9d7c56c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.onlinecasino2go.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3481
x-proxy-cache-info: 0 NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4429
last-modified: Sun, 12 Dec 2021 23:42:45 GMT
server: cloudflare
etag: "114d-5d2fb83516bc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jCLzaS1mB1yoMPh9UtLHc6YTFSGlOiIdVjcdJ5gsFQQ2U0kOWEPtPP3bFKE3toGTzfUavUCrAGybyC2xOmZYcu6JddID6CFdvZrE0%2FMZWwjEMeeWuhYaGjfdZqwVNvTLep8fPoJEbO2yQ0QRnz7CSc8yl6Fqcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-httpd: 1
vary: Accept-Encoding
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6f08180dc9cc9707-AMS
x-proxy-cache: MISS

GET
H3 200 onlinecasino.png
www.onlinecasino2go.com/onlinecasino/uploads/2021/08/ Frame 3D0D 16 KB
17 KB 93ms
76ms Image
image/png 2606:4700:3033::6815:5cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onlinecasino2go.com/onlinecasino/uploads/2021/08/onlinecasino.png

Requested by

Host: www.onlinecasino2go.com
URL: https://www.onlinecasino2go.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:5cab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61933edb1a9500dd5cb47138b642a0b9a99dbf14913dc9864bdc2dd2f9fc6dbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.onlinecasino2go.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3481
x-proxy-cache-info: 0 NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16407
last-modified: Tue, 24 Aug 2021 20:59:23 GMT
server: cloudflare
etag: "4017-5ca54688a65f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9l7qaucNBEunl4CvGV30lp%2Fr9EBZyukjWbfoa%2Ba2GlsrxREeU3qvaGNDX8W7LX6%2BjL3wjiOc%2BoMHCD8eq%2F93t4WQcqXXaIkBwr8AGnslUnL4kr0GtGHb6Q6MjEPnC7%2FVamfcttj9lX%2Fi9cAta6R13G1AQ3fTdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-httpd: 1
vary: Accept-Encoding
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6f08180dc9cd9707-AMS
x-proxy-cache: MISS

GET
H3 200 speelbewust-18plus.png
www.onlinecasino2go.com/onlinecasino/uploads/2021/04/ Frame 3D0D 3 KB
4 KB 106ms
89ms Image
image/png 2606:4700:3033::6815:5cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onlinecasino2go.com/onlinecasino/uploads/2021/04/speelbewust-18plus.png

Requested by

Host: www.onlinecasino2go.com
URL: https://www.onlinecasino2go.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:5cab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c34d97fe280088f53954500faea7de8614c46d5a4f4fa7362deede2862572e6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.onlinecasino2go.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3481
x-proxy-cache-info: 0 NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3538
last-modified: Fri, 30 Apr 2021 18:29:29 GMT
server: cloudflare
etag: "dd2-5c134cad73b22"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7lzyP2acBFjbroDqoRvlpibnVsz41nO1vHSVtX2OqON6IsmbDyBxU9nOQhb33alOndhdr9DGKE6553gQPY1sR3qdzk2pk3r7BpVEVzVdqJYN88mHzxDST7yLAlT2F52zh6Zu31yteioUMkx%2BNf62nT4XCvv4bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-httpd: 1
vary: Accept-Encoding
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6f08180dc9ce9707-AMS
x-proxy-cache: MISS

GET
H3 200 online-casino-nederland.png
www.onlinecasino2go.com/onlinecasino/uploads/2021/08/ Frame 3D0D 713 B
1 KB 106ms
89ms Image
image/png 2606:4700:3033::6815:5cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onlinecasino2go.com/onlinecasino/uploads/2021/08/online-casino-nederland.png

Requested by

Host: www.onlinecasino2go.com
URL: https://www.onlinecasino2go.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:5cab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb598db5e44e53e9688b7551e89bd44ab7aff5f46c41d698d8b2cf4e57b484e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.onlinecasino2go.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3481
x-proxy-cache-info: 0 NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 713
last-modified: Mon, 30 Aug 2021 21:32:42 GMT
server: cloudflare
etag: "2c9-5cacd92bab5bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fn%2F00SZtHwLI5%2BDLo88Ykozj8ofzanrz4Jfqr7QFkEynL11vI37EOMS1AZVaKZhxzIR5x%2Fh0630fqYNP4AT3x254r5AR4%2F9lVyPO97GlIxqyBbPt4%2FH%2FSk0DpdKfzSMTQO%2BQkOM50doDqEQ%2B37fN2I7gdoELAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-httpd: 1
vary: Accept-Encoding
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6f08180dc9cf9707-AMS
x-proxy-cache: MISS

