urlscan.io logo urlscan.io
SecurityTrails logo

www.mrgreen.com Open in urlscan Pro
104.16.33.56  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://et.clickfinans.com/trk/click/eids_m2tw3lV-tac4b-p6e40ac-uaba0-le-ccYR-23K/?id=m2tw3lV&ei=tac4b&scid=uaba0&a...
Effective URL: https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155...
Submission: On May 24 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 40 IPs in 8 countries across 39 domains to perform 75 HTTP transactions. The main IP is 104.16.33.56, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.mrgreen.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on October 9th 2017. Valid for: 2 years.
This is the only time www.mrgreen.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 52.30.156.88 16509 (AMAZON-02)
1 54.76.97.65 16509 (AMAZON-02)
1 1 146.177.40.248 15395 (RACKSPACE...)
13 104.16.33.56 13335 (CLOUDFLAR...)
1 1 104.111.246.59 16625 (AKAMAI-AS)
1 104.17.171.81 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
3 54.230.93.95 16509 (AMAZON-02)
2 94.31.29.154 33438 (HIGHWINDS2)
1 2a00:1450:400... 15169 (GOOGLE)
1 7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.222.171.201 16509 (AMAZON-02)
3 213.155.156.189 1299 (TELIANET ...)
2 40.119.158.131 8075 (MICROSOFT...)
2 52.50.246.91 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
3 2a03:2880:f02... 32934 (FACEBOOK)
1 4 37.157.6.251 198622 (ADFORM)
2 2 172.217.22.102 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 172.217.22.38 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 185.10.228.82 36351 (SOFTLAYER)
1 1 213.155.156.188 1299 (TELIANET ...)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 213.19.162.80 26667 (RUBICONPR...)
1 1 172.217.22.34 15169 (GOOGLE)
1 213.155.156.181 1299 (TELIANET ...)
1 2 173.241.240.143 36089 (OPENX-AS1)
2 2 185.33.223.204 29990 (ASN-APPNEXUS)
1 213.155.156.169 1299 (TELIANET ...)
1 20.36.253.28 8075 (MICROSOFT...)
1 185.64.189.110 62713 (AS-PUBMATIC)
1 2 52.29.212.156 16509 (AMAZON-02)
1 2.16.122.151 20940 (AKAMAI-ASN1)
1 2 185.94.180.126 35220 (SPOTX-AMS)
2 35.157.96.7 16509 (AMAZON-02)
1 54.229.62.179 16509 (AMAZON-02)
2 3 34.250.54.225 16509 (AMAZON-02)
1 1 213.155.156.182 1299 (TELIANET ...)
1 2 18.153.11.1 16509 (AMAZON-02)
1 37.157.2.237 198622 (ADFORM)
1 34.242.42.75 16509 (AMAZON-02)
1 2 2.18.234.21 16625 (AKAMAI-AS)
75 40
1    52.30.156.88 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-30-156-88.eu-west-1.compute.amazonaws.com
et.clickfinans.com
1    54.76.97.65 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-76-97-65.eu-west-1.compute.amazonaws.com
vmltracker.com
1    146.177.40.248 (United Kingdom)

ASN15395 (RACKSPACE-LON, GB)
ads.mrgreen.com
13    104.16.33.56 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.mrgreen.com
1    104.111.246.59 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-246-59.deploy.static.akamaitechnologies.com
cloud.typography.com
1    104.17.171.81 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
static.mrgcdn.com
4    2606:4700::6813:c797 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ajax.cloudflare.com
cdnjs.cloudflare.com
3    54.230.93.95 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-93-95.fra2.r.cloudfront.net
widget.trustpilot.com
2    94.31.29.154 (United Kingdom)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)
PTR: 94.31.29.154.IPYX-077437-ZYO.above.net
use.fortawesome.com
1    2a00:1450:4001:81e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
7    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a00:1450:4001:820::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
1    52.222.171.201 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-171-201.fra54.r.cloudfront.net
cdn.nanigans.com
3    213.155.156.189 (Ascension Island)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-189.customer.teliacarrier.com
tb.de17a.com
2    40.119.158.131 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
trck.spoteffects.net
2    52.50.246.91 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-50-246-91.eu-west-1.compute.amazonaws.com
c3.adalyser.com
1    2606:4700:10::6814:15ef (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
rum-static.pingdom.net
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
bat.bing.com
3    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
4    37.157.6.251 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
a1.adform.net
2    172.217.22.102 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s18-in-f102.1e100.net
ad.doubleclick.net
1    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com
2    172.217.22.38 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s16-in-f38.1e100.net
8271256.fls.doubleclick.net
1    2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:824::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
1    185.10.228.82 (Netherlands)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 52.e4.0ab9.ip4.static.sl-reverse.com
api.nanigans.com
1    213.155.156.188 (Ascension Island)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-188.customer.teliacarrier.com
tb.de17a.com
2    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
1    213.19.162.80 (United Kingdom)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
pixel.rubiconproject.com
1    172.217.22.34 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s16-in-f2.1e100.net
cm.g.doubleclick.net
1    213.155.156.181 (Ascension Island)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-181.customer.teliacarrier.com
d5p.de17a.com
2    173.241.240.143 (Amsterdam, Netherlands)

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-143.xa.dc.openx.org
us-u.openx.net
2    185.33.223.204 (Netherlands)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 319.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    213.155.156.169 (Ascension Island)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-169.customer.teliacarrier.com
d5p.de17a.com
1    20.36.253.28 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
atemda.com
1    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)
image2.pubmatic.com
2    52.29.212.156 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-29-212-156.eu-central-1.compute.amazonaws.com
ad.360yield.com
1    2.16.122.151 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-122-151.deploy.static.akamaitechnologies.com
ad.yieldlab.net
2    185.94.180.126 (Netherlands)

ASN35220 (SPOTX-AMS, NL)
sync.search.spotxchange.com
2    35.157.96.7 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-157-96-7.eu-central-1.compute.amazonaws.com
pixel.advertising.com
1    54.229.62.179 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-229-62-179.eu-west-1.compute.amazonaws.com
soma.smaato.net
3    34.250.54.225 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-250-54-225.eu-west-1.compute.amazonaws.com
ad.sxp.smartclip.net
1    213.155.156.182 (Ascension Island)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-182.customer.teliacarrier.com
d5p.de17a.com
2    18.153.11.1 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-153-11-1.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    37.157.2.237 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
1    34.242.42.75 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-242-42-75.eu-west-1.compute.amazonaws.com
usermatch.targeting.unrulymedia.com
2    2.18.234.21 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum.casalemedia.com
Apex Domain
Subdomains		 Transfer
14 mrgreen.com
ads.mrgreen.com
www.mrgreen.com
515 KB
7 de17a.com
tb.de17a.com
d5p.de17a.com
12 KB
7 google-analytics.com
www.google-analytics.com
61 KB
6 doubleclick.net
ad.doubleclick.net
8271256.fls.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
2 KB
5 adform.net
a1.adform.net
dmp.adform.net
35 KB
4 cloudflare.com
ajax.cloudflare.com
cdnjs.cloudflare.com
40 KB
3 smartclip.net
ad.sxp.smartclip.net
2 KB
3 facebook.net
connect.facebook.net
107 KB
3 trustpilot.com
widget.trustpilot.com
6 KB
2 casalemedia.com
dsum.casalemedia.com
2 KB
2 bidswitch.net
x.bidswitch.net
1 KB
2 advertising.com
pixel.advertising.com
184 B
2 spotxchange.com
sync.search.spotxchange.com
1 KB
2 360yield.com
ad.360yield.com
1 KB
2 adnxs.com
ib.adnxs.com
2 KB
2 openx.net
us-u.openx.net
585 B
2 facebook.com
www.facebook.com
246 B
2 google.com
adservice.google.com
www.google.com
288 B
2 bing.com
bat.bing.com
7 KB
2 adalyser.com
c3.adalyser.com
12 KB
2 spoteffects.net
trck.spoteffects.net
22 KB
2 nanigans.com
cdn.nanigans.com
api.nanigans.com
3 KB
2 fortawesome.com
use.fortawesome.com
27 KB
1 unrulymedia.com
usermatch.targeting.unrulymedia.com
457 B
1 smaato.net
soma.smaato.net
270 B
1 yieldlab.net
ad.yieldlab.net
495 B
1 pubmatic.com
image2.pubmatic.com
779 B
1 atemda.com
atemda.com
698 B
1 rubiconproject.com
pixel.rubiconproject.com
371 B
1 google.de
www.google.de
109 B
1 pingdom.net
rum-static.pingdom.net
3 KB
1 googletagmanager.com
www.googletagmanager.com
52 KB
1 googleapis.com
ajax.googleapis.com
33 KB
1 mrgcdn.com
static.mrgcdn.com
2 KB
1 typography.com
cloud.typography.com
474 B
1 vmltracker.com
vmltracker.com
348 B
1 clickfinans.com
et.clickfinans.com
1 KB
0 angsrvr.com Failed
sy.eu.angsrvr.com Failed
0 ipify.org Failed
api.ipify.org Failed
75 39
Domain Requested by
13 www.mrgreen.com et.clickfinans.com
www.mrgreen.com
ajax.cloudflare.com
7 www.google-analytics.com 1 redirects et.clickfinans.com
www.google-analytics.com
www.googletagmanager.com
4 a1.adform.net 1 redirects et.clickfinans.com
a1.adform.net
4 tb.de17a.com 1 redirects et.clickfinans.com
tb.de17a.com
3 ad.sxp.smartclip.net 2 redirects www.mrgreen.com
3 d5p.de17a.com 1 redirects www.mrgreen.com
3 connect.facebook.net et.clickfinans.com
connect.facebook.net
3 cdnjs.cloudflare.com ajax.cloudflare.com
3 widget.trustpilot.com ajax.cloudflare.com
widget.trustpilot.com
2 dsum.casalemedia.com 1 redirects www.mrgreen.com
2 x.bidswitch.net 1 redirects www.mrgreen.com
2 pixel.advertising.com www.mrgreen.com
2 sync.search.spotxchange.com 1 redirects www.mrgreen.com
2 ad.360yield.com 1 redirects www.mrgreen.com
2 ib.adnxs.com 2 redirects
2 us-u.openx.net 1 redirects www.mrgreen.com
2 www.facebook.com connect.facebook.net
2 8271256.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 ad.doubleclick.net 2 redirects
2 bat.bing.com www.googletagmanager.com
2 c3.adalyser.com et.clickfinans.com
2 trck.spoteffects.net et.clickfinans.com
2 use.fortawesome.com ajax.cloudflare.com
use.fortawesome.com
1 usermatch.targeting.unrulymedia.com www.mrgreen.com
1 dmp.adform.net www.mrgreen.com
1 soma.smaato.net www.mrgreen.com
1 ad.yieldlab.net www.mrgreen.com
1 image2.pubmatic.com www.mrgreen.com
1 atemda.com www.mrgreen.com
1 cm.g.doubleclick.net 1 redirects
1 pixel.rubiconproject.com www.mrgreen.com
1 api.nanigans.com cdn.nanigans.com
1 www.google.de
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 adservice.google.com
1 rum-static.pingdom.net www.googletagmanager.com
1 cdn.nanigans.com et.clickfinans.com
1 www.googletagmanager.com et.clickfinans.com
1 ajax.googleapis.com ajax.cloudflare.com
1 ajax.cloudflare.com www.mrgreen.com
1 static.mrgcdn.com www.mrgreen.com
1 cloud.typography.com 1 redirects
1 ads.mrgreen.com 1 redirects
1 vmltracker.com et.clickfinans.com
1 et.clickfinans.com
0 sy.eu.angsrvr.com Failed www.mrgreen.com
0 api.ipify.org Failed www.googletagmanager.com
75 48

This site contains links to these domains. Also see Links.