GET
H3 200 rocket-loader.min.js Show response
www.onlinecasino2go.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 3D0D 12 KB
4 KB 38ms
21ms Script
application/javascript 2606:4700:3033::6815:5cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onlinecasino2go.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.onlinecasino2go.com
URL: https://www.onlinecasino2go.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:5cab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.onlinecasino2go.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
last-modified: Mon, 21 Mar 2022 14:13:59 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"62388827-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lfoeqKpF1KNHZZ7ty81P2F2wzcjmmaZVzUUTfglz6hkgKKBqXW9XkvHzv5WLvhVMGrBd28WV37%2BT0ar4L0Qd1AuupqpDuN1hH0foi9XcGB%2FMKRtOpLxYPVOJ7WGvKcLP4TagkoHn9o%2BGug%2BJ5Z7yZp51rfrF9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 6f08180dc9d19707-AMS
expires: Fri, 25 Mar 2022 15:10:27 GMT

GET
H3 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCvC73w5aX8.ttf
fonts.gstatic.com/s/montserrat/v23/ Frame 3D0D 31 KB
15 KB 33ms
24ms Font
font/ttf 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v23/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCvC73w5aX8.ttf

Requested by

Host: www.onlinecasino2go.com
URL: https://www.onlinecasino2go.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90620ff6eadb9e84a26f42e810a0e7426351754e8bb95a63daa232cff0f90a76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onlinecasino2go.com/
Origin: https://www.onlinecasino2go.com
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 06:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 119279
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15487
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:11:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Mar 2023 06:02:28 GMT

GET
H3 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aX8.ttf
fonts.gstatic.com/s/montserrat/v23/ Frame 3D0D 31 KB
16 KB 52ms
43ms Font
font/ttf 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v23/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aX8.ttf

Requested by

Host: www.onlinecasino2go.com
URL: https://www.onlinecasino2go.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a61ffb707f72b8e87e07f8a4b5b02db104d2159887152da3c5a0839d42f0d1d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onlinecasino2go.com/
Origin: https://www.onlinecasino2go.com
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 17:49:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 336080
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16259
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:11:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Mar 2023 17:49:07 GMT

GET
H3 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aX8.ttf
fonts.gstatic.com/s/montserrat/v23/ Frame 3D0D 31 KB
31 KB 36ms
28ms Font
font/ttf 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v23/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aX8.ttf

Requested by

Host: www.onlinecasino2go.com
URL: https://www.onlinecasino2go.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2e48f0e886d558b5e21a188827c75647a19ecf348a72bfcf24b792d0e104e29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onlinecasino2go.com/
Origin: https://www.onlinecasino2go.com
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 02:17:27 GMT
x-content-type-options: nosniff
age: 219180
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31348
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:11:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Mar 2023 02:17:27 GMT

GET
H3 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCvr73w5aX8.ttf
fonts.gstatic.com/s/montserrat/v23/ Frame 3D0D 31 KB
16 KB 44ms
35ms Font
font/ttf 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v23/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCvr73w5aX8.ttf

Requested by

Host: www.onlinecasino2go.com
URL: https://www.onlinecasino2go.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a28fd9010c7b310ba2b18f78efcb5e6574c17c7daca6ca1928fc88ef81722526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onlinecasino2go.com/
Origin: https://www.onlinecasino2go.com
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 10:14:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 449750
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16564
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:11:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Mar 2023 10:14:37 GMT

GET
H3 200 JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jqyR6WXh0ow.ttf
fonts.gstatic.com/s/montserrat/v23/ Frame 3D0D 31 KB
17 KB 71ms
64ms Font
font/ttf 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v23/JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jqyR6WXh0ow.ttf

Requested by

Host: www.onlinecasino2go.com
URL: https://www.onlinecasino2go.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85c9f79812fd7b66a454c03d6e6c815e1f769de75546eaa21b79851fdcc5477f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onlinecasino2go.com/
Origin: https://www.onlinecasino2go.com
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 01:55:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134107
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17285
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:12:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Mar 2023 01:55:20 GMT