Domain
casino.mrgreen.com
www.authorisation.mga.org.mt
www.mrggroup.com
greengaming.com
Subject Issuer Validity Valid
vmltracker.com
COMODO RSA Domain Validation Secure Server CA		 2017-06-14 -
2019-06-14		 2 years crt.sh
www.mrgreen.com
DigiCert SHA2 Extended Validation Server CA		 2017-10-09 -
2019-11-04		 2 years crt.sh
ssl767972.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-01-18 -
2019-07-27		 6 months crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-03-02 -
2019-09-08		 6 months crt.sh
*.trustpilot.com
Amazon		 2019-04-30 -
2020-05-30		 a year crt.sh
use.fonticons.com
DigiCert SHA2 Secure Server CA		 2018-09-25 -
2019-11-20		 a year crt.sh
*.googleapis.com
Google Internet Authority G3		 2019-05-07 -
2019-07-30		 3 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-05-07 -
2019-07-30		 3 months crt.sh
*.nanigans.com
Go Daddy Secure Certificate Authority - G2		 2019-02-28 -
2021-04-29		 2 years crt.sh
*.de17a.com
DigiCert SHA2 High Assurance Server CA		 2018-08-16 -
2019-12-18		 a year crt.sh
trck.spoteffects.net
COMODO RSA Domain Validation Secure Server CA		 2016-05-20 -
2019-08-18		 3 years crt.sh
*.adalyser.com
Thawte RSA CA 2018		 2018-01-16 -
2019-07-08		 a year crt.sh
*.pingdom.net
DigiCert SHA2 High Assurance Server CA		 2018-11-19 -
2019-12-16		 a year crt.sh
www.bing.com
Microsoft IT TLS CA 5		 2017-07-20 -
2019-07-10		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-04-22 -
2019-07-21		 3 months crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2018-02-02 -
2019-10-02		 2 years crt.sh
*.google.com
Google Internet Authority G3		 2019-05-07 -
2019-07-30		 3 months crt.sh
*.doubleclick.net
Google Internet Authority G3		 2019-05-07 -
2019-07-30		 3 months crt.sh
www.google.de
Google Internet Authority G3		 2019-05-07 -
2019-07-30		 3 months crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2019-01-10 -
2021-01-14		 2 years crt.sh
*.openx.net
DigiCert ECC Secure Server CA		 2019-02-08 -
2020-05-12		 a year crt.sh
*.atemda.com
Go Daddy Secure Certificate Authority - G2		 2018-01-12 -
2020-01-12		 2 years crt.sh
*.pubmatic.com
Sectigo RSA Organization Validation Secure Server CA		 2019-02-22 -
2021-02-21		 2 years crt.sh
*.360yield.com
COMODO RSA Domain Validation Secure Server CA		 2018-03-12 -
2020-03-11		 2 years crt.sh
*.yieldlab.net
DigiCert SHA2 Secure Server CA		 2018-12-12 -
2020-03-12		 a year crt.sh
sync.search.spotxchange.com
GeoTrust RSA CA 2018		 2018-02-20 -
2019-05-25		 a year crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA		 2017-06-14 -
2020-06-18		 3 years crt.sh
*.ad.smaato.net
Amazon		 2018-07-30 -
2019-08-30		 a year crt.sh
*.smartclip.net
Amazon		 2019-03-28 -
2020-04-28		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2019-04-17 -
2020-05-04		 a year crt.sh
*.targeting.unrulymedia.com
DigiCert SHA2 Secure Server CA		 2016-09-13 -
2019-09-18		 3 years crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2019-05-08 -
2020-03-09		 10 months crt.sh

This page contains 6 frames:

Primary Page: https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
Frame ID: FBD26904B90B708331B36FA4A05D7354
Requests: 59 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=56f16ff20000ff00058a8209
Frame ID: 270B15630B18D3CB673539EAE96CA155
Requests: 1 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=56f16ff20000ff00058a8209
Frame ID: 516B72C7DDEBEB3471AE60BA9E92F211
Requests: 1 HTTP requests in this frame

Frame: https://8271256.fls.doubleclick.net/activityi;dc_pre=CK7cl9ekteICFRbIdwod9gwD1w;src=8271256;type=lp0;cat=landi0;ord=1;num=7838720749745;gtm=2wg5f2;auiddc=1167597046.1558739377;~oref=https%3A%2F%2Fwww.mrgreen.com%2Fan%2Faff%2Faffiliate-20-sign-up-spins-starburst%3Fbtag%3D3407320_9E32B88037624F6197EABCE8EA803168%26cb%3D155873937472%26vml_pid%3Dp6e40ac%26utm_medium%3Daffiliates%26utm_source%3D3407320
Frame ID: 7DFF289E104E01CF56B950AE15850FCB
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/tap.php?v=6327&nid=2135&put=589466381639324686&expires=30
Frame ID: EFCA46B31C15F16163172FDA14D06420
Requests: 18 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 9CD715099D15329E84B81A19F8475AD1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://et.clickfinans.com/trk/click/eids_m2tw3lV-tac4b-p6e40ac-uaba0-le-ccYR-23K/?id=m2tw3lV&ei=ta... Page URL
  2. https://ads.mrgreen.com/redirect.aspx?pid=4584016&bid=2530&cb=155873937472&vml_pid=p6e40ac HTTP 301
    https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197E... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/wp-includes\//i
Overall confidence: 100%
Detected patterns
  • script /\/wp-includes\//i
Overall confidence: 100%
Detected patterns
  • env /^TweenMax$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i
Overall confidence: 100%
Detected patterns
  • env /^Modernizr$/i
Overall confidence: 100%
Detected patterns
  • script /tracker.js/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

75
Requests

96 %
HTTPS

25 %
IPv6

39
Domains

48
Subdomains

40
IPs

8
Countries

1023 kB
Transfer

2988 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://et.clickfinans.com/trk/click/eids_m2tw3lV-tac4b-p6e40ac-uaba0-le-ccYR-23K/?id=m2tw3lV&ei=tac4b&scid=uaba0&eids=m2tw3lV-tac4b-p6e40ac-uaba0-le-ccYR-23K&cb=1558164650179 Page URL
  2. https://ads.mrgreen.com/redirect.aspx?pid=4584016&bid=2530&cb=155873937472&vml_pid=p6e40ac HTTP 301
    https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://cloud.typography.com/7155672/712248/css/fonts.css HTTP 302
  • https://www.mrgreen.com/app/themes/storefront/assets/fonts/553158/C9B824A3E9336530F.css
Request Chain 45
  • https://ad.doubleclick.net/activity;src=4707643;type=mrgre00;cat=prof;ord=5952765646036;gtm=2wg5f2;auiddc=1167597046.1558739377 HTTP 302
  • https://ad.doubleclick.net/activity;dc_pre=CInQl9ekteICFYKCGQodzoAHig;src=4707643;type=mrgre00;cat=prof;ord=5952765646036;gtm=2wg5f2;auiddc=1167597046.1558739377 HTTP 302
  • https://adservice.google.com/ddm/fls/z/dc_pre=CInQl9ekteICFYKCGQodzoAHig;src=4707643;type=mrgre00;cat=prof;ord=5952765646036;gtm=2wg5f2;auiddc=*
Request Chain 46
  • https://8271256.fls.doubleclick.net/activityi;src=8271256;type=lp0;cat=landi0;ord=1;num=7838720749745;gtm=2wg5f2;auiddc=1167597046.1558739377;~oref=https%3A%2F%2Fwww.mrgreen.com%2Fan%2Faff%2Faffiliate-20-sign-up-spins-starburst%3Fbtag%3D3407320_9E32B88037624F6197EABCE8EA803168%26cb%3D155873937472%26vml_pid%3Dp6e40ac%26utm_medium%3Daffiliates%26utm_source%3D3407320 HTTP 302
  • https://8271256.fls.doubleclick.net/activityi;dc_pre=CK7cl9ekteICFRbIdwod9gwD1w;src=8271256;type=lp0;cat=landi0;ord=1;num=7838720749745;gtm=2wg5f2;auiddc=1167597046.1558739377;~oref=https%3A%2F%2Fwww.mrgreen.com%2Fan%2Faff%2Faffiliate-20-sign-up-spins-starburst%3Fbtag%3D3407320_9E32B88037624F6197EABCE8EA803168%26cb%3D155873937472%26vml_pid%3Dp6e40ac%26utm_medium%3Daffiliates%26utm_source%3D3407320
Request Chain 47
  • https://www.google-analytics.com/r/collect?v=1&_v=j75&a=1873624582&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mrgreen.com%2Fan%2Faff%2Faffiliate-20-sign-up-spins-starburst%3Fbtag%3D3407320_9E32B88037624F6197EABCE8EA803168%26cb%3D155873937472%26vml_pid%3Dp6e40ac%26utm_medium%3Daffiliates%26utm_source%3D3407320&dr=http%3A%2F%2Fet.clickfinans.com%2Ftrk%2Fclick%2Feids_m2tw3lV-tac4b-p6e40ac-uaba0-le-ccYR-23K%2F%3Fid%3Dm2tw3lV%26amp%3Bei%3Dtac4b%26amp%3Bscid%3Duaba0%26amp%3Beids%3Dm2tw3lV-tac4b-p6e40ac-uaba0-le-ccYR-23K%26amp%3Bcb%3D1558164650179&dp=%2Fan%2Faff%2Faffiliate-20-sign-up-spins-starburst&ul=en-us&de=UTF-8&dt=20%20Starburst%20spins%20for%20new%20players%20at%20Mr%20Green&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDAAEALQ~&jid=95994029&gjid=1071354166&cid=179597795.1558739377&tid=UA-63985451-3&_gid=1720751546.1558739377&_r=1&gtm=2wg5f2TWJJ8L&cd2=GA1.2.179597795.1558739377&cd5=NL&cd7=2019-05-24T23%3A09%3A37.480%2B00%3A00&cd10=0&cd11=1558739377480.3jm9uyy&cd16=GA1.2.179597795.1558739377&cd19=storefront&cd23=1&cd34=GA1.2.179597795.1558739377&cd42=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_13_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F67.0.3396.87%20Safari%2F537.36&cm6=2626&z=115096538 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-63985451-3&cid=179597795.1558739377&jid=95994029&_gid=1720751546.1558739377&gjid=1071354166&_v=j75&z=115096538 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63985451-3&cid=179597795.1558739377&jid=95994029&_v=j75&z=115096538 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63985451-3&cid=179597795.1558739377&jid=95994029&_v=j75&z=115096538&slf_rd=1&random=3460915914
Request Chain 53
  • https://tb.de17a.com/api/getUid?data=%7B%7D&callback=$d7_cb_1 HTTP 307
  • https://tb.de17a.com/api/checkUid?data=%7B%7D&callback=$d7_cb_1
Request Chain 58
  • https://a1.adform.net/Serving/TrackPoint/?pm=1397372&ADFPageName=Universal%20Tag&ADFdivider=%7C&ord=745833456523&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzbCI6InNhbGVzIiwiYWdlIjoiPGluc2VydCBBZ2UgR3JvdXAgdmFsdWUgaGVyZT4iLCJnZW4iOiI8aW5zZXJ0IEdlbmRlciB2YWx1ZSBoZXJlPiIsImN1ciI6IjxpbnNlcnQgQ3VycmVuY3kgdmFsdWUgaGVyZT4iLCJzdjEiOiJNckdyZWVuIiwic3YyIjoic3RvcmVmcm9udCIsInN2MyI6Imh0dHBzOi8vd3d3Lm1yZ3JlZW4uY29tL2FuL2FmZi9hZmZpbGlhdGUtMjAtc2lnbi11cC1zcGlucy1zdGFyYnVyc3Q_YnRhZz0zNDA3MzIwXzlFMzJCODgwMzc2MjRGNjE5N0VBQkNFOEVBODAzMTY4JmNiPTE1NTg3MzkzNzQ3MiZ2bWxfcGlkPXA2ZTQwYWMmdXRtX21lZGl1bT1hZmZpbGlhdGVzJnV0bV9zb3VyY2U9MzQwNzMyMCIsInN2NCI6Ik5MIiwic3Y1IjoidW5kZWZpbmVkIiwic3Y2IjoiPGluc2VydCBhbnkgb3RoZXIgdmFsdWUgaGVyZT4iLCJzdjciOiJodHRwczovL3d3dy5tcmdyZWVuLmNvbS9hbi9hZmYvYWZmaWxpYXRlLTIwLXNpZ24tdXAtc3BpbnMtc3RhcmJ1cnN0P2J0YWc9MzQwNzMyMF85RTMyQjg4MDM3NjI0RjYxOTdFQUJDRThFQTgwMzE2OCZjYj0xNTU4NzM5Mzc0NzImdm1sX3BpZD1wNmU0MGFjJnV0bV9tZWRpdW09YWZmaWxpYXRlcyZ1dG1fc291cmNlPTM0MDczMjAiLCJzdjgiOiJ3d3cubXJncmVlbi5jb20iLCJzdjkiOiJodHRwOi8vZXQuY2xpY2tmaW5hbnMuY29tL3Ryay9jbGljay9laWRzX20ydHczbFYtdGFjNGItcDZlNDBhYy11YWJhMC1sZS1jY1lSLTIzSy8_aWQ9bTJ0dzNsViZhbXA7ZWk9dGFjNGImYW1wO3NjaWQ9dWFiYTAmYW1wO2VpZHM9bTJ0dzNsVi10YWM0Yi1wNmU0MGFjLXVhYmEwLWxlLWNjWVItMjNLJmFtcDtjYj0xNTU4MTY0NjUwMTc5Iiwic3YxMCI6ImRlc2t0b3AiLCJzdjExIjoiMTU1ODczOTM3NzQ5OS5teTY0eGx2Iiwic3YxMiI6InVuZGVmaW5lZCIsInN2MTMiOiJ1bmRlZmluZWQiLCJzdjE0IjoiMjAxOS0wNS0yNFQyMzowOTozNy40OTkrMDA6MDAiLCJzdjE1IjoidW5kZWZpbmVkIn0&loc=https%3A%2F%2Fwww.mrgreen.com%2Fan%2Faff%2Faffiliate-20-sign-up-spins-starburst%3Fbtag%3D3407320_9E32B88037624F6197 HTTP 302
  • https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=1397372&ADFPageName=Universal%20Tag&ADFdivider=%7C&ord=745833456523&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzbCI6InNhbGVzIiwiYWdlIjoiPGluc2VydCBBZ2UgR3JvdXAgdmFsdWUgaGVyZT4iLCJnZW4iOiI8aW5zZXJ0IEdlbmRlciB2YWx1ZSBoZXJlPiIsImN1ciI6IjxpbnNlcnQgQ3VycmVuY3kgdmFsdWUgaGVyZT4iLCJzdjEiOiJNckdyZWVuIiwic3YyIjoic3RvcmVmcm9udCIsInN2MyI6Imh0dHBzOi8vd3d3Lm1yZ3JlZW4uY29tL2FuL2FmZi9hZmZpbGlhdGUtMjAtc2lnbi11cC1zcGlucy1zdGFyYnVyc3Q_YnRhZz0zNDA3MzIwXzlFMzJCODgwMzc2MjRGNjE5N0VBQkNFOEVBODAzMTY4JmNiPTE1NTg3MzkzNzQ3MiZ2bWxfcGlkPXA2ZTQwYWMmdXRtX21lZGl1bT1hZmZpbGlhdGVzJnV0bV9zb3VyY2U9MzQwNzMyMCIsInN2NCI6Ik5MIiwic3Y1IjoidW5kZWZpbmVkIiwic3Y2IjoiPGluc2VydCBhbnkgb3RoZXIgdmFsdWUgaGVyZT4iLCJzdjciOiJodHRwczovL3d3dy5tcmdyZWVuLmNvbS9hbi9hZmYvYWZmaWxpYXRlLTIwLXNpZ24tdXAtc3BpbnMtc3RhcmJ1cnN0P2J0YWc9MzQwNzMyMF85RTMyQjg4MDM3NjI0RjYxOTdFQUJDRThFQTgwMzE2OCZjYj0xNTU4NzM5Mzc0NzImdm1sX3BpZD1wNmU0MGFjJnV0bV9tZWRpdW09YWZmaWxpYXRlcyZ1dG1fc291cmNlPTM0MDczMjAiLCJzdjgiOiJ3d3cubXJncmVlbi5jb20iLCJzdjkiOiJodHRwOi8vZXQuY2xpY2tmaW5hbnMuY29tL3Ryay9jbGljay9laWRzX20ydHczbFYtdGFjNGItcDZlNDBhYy11YWJhMC1sZS1jY1lSLTIzSy8_aWQ9bTJ0dzNsViZhbXA7ZWk9dGFjNGImYW1wO3NjaWQ9dWFiYTAmYW1wO2VpZHM9bTJ0dzNsVi10YWM0Yi1wNmU0MGFjLXVhYmEwLWxlLWNjWVItMjNLJmFtcDtjYj0xNTU4MTY0NjUwMTc5Iiwic3YxMCI6ImRlc2t0b3AiLCJzdjExIjoiMTU1ODczOTM3NzQ5OS5teTY0eGx2Iiwic3YxMiI6InVuZGVmaW5lZCIsInN2MTMiOiJ1bmRlZmluZWQiLCJzdjE0IjoiMjAxOS0wNS0yNFQyMzowOTozNy40OTkrMDA6MDAiLCJzdjE1IjoidW5kZWZpbmVkIn0&loc=https%3A%2F%2Fwww.mrgreen.com%2Fan%2Faff%2Faffiliate-20-sign-up-spins-starburst%3Fbtag%3D3407320_9E32B88037624F6197
Request Chain 62
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_cm&google_ula=668382 HTTP 302
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEJTVW3SmwmQvM9M3Vysov5w&google_cver=1&google_ula=668382,0
Request Chain 63
  • https://us-u.openx.net/w/1.0/sd?id=536878327&val=589466381639324686 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=536878327&val=589466381639324686
Request Chain 64
  • https://ib.adnxs.com/getuid?https://d5p.de17a.com/setuid/appnexus?anxs_uid=$UID HTTP 302
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fd5p.de17a.com%2Fsetuid%2Fappnexus%3Fanxs_uid%3D%24UID HTTP 302
  • https://d5p.de17a.com/setuid/appnexus?anxs_uid=5942013397873588026
Request Chain 67
  • https://ad.360yield.com/match?publisher_dsp_id=61&external_user_id=589466381639324686&expiration=1561331378 HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=61&external_user_id=589466381639324686&expiration=1561331378
Request Chain 69
  • https://sync.search.spotxchange.com/partner?adv_id=7326&uid=589466381639324686&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7326&uid=589466381639324686&img=1&__user_check__=1&sync_id=00df2a8e-7e79-11e9-afb1-1a404fd51706
Request Chain 74
  • https://ad.sxp.smartclip.net/sync?type=red&dsp=39 HTTP 302
  • https://ad.sxp.smartclip.net/sync?type=red&dsp=39&ang_testid=1 HTTP 302
  • https://d5p.de17a.com/getuid/smartclip?uuid=195bef37-c21f-4b74-8545-3b15bc7839a4 HTTP 302
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=39&dspuuid=589466381639324686&uuid=195bef37-c21f-4b74-8545-3b15bc7839a4
Request Chain 75
  • https://x.bidswitch.net/sync?dsp_id=228&user_id=589466381639324686&expires=30 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=228&user_id=589466381639324686&expires=30
Request Chain 78
  • https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=589466381639324686&expiration=1561331378 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=589466381639324686&expiration=1561331378&C=1