GET
H3 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw5aX8.ttf
fonts.gstatic.com/s/montserrat/v23/ Frame 3D0D 31 KB
16 KB 73ms
68ms Font
font/ttf 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v23/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw5aX8.ttf

Requested by

Host: www.onlinecasino2go.com
URL: https://www.onlinecasino2go.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

052100850031cdb3f57d4b55c928e365affbbb35b08ad2fc58a32103187d6e64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onlinecasino2go.com/
Origin: https://www.onlinecasino2go.com
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 19:13:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 158230
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16394
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:11:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Mar 2023 19:13:17 GMT

GET
H3 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCs16Hw5aX8.ttf
fonts.gstatic.com/s/montserrat/v23/ Frame 3D0D 31 KB
16 KB 72ms
72ms Font
font/ttf 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v23/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCs16Hw5aX8.ttf

Requested by

Host: www.onlinecasino2go.com
URL: https://www.onlinecasino2go.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87ce42fad945b58e5f85ebefcadbb27c34e94cc6b879432f2087d02d1b1e6611

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onlinecasino2go.com/
Origin: https://www.onlinecasino2go.com
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 09:47:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 364961
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16367
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:11:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Mar 2023 09:47:46 GMT

GET
H3 200 siteground-optimizer-combined-js-e62eb41deaf1081765b7e2946fea8cc2.js Show response
www.onlinecasino2go.com/onlinecasino/uploads/siteground-optimizer-assets/ Frame 3D0D 77 KB
22 KB 79ms
79ms Script
application/javascript 2606:4700:3033::6815:5cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onlinecasino2go.com/onlinecasino/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-e62eb41deaf1081765b7e2946fea8cc2.js

Requested by

Host: www.onlinecasino2go.com
URL: https://www.onlinecasino2go.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:5cab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c89b0e1f369ab38d04f2fb1f7df5e50b51c2cbc852e7f30f6a80f9322bf8de1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.onlinecasino2go.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3480
cf-polished: origSize=78951
x-proxy-cache-info: 0 NC:000000 UP:
last-modified: Sat, 19 Mar 2022 16:59:08 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"13467-5da952e7fca68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tnr0jO%2BbOSIvAFMmu2sLA81mxhaFgdRCsU8uVTIPikeQQukEVb2b%2FfyTVq9Dc6bcnBhbrlKKvzhTK7VwJVv0optIMI9IWcJWWdvERSLbUYEnbu9eRFy8RCmhwUBykRBAC8w%2Fv%2BEW%2BKD5lULU2Nvjr9rGB7JRdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-httpd: 1
vary: Accept-Encoding
cache-control: max-age=16070400
cf-ray: 6f08180e0a489707-AMS
x-proxy-cache: MISS

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 3D0D 93 KB
37 KB 94ms
40ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-161952532-1

Requested by

Host: www.onlinecasino2go.com
URL: https://www.onlinecasino2go.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d704fcfaea08023365db42ea8c3c27018b0a6e43c28a5f1f8a2df13d8430e797

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.onlinecasino2go.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:27 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37004
x-xss-protection: 0
expires: Wed, 23 Mar 2022 15:10:27 GMT

GET
H3 200 jquery.min.js Show response
www.onlinecasino2go.com/casino/js/jquery/ Frame 3D0D 87 KB
32 KB 88ms
87ms Script
application/javascript 2606:4700:3033::6815:5cab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onlinecasino2go.com/casino/js/jquery/jquery.min.js

Requested by

Host: www.onlinecasino2go.com
URL: https://www.onlinecasino2go.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:5cab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.onlinecasino2go.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3480
x-proxy-cache-info: 0 NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 13 Dec 2021 00:21:44 GMT
server: cloudflare
etag: W/"15db1-5d2fc0ec21bbb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F8bcA30gOP3FBya6bwjkmYoUVlvrp%2F%2Fte4aGzSp1tUv1ibJ0HBx7CCrTayaWaXgAwGHKOt%2F%2FiEVtqZ%2F6Ww8BuU50sVLNdFB5BkKJSN1DsglgIlTcW7ujnUC%2FNUXUy7mnC7pYjFfBvZungvNdGEEHYw%2FpiRI6OQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-httpd: 1
vary: Accept-Encoding
cache-control: max-age=16070400
cf-ray: 6f08180e0a4a9707-AMS
x-proxy-cache: MISS