75 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set /
et.clickfinans.com/trk/click/eids_m2tw3lV-tac4b-p6e40ac-uaba0-le-ccYR-23K/ 		922 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://et.clickfinans.com/trk/click/eids_m2tw3lV-tac4b-p6e40ac-uaba0-le-ccYR-23K/?id=m2tw3lV&ei=tac4b&scid=uaba0&eids=m2tw3lV-tac4b-p6e40ac-uaba0-le-ccYR-23K&cb=1558164650179
Protocol
HTTP/1.1
Server
52.30.156.88 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-30-156-88.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
9e03234f9008048658f89fdfcb1ac6eb4ffa24222a940d2629ef65ff9350a815

Request headers

Host
et.clickfinans.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 24 May 2019 23:09:34 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
922
Connection
keep-alive
Set-Cookie
vml_pid=pp6e40ac; Domain=.clickfinans.com; Expires=Mon, 24 May 2219 23:09:34 GMT; Path=/;
/
vmltracker.com/trk/fp/ 		44 B
348 B 		Script
General
Check archive.org
Download Go to
Full URL
https://vmltracker.com/trk/fp/?pid=pp6e40ac&cb=1558739374721
Requested by
Host: et.clickfinans.com
URL: http://et.clickfinans.com/trk/click/eids_m2tw3lV-tac4b-p6e40ac-uaba0-le-ccYR-23K/?id=m2tw3lV&ei=tac4b&scid=uaba0&eids=m2tw3lV-tac4b-p6e40ac-uaba0-le-ccYR-23K&cb=1558164650179
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.97.65 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-76-97-65.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
http://et.clickfinans.com/trk/click/eids_m2tw3lV-tac4b-p6e40ac-uaba0-le-ccYR-23K/?id=m2tw3lV&ei=tac4b&scid=uaba0&eids=m2tw3lV-tac4b-p6e40ac-uaba0-le-ccYR-23K&cb=1558164650179
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 24 May 2019 23:09:34 GMT
Content-Encoding
gzip
Connection
keep-alive
Content-Length
70
Vary
Accept-Encoding
Content-Type
text/javascript
Primary Request affiliate-20-sign-up-spins-starburst
www.mrgreen.com/an/aff/
Redirect Chain
  • https://ads.mrgreen.com/redirect.aspx?pid=4584016&bid=2530&cb=155873937472&vml_pid=p6e40ac
  • https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
17 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
Requested by
Host: et.clickfinans.com
URL: http://et.clickfinans.com/trk/click/eids_m2tw3lV-tac4b-p6e40ac-uaba0-le-ccYR-23K/?id=m2tw3lV&ei=tac4b&scid=uaba0&eids=m2tw3lV-tac4b-p6e40ac-uaba0-le-ccYR-23K&cb=1558164650179
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.33.56 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/5.5.9-1ubuntu4.20
Resource Hash
ac9979a75121edae90e508dfc70bf16ab50bcd0b711a1d3551448974ff16665d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.mrgreen.com
:scheme
https
:path
/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://et.clickfinans.com/trk/click/eids_m2tw3lV-tac4b-p6e40ac-uaba0-le-ccYR-23K/?id=m2tw3lV&ei=tac4b&scid=uaba0&eids=m2tw3lV-tac4b-p6e40ac-uaba0-le-ccYR-23K&cb=1558164650179
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://et.clickfinans.com/trk/click/eids_m2tw3lV-tac4b-p6e40ac-uaba0-le-ccYR-23K/?id=m2tw3lV&ei=tac4b&scid=uaba0&eids=m2tw3lV-tac4b-p6e40ac-uaba0-le-ccYR-23K&cb=1558164650179

Response headers

status
200
date
Fri, 24 May 2019 23:09:36 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dcb29b911099b50a0e049d93e5b5b69171558739375; expires=Sat, 23-May-20 23:09:35 GMT; path=/; domain=.mrgreen.com; HttpOnly cf_ipcountry=de; Expires=Fri, 01-Jan-2048 00:00:00 GMT; Path=/; Domain=.mrgreen.com; Secure=nil __cf_bm=298bc55a1ce0d7a5e68fac49a74860b924b5556f-1558739376-1800-AehEVk/Zcsgex2Uvp/xiUYzInbMbgfQRQtsezzMfdNkYvSxVDrqrZ0Kclj6Zh3twJbo+QLbE0q0UAyvbImt/cRM=; path=/; expires=Fri, 24-May-19 23:39:36 GMT; domain=.mrgreen.com; HttpOnly
cf-cache-status
MISS
cache-control
public, max-age=172800
cf-ray
4dc2f0266e59bdc3-AMS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Sun, 26 May 2019 23:09:36 GMT
link
<https://www.mrgreen.com/an/wp-json/>; rel="https://api.w.org/" <https://www.mrgreen.com/an/?p=177914/>; rel=shortlink
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-powered-by
PHP/5.5.9-1ubuntu4.20
x-xss-protection
1; mode=block
server
cloudflare
content-encoding
br

Redirect headers

Cache-Control
private,no-cache, no-store
Pragma
no-cache
Content-Type
text/html
Location
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
Server
Microsoft-IIS/10.0
P3P
CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
X-AspNet-Version
4.0.30319
Set-Cookie
NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a4584016%2c%22BID%22%3a2530%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1558739374978)%5c%2f%22%2c%22CookieTag%22%3a%2225304584016711481031581C201952509%22%7d%5d; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/ NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%22984471696%7c1%22%7d%5d; expires=Sun, 24-May-3018 23:09:34 GMT; path=/
Request-Context
appId=cid-v1:42ca6b97-b564-4b23-b218-51b9f4f71628
X-Powered-By
ASP.NET
Date
Fri, 24 May 2019 23:09:34 GMT
Connection
close
Content-Length
0
C9B824A3E9336530F.css
www.mrgreen.com/app/themes/storefront/assets/fonts/553158/
Redirect Chain
  • https://cloud.typography.com/7155672/712248/css/fonts.css
  • https://www.mrgreen.com/app/themes/storefront/assets/fonts/553158/C9B824A3E9336530F.css
224 KB
168 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mrgreen.com/app/themes/storefront/assets/fonts/553158/C9B824A3E9336530F.css
Requested by
Host: www.mrgreen.com
URL: https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.33.56 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
187c8bb2b506ca64efdb76a928f9a400a0d3333534adbbfd31640938599a4167
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 24 May 2019 23:09:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=230007
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-xss-protection
1; mode=block
pragma
public
last-modified
Fri, 24 May 2019 07:52:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cf-bgj
minify
cache-control
public, max-age=10368000
cf-ray
4dc2f032bda9bdc3-AMS
expires
Sat, 21 Sep 2019 23:09:37 GMT