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 65ms
36ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220317&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ff2cfa0ccfc1512470596b2de0b702536f390019ca1a97772fd5b3ed451daa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://demo.html5xcss3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Mar 2022 15:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10456
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 3D0D 49 KB
20 KB 73ms
21ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-161952532-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.onlinecasino2go.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5737
date: Wed, 23 Mar 2022 13:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 23 Mar 2022 15:34:50 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 373ms
373ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://demo.html5xcss3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Mar 2022 15:10:28 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FB68 13 KB
5 KB 22ms
22ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: http://demo.html5xcss3.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Mar 2022 14:29:47 GMT
expires: Thu, 23 Mar 2023 14:29:47 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 2441
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2EF3 783 B
534 B 64ms
32ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

232ec664b4b86188fbc9ff3cdc4e69c1a0b613e58f10a00f90ce8f76e82b2c39

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-huvjHVwwYr6tcZaQ2WAofA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: http://demo.html5xcss3.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 23 Mar 2022 15:10:28 GMT
date: Wed, 23 Mar 2022 15:10:28 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-huvjHVwwYr6tcZaQ2WAofA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js Show response
pagead2.googlesyndication.com/bg/ Frame FB68 36 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27fab14198ee501fee429ec1be7048d0af1ae5ee2b24a7478729118914c2c726

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 14:48:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1335
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13888
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Mar 2023 14:48:13 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2EF3 0
0 104ms
103ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220317&jk=508628886891195&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 98EC 42 B
64 B 54ms
54ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssZbPuHb1DI_0WmzGAeWQ8Bg-c-tgh2qnGIh9xfs4HrQIpmzgu8EZE4_YccgcL4XVMH7ZWNwzanSop9z2ukoSaW&sig=Cg0ArKJSzB_cpOD9miNtEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=100,786,1000,1117,1209&tos=100,686,214,117,92&v=20220321&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1648048226805&rpt=187&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 15:10:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame C50C 0
127 B 24ms
23ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 23 Mar 2022 15:10:27 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FB68 0
9 B 21ms
21ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?uoiSCg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 64ms
64ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220317&jk=508628886891195&bg=!y8ilyIzNAAba2mK92to7ACkAdvg8WgNZ_EMh-zns7eWgoPjk9gTp0EuIAK9QrEAJHD3ISpWRWHHNPQIAAABeUgAAAAJoAQeZAunV1szmyAForT4A6PWatftpA1rsh2Igsa-j9rz4RX-ORvJFkFXv8dNzjugoB6IgoSZ2azrqZvkgGij7AOK7I7YsskqV1aa_PpoT8M7bGk58SGwZ__tYXZj-VXtEqSxnC4WMuxIdWL5v75P-_BYyqLnNxxRCLzk94RDvTSLVzE6Om7q8OGP6Ydqi7pgk_r56HP7P7KrjRhbc_wXJsK4kT0e5HyoSQ5TqDqTja4fpact1-2KQJB_FxAu2EIPPT6TuEpnVz_C1mRUK9hI7k7EgvB4KrB73R8JXcFd-3IlI9NsXsE-cvuig4GozeiOae451Hv0Tc7ZssE-Td93Viz3M8ydOntR4vxnToCZ1o_kGUKOT9iZXz4ggafyMA4YKSjybN33PLU5iGojf1Qy74VX4eryeKnX04Nu1Hi18pwlhkFJSgZ_06Bje72cWEVPhjDsjfheh2Wk3e2zLACje8zAW1deENJFJKJtBL9Ngy-FUEMnA9hezALTBDRQVZ9Goed4OJOflT08S2yNzphlmB8fpkO27p8B9CJSGfTBt174x9Rgx2dxwJ0m9FA6p99_9Hee70DGlsKcZo1cARJNu78TECUsztZbepUwFs2UW5ANTk9e_J6gh8h26Gmtd734Qz7-rX__6RoIPwKC8SOmdz83-rEFoeD-UdQdFjlV9q_lVoXsvW2NKllD3QGby7for66SDOtcjrXF9OlQUkoPSYZ9jHbpyEBVXqAaHP5tJw5A_axdw8csJs7blMVzhlfvkWae8lU8SgJfGfwUroJ5k6QdhxtkLr78XlnreTjR67U9D0_cRraelEJGs_mzUh3StdNoFjbacMfOpP6ofOX5DCuj0Qjrfjtb4cruCa4HU5mjFCIOSqYEGJvQvVRQutbJEkNIE7daHS5NlfQuXe_DUV8eBEaIwo270LOaUsgXrdPGQiw_iuNJGAxOCYWiR-TPxbIQpDJgmpNKUjtL3GWGPQNx-VMl2qiD76mBnVMWJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://demo.html5xcss3.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C50C 8 KB
9 KB 16ms
15ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

635fc3642d77c0ffc3368165582c4d03124eff007d5f58f6beca929f7785904a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:10:29 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=353160
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 8576
expires: Sun, 27 Mar 2022 17:16:31 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yjs4Y3n0a-b0QH28FY4x0QAABJoAAAAB&google_gid=CAESEBQAGiViI_pE-t686n1sjAc&google_cver=1&google_push=AYg5qPLUSNRhuxFGv_uat0tox1PyscUY_fBpKwvB0Ejw7-xND-yFRDdB_Vd0J4r7aBszWyszy4qYpECSvU2rUwiFxibB71_3XH4

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gg.gg/	1970-01-20 01:47:35	Name: ci_session Value: a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22e37d32cc3e808499115c79a30cc0f330%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A11%3A%2237.48.94.48%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A114%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F99.0.4844.51+Safari%2F537.36%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1648048225%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7Db0929ca38fd07c92e528211ff0b404ed
.gg.gg/	1970-01-20 03:57:04	Name: gg_token Value: 5b79628aa48c7f55d1125ea8dc8b5062623b386104c7d5.21047501
.html5xcss3.com/	1970-01-20 11:09:04	Name: __gads Value: ID=b9a601c62ed87995-22f0600763cd002a:T=1648048226:RT=1648048226:S=ALNI_Ma86td_MdytgOTUBqVhv0y1eUxLDA
.doubleclick.net/	1970-01-20 11:09:04	Name: IDE Value: AHWqTUkMyz3W-MEUu8qofyOEqj28ZGctNSgy6L_clH8X7VVfhhisI-x40K9pSeqYo4U
.pubmatic.com/	1970-01-20 01:48:54	Name: KTPCACOOKIE Value: YES
.quantserve.com/	1970-01-20 03:57:04	Name: d Value: EGABCQHdJYEA
.quantserve.com/	1970-01-20 11:17:42	Name: mc Value: 623b3863-06592-655ec-3eed2
.pubmatic.com/	1970-01-20 03:57:04	Name: KADUSERCOOKIE Value: 6EA87688-3496-41A9-86CD-8037700DDB6F
.casalemedia.com/	1970-01-20 10:33:04	Name: CMID Value: Yjs4Y3n0a.b0QH28FY4x0QAA
.casalemedia.com/	1970-01-20 03:57:04	Name: CMPS Value: 3222
.casalemedia.com/	1970-01-20 03:57:04	Name: CMPRO Value: 1178
.casalemedia.com/	1970-01-20 01:48:54	Name: CMST Value: Yjs4Y2I7OGMA