Redirect headers

Date
Fri, 24 May 2019 23:09:37 GMT
Last-Modified
Thu, 09 Mar 2017 09:56:55 GMT
Server
Apache
ETag
"eb1b1e257b91824475ffe8abfbfbb34b:1536738569"
Vary
Accept-Encoding
Content-Type
text/html
Location
https://www.mrgreen.com/app/themes/storefront/assets/fonts/553158/C9B824A3E9336530F.css
Cache-Control
must-revalidate, private
Connection
keep-alive
X-HCo-pid
14
Content-Length
154
Expires
Fri, 24 May 2019 23:09:37 GMT
frontend.css
www.mrgreen.com/app/plugins/wp-job-manager-applications/assets/css/ 		13 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mrgreen.com/app/plugins/wp-job-manager-applications/assets/css/frontend.css?ver=4.9.8
Requested by
Host: www.mrgreen.com
URL: https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.33.56 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
55138686144d0f04d70faa92ac3c1568af9090d97ce02c74d4c2863864b4b02d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 24 May 2019 23:09:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-xss-protection
1; mode=block
pragma
public
last-modified
Fri, 24 May 2019 07:52:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cf-bgj
minify
cache-control
public, max-age=10368000
cf-ray
4dc2f031dd18bdc3-AMS
expires
Sat, 21 Sep 2019 23:09:36 GMT
main-a63b0215.css
www.mrgreen.com/app/themes/storefront/dist/styles/ 		795 KB
73 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mrgreen.com/app/themes/storefront/dist/styles/main-a63b0215.css
Requested by
Host: www.mrgreen.com
URL: https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.33.56 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2505c5129472c206215229df73018270151539bb52f12c425095ca1d2f22fdc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 24 May 2019 23:09:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=814722
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-xss-protection
1; mode=block
pragma
public
last-modified
Fri, 24 May 2019 07:57:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cf-bgj
minify
cache-control
public, max-age=10368000
cf-ray
4dc2f031dd19bdc3-AMS
expires
Sat, 21 Sep 2019 23:09:36 GMT
GA-awards-2016-stacked.png
www.mrgreen.com/app/uploads/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mrgreen.com/app/uploads/GA-awards-2016-stacked.png
Requested by
Host: www.mrgreen.com
URL: https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.33.56 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
838d5cec52890b36217c9a59fb368b5027df7bc2d747eb18beee6437e5db5ab6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 24 May 2019 23:09:36 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=28673
status
200
content-disposition
inline; filename="GA-awards-2016-stacked.webp"
cf-bgj
imgq:85
vary
Accept, Accept-Encoding
content-length
24598
x-xss-protection
1; mode=block
pragma
public
last-modified
Thu, 21 Feb 2019 09:37:54 GMT
server
cloudflare
etag
"5c6e7172-7001"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/webp
cache-control
public, max-age=10368000
accept-ranges
bytes
cf-ray
4dc2f031dd1abdc3-AMS
expires
Sat, 21 Sep 2019 23:09:36 GMT
mga.png
static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,q_auto/https://www.mrgreen.com/app/uploads/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,q_auto/https://www.mrgreen.com/app/uploads/mga.png
Requested by
Host: www.mrgreen.com
URL: https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.171.81 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d7959a33800baede38622d168b8d555eab6b61e20406674998d5ccb437045b0

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 24 May 2019 23:09:37 GMT
via
1.1 varnish
cf-cache-status
HIT
cf-polished
status=not_needed
cf-ray
4dc2f0327effc83f-AMS
edge-cache-tag
343208965763291763670825726697432882084,314100545035409380560439657131475602712,1725d64c98e9ae463aadd0291f222d6c
status
200
x-cache
HIT
cf-bgj
imgq:85
content-length
1510
x-served-by
cache-hhn1549-HHN
last-modified
Tue, 24 Apr 2018 10:20:39 GMT
server
cloudflare
x-timer
S1550549199.354243,VS0,VE1
etag
"c52073ef51d1417e873465ca7c8cfbda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Save-Data, Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Tue, 26 Nov 2019 23:09:37 GMT
cache-control
public, max-age=16070400
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1
18.png
www.mrgreen.com/app/uploads/ 		482 B
605 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mrgreen.com/app/uploads/18.png
Requested by
Host: www.mrgreen.com
URL: https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.33.56 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
693aa7a4869995b8d10fb133cd1bc9ae54e44c11916ea34e3d6d2a5ea6bc002c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 24 May 2019 23:09:36 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=562
status
200
content-disposition
inline; filename="18.webp"
cf-bgj
imgq:85
vary
Accept, Accept-Encoding
content-length
482
x-xss-protection
1; mode=block
pragma
public
last-modified
Thu, 21 Feb 2019 09:39:19 GMT
server
cloudflare
etag
"5c6e71c7-232"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/webp
cache-control
public, max-age=10368000
accept-ranges
bytes
cf-ray
4dc2f031dd1bbdc3-AMS
expires
Sat, 21 Sep 2019 23:09:36 GMT
gamcare.png
www.mrgreen.com/app/uploads/ 		508 B
658 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mrgreen.com/app/uploads/gamcare.png
Requested by
Host: www.mrgreen.com
URL: https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.33.56 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fd96c82514f1457a54d2621204aa0ed74adb721c20231cab398e919b80699b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 24 May 2019 23:09:36 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=613
status
200
content-disposition
inline; filename="gamcare.webp"
cf-bgj
imgq:85
vary
Accept, Accept-Encoding
content-length
508
x-xss-protection
1; mode=block
pragma
public
last-modified
Thu, 21 Feb 2019 09:39:19 GMT
server
cloudflare
etag
"5c6e71c7-265"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/webp
cache-control
public, max-age=10368000
accept-ranges
bytes
cf-ray
4dc2f031dd1cbdc3-AMS
expires
Sat, 21 Sep 2019 23:09:36 GMT
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.mrgreen.com
URL: https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c797 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
09cb7c36c13be7810320607e581c11cd14b5b53eefe52a528b944a43f5a91cda
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 24 May 2019 23:09:36 GMT
content-encoding
gzip
last-modified
Mon, 20 May 2019 14:38:22 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5ce2bbde-2ef5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=172800, public
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
4dc2f031fbe5d711-FRA
expires
Sun, 26 May 2019 23:09:36 GMT
tp.widget.bootstrap.min.js
widget.trustpilot.com/bootstrap/v5/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.93.95 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-93-95.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84f1d9da53a4456bf20055448abe536b4c4a83a83aacc6e3996db76535090205

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 24 May 2019 09:07:01 GMT
content-encoding
gzip
etag
"80cac6a9841423e00a0911c3b483ffc1"
last-modified
Tue, 07 May 2019 09:06:44 GMT
server
AmazonS3
age
50566
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
6245
via
1.1 412049da39a44d4e9af054ecc17534dd.cloudfront.net (CloudFront)
x-amz-cf-id
JjkrFVEc08fXAMIACkUSUjT3aD6quEIhCDc_SPxKofbs5vl3P2uUIA==
external-links.js
www.mrgreen.com/app/themes/storefront/assets/scripts/ 		541 B
383 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mrgreen.com/app/themes/storefront/assets/scripts/external-links.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.33.56 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
694785eaeec88c495973f252a762febf6883deebe838de684f51c337a5e8f230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 24 May 2019 23:09:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=753
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-xss-protection
1; mode=block
pragma
public
last-modified
Fri, 24 May 2019 07:52:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cf-bgj
minify
cache-control
public, max-age=10368000
cf-ray
4dc2f0321d48bdc3-AMS
expires
Sat, 21 Sep 2019 23:09:36 GMT
0b3514d0.js
use.fortawesome.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.fortawesome.com/0b3514d0.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.154 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.154.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
b64c19b53e7f77a7f4d544ab4ea9304e2a0896715fd3599d546544b6a5513f5e