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yjs4Y3n0a-b0QH28FY4x0QAABJoAAAAB&google_gid=CAESEBQAGiViI_pE-t686n1sjAc&google_cver=1&google_push=AYg5qPLUSNRhuxFGv_uat0tox1PyscUY_fBpKwvB0Ejw7-xND-yFRDdB_Vd0J4r7aBszWyszy4qYpECSvU2rUwiFxibB71_3XH4 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
javascript	warning	URL: https://www.onlinecasino2go.com/ Message: The resource https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_bZF3gnD-w.ttf was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.onlinecasino2go.com/ Message: The resource https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD-w.ttf was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.nl
cat.nl.eu.criteo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
csm.eu.criteo.net
demo.html5xcss3.com
fonts.googleapis.com
fonts.gstatic.com
gg.gg
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
image6.pubmatic.com
odr.mookie1.com
onlinecasino2go.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel.rubiconproject.com
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
rtb.openx.net
static.criteo.net
tpc.googlesyndication.com
use.fontawesome.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.onlinecasino2go.com
cm.g.doubleclick.net
141.95.157.215
142.250.181.226
142.250.185.130
172.96.191.104
178.250.0.162
178.250.2.135
178.250.2.148
185.15.209.141
185.64.190.78
2001:4de0:ac18::1:a:2a
2606:4700:3033::6815:5cab
2606:4700::6810:135e
2620:116:800d:21:ee05:6a01:4b41:8c89
2a00:1450:4001:803::2003
2a00:1450:4001:808::2002
2a00:1450:4001:808::2008
2a00:1450:4001:810::2004
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2002
2a02:2638:1::2
2a02:2638:1::4
2a02:2638::2
2a02:2638::3
2a06:98c1:3121::7
34.98.67.61
35.186.253.211
35.208.223.164
69.173.144.165
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
052100850031cdb3f57d4b55c928e365affbbb35b08ad2fc58a32103187d6e64
0773195d9f13429ff21c789917bd687a1dc10599f2081e4493e7bb9311b4a9be
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
172df288f96915b9b2a3e01057fedae94aca83da90c41bcbf8ad301a92fc691d
190d036d3fa829adf505df72f0a4e09d0e68347d4e79db9851d7ac8d9d7c56c7
1d02a44f7a84fb9c747e8b0c3ada7aa60fbc8581dd66cd207eb39eead968341c
1f386886a97806563500770fe27dd84c997da105a7c7a11786dbfe9b86182173
232ec664b4b86188fbc9ff3cdc4e69c1a0b613e58f10a00f90ce8f76e82b2c39
245408098f6dd7d80a63ef3d93354456f326d4cf1fce18a570950cdc8d3c9985
27cfb89c20dbf9a8c50a91a383dd87cd40fc0921d11bdd4c86725a9cf0c11136
27fab14198ee501fee429ec1be7048d0af1ae5ee2b24a7478729118914c2c726
2a88596d8c0a225f0cdf6b710209c1089865da2d0785d38f21dbc0e3068945ca
2fc0f1cabb8b462f1857cb5b7f34ae1508a9803b49288494a1fbf8a7b501769f
375d9187eab0c16095b7ebaefe0e2bb1c924015d5d9664eef87b8d64ed6df0cc
3ba727db90e53a3d604b8afa5437bf343324adecd3b9a2905c93073a920ba1fd
4556d0dcde6f8ddaf47b86e9c819264715daba716727e44dc5436a1573b78790
490051ea56e96213d26e59620174b44dda9726a4980c8da095953f9eff6ee261
494c0c579c2f8b364f51169d0c772e1f92149684f02f10b44dfa92f96fd2dd7c
4d5f5c631a056cf30675fa3d25dcce89749522776b45ed5385fb5165977ce3a8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50c3b9f1ec19e62e0acb1a914c54e7d407b5d3eb9fcab1ba2dd70725e2d3cf4f
52dc362cae7e441a98741305a38b045859ac60e99377d9d88922ec32cb944cfa
52e0349a641604d5204952039bfac8acde78242227defae8864d1caa48b8c5c1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58a331774d3aff9a14bebe6c271f4d025c163136c99f9e6dbe270d49677d0a17
5d46bea8e4553cd5cdc3a2261c47c4ba7c01a40aa00519313afbc8a97680940d
5ff2cfa0ccfc1512470596b2de0b702536f390019ca1a97772fd5b3ed451daa5
61933edb1a9500dd5cb47138b642a0b9a99dbf14913dc9864bdc2dd2f9fc6dbf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
635fc3642d77c0ffc3368165582c4d03124eff007d5f58f6beca929f7785904a
64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3
654905eb947da8013b2e5ada4b01aac45537b950b4810122b1d877cc23028257
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6bfe4b3828ecbdcda91ccd69e60b9f32dfedd3c2d2f11b805ab983757da6976d
787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4
7c26557d38df3fd6f670d399e622dda71c0bb94005681404917f585193321da0
7ee575ceb3eed7797a1380d8e1d10523fc2bad3353d070e1dcf9b985c743a3e8
85c9f79812fd7b66a454c03d6e6c815e1f769de75546eaa21b79851fdcc5477f
86aa3255dc179b440b070f75caffc844f06a0258de040254748e271078bd373f
86e496b536b26ba60cdb68df9dd9143b19a63b65e30e373b0321833aab1295d6
87ce42fad945b58e5f85ebefcadbb27c34e94cc6b879432f2087d02d1b1e6611
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8b5abf902c157c372285a8277bd336ce30ac5efe1422a610d3b89e8024174e15
8e4560c16c7970efa47680450b2cf239d4a482c056d308acea12bb9022906c8b
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
90620ff6eadb9e84a26f42e810a0e7426351754e8bb95a63daa232cff0f90a76
9353576d1f01242b800db085ea5a5ee1ce4cff71d2193b475c5e35c1327715f2
93e21c63ad9b6ddeb3fff7229843a4b76036f45a4a1d97995d582e63a5d31faf
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b481b8ae49e44f09694ce1de8e38911b1d89e601d423b759510410dc2a7b405
9edff5351590042e096317d7d8bbc8fd8cc3d6d20c06dbc23b736afa260f4e7f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a28fd9010c7b310ba2b18f78efcb5e6574c17c7daca6ca1928fc88ef81722526
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a2e48f0e886d558b5e21a188827c75647a19ecf348a72bfcf24b792d0e104e29
a3ba677463c71a3b939efe08c297addcb4ef5ef40cf76fe3077db945309373c7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5c9feb0989a20d4137b6548d92d2cba0f01fdf01df125a15d401574e8d5ef99
a61ffb707f72b8e87e07f8a4b5b02db104d2159887152da3c5a0839d42f0d1d6
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a874477d792c342d5a4ad01081f8c4c140e8bc0f772f4804c056831b399d82aa
a92eebb14b9f4247bc290c2f50e390a5437e025bf20644194004ccdb4ca49a85
aa5f2a04c78777c942a9eadf6e72b6c077f146fca17ebb8145c48734f0ad7dc9
ab817d4319c2ef47622dfc43df3e6bb3c5643b6a9d5a122aed8399fc812285fc
b3e94e3b9a1e07433fbc07a13858199356f7b9990169ffde395ac8fdba225059
b46d87ade6c7e92a04362c95381636726edf0f1f0c4b1faa2f929501781ccf5c
b642bedd348703b06816f08d1718e5bbf6ea431825ca0395843ed2076b0fe9fa
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c34d97fe280088f53954500faea7de8614c46d5a4f4fa7362deede2862572e6f
c3d628f4e66cecd08fd6e79132a41585dfd209b14bd6e0695af0842025ee2768
c89b0e1f369ab38d04f2fb1f7df5e50b51c2cbc852e7f30f6a80f9322bf8de1e
c9b46437d7418e1712daaad6d73fa17c2c6afb5681770c90339c25428415b7fd
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d704fcfaea08023365db42ea8c3c27018b0a6e43c28a5f1f8a2df13d8430e797
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e14a625deb5e7cb388813d12ff906c39d7140ead453b49a22cc7d11497035790
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e60b5ae2f507c6b3008250bc07ef6245df6b6bdef292c6097e130d3cd3a8340b
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb8d482bba5136bff504072d541abd93886658ac1eeba6d3e3e11f68b640976
effa30b201123d9111b7d7b6f11a6923418cf7b61ba0827d50086d0e8a38d193
f74c04529f8d5f9c248eda87caec654de5e5c61dd40e9ac4696b026d2841b131
f80b79fb33aa0bed7fc57cea4a01eebc979819249f9bcbaf1cb5af770ece69cb
fb598db5e44e53e9688b7551e89bd44ab7aff5f46c41d698d8b2cf4e57b484e0

demo.html5xcss3.com Open in urlscan Pro 172.96.191.104 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

127 Requests

94 %HTTPS

61 %IPv6

24 Domains

33 Subdomains

29 IPs

6 Countries

1605 kBTransfer

3521 kBSize

12 Cookies

1 Outgoing links

Page URL History

Redirected requests

127 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

demo.html5xcss3.com Open in urlscan Pro
172.96.191.104 Public Scan

Screenshot
Live screenshot

Full Image

127
Requests

94 %
HTTPS

61 %
IPv6

24
Domains

33
Subdomains

29
IPs

6
Countries

1605 kB
Transfer

3521 kB
Size

12
Cookies

127 HTTP transactions
2 data transactions