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 24 May 2019 23:09:37 GMT
content-encoding
gzip
last-modified
Wed, 08 May 2019 11:25:17 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
W/"61e4c0307c72089900c7e7574c0c9969"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
status
200
cache-control
max-age=60, private, must-revalidate
x-cache
HIT
jquery.countdown.min.js
cdnjs.cloudflare.com/ajax/libs/jquery.countdown/2.2.0/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.countdown/2.2.0/jquery.countdown.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c797 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 24 May 2019 23:09:36 GMT
content-encoding
br
cf-cache-status
HIT
status
200
strict-transport-security
max-age=15780000; includeSubDomains
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:20:59 GMT
server
cloudflare
etag
W/"5afd497b-14db"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Wed, 13 May 2020 23:09:36 GMT
cache-control
public, max-age=30672000
cf-ray
4dc2f0321c0fd711-FRA
served-in-seconds
0.001
TweenMax.min.js
www.mrgreen.com/app/themes/storefront/bower_components/gsap/src/minified/ 		102 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mrgreen.com/app/themes/storefront/bower_components/gsap/src/minified/TweenMax.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.33.56 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a324ffab8426503c882cf1903c87537fb3fd0ba84482d24798a795e3927b6ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 24 May 2019 23:09:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-xss-protection
1; mode=block
pragma
public
last-modified
Mon, 11 Apr 2016 07:50:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=10368000
cf-ray
4dc2f0321d4abdc3-AMS
expires
Sat, 21 Sep 2019 23:09:37 GMT
jquery.gsap.min.js
www.mrgreen.com/app/themes/storefront/bower_components/gsap/src/minified/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mrgreen.com/app/themes/storefront/bower_components/gsap/src/minified/jquery.gsap.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.33.56 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ca972b4d30bbb380b96651a09652849cb7affbe7012371237ed9452e357c636
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 24 May 2019 23:09:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-xss-protection
1; mode=block
pragma
public
last-modified
Mon, 11 Apr 2016 07:50:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=10368000
cf-ray
4dc2f0321d4bbdc3-AMS
expires
Sat, 21 Sep 2019 23:09:36 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.1.1/ 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c797 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 24 May 2019 23:09:36 GMT
content-encoding
br
cf-cache-status
HIT
status
200
strict-transport-security
max-age=15780000; includeSubDomains
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:21:00 GMT
server
cloudflare
etag
W/"5afd497c-152b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Wed, 13 May 2020 23:09:36 GMT
cache-control
public, max-age=30672000
cf-ray
4dc2f0321c10d711-FRA
served-in-seconds
0.041
modernizr.min.js
cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c797 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 24 May 2019 23:09:36 GMT
content-encoding
br
cf-cache-status
HIT
status
200
strict-transport-security
max-age=15780000; includeSubDomains
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:24:28 GMT
server
cloudflare
etag
W/"5afd4a4c-2b4c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Wed, 13 May 2020 23:09:36 GMT
cache-control
public, max-age=30672000
cf-ray
4dc2f0321c13d711-FRA
served-in-seconds
0.001
cookie_write.js
www.mrgreen.com/app/themes/storefront/assets/scripts/ 		1 KB
625 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mrgreen.com/app/themes/storefront/assets/scripts/cookie_write.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.33.56 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc8a0ed09554e0799efe884f4caa4c26a612d185db68f7b15bbdde7f5892602b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 24 May 2019 23:09:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=2561
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-xss-protection
1; mode=block
pragma
public
last-modified
Fri, 24 May 2019 07:52:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cf-bgj
minify
cache-control
public, max-age=10368000
cf-ray
4dc2f0321d4cbdc3-AMS
expires
Sat, 21 Sep 2019 23:09:36 GMT
lookup-e88a2794.js
www.mrgreen.com/app/themes/storefront/dist/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mrgreen.com/app/themes/storefront/dist/scripts/lookup-e88a2794.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.33.56 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a28937b0e6cfcee7a7aac0766213d2acd221aae8ea6d159bbc706a18b52bd45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 24 May 2019 23:09:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-xss-protection
1; mode=block
pragma
public
last-modified
Fri, 24 May 2019 07:57:14 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cf-bgj
minify
cache-control
public, max-age=10368000
cf-ray
4dc2f0321d4dbdc3-AMS
expires
Sat, 21 Sep 2019 23:09:36 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 09 Mar 2019 04:35:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6633256
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
33951
x-xss-protection
1; mode=block
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Mar 2020 04:35:20 GMT
starburst-LP.jpg
www.mrgreen.com/app/uploads/ 		202 KB
203 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mrgreen.com/app/uploads/starburst-LP.jpg
Requested by
Host: www.mrgreen.com
URL: https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.33.56 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6ce7f40ee78d5061328a7afaf0d106f2810b4e57ae4188858804f3d678db949
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 24 May 2019 23:09:37 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
cf-polished
status=not_needed
status
200
cf-bgj
imgq:85
vary
Accept-Encoding
content-length
207333
x-xss-protection
1; mode=block
pragma
public
last-modified
Wed, 20 Feb 2019 14:53:18 GMT
server
cloudflare
etag
"5c6d69de-329e5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/jpeg
cache-control
public, max-age=10368000
accept-ranges
bytes
cf-ray
4dc2f0321d4ebdc3-AMS
expires
Sat, 21 Sep 2019 23:09:37 GMT
truncated
/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a91531238b3a70dd3cc21b8c8d6c78eff1642ac5dacded120273f04d5e0e89c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://www.mrgreen.com

Response headers

Content-Type
application/x-font-woff2
truncated
/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7bcf1b53835b420a9ff4057f35e9d32cafb506b5fe8703dce261950159b3574

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://www.mrgreen.com

Response headers

Content-Type
application/x-font-woff2
truncated
/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6e4e9e68ea446e385eef104bc9bef4f7b36e7b99b9aea2c1ef27d79151ce065b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://www.mrgreen.com

Response headers

Content-Type
application/x-font-woff2
truncated
/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fadbbfe9ffb5e2e3efd9ce5c2e17f0731352e8d2c2e3d01cb1e0eb6c7b7af725

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://www.mrgreen.com

Response headers

Content-Type
application/x-font-woff2
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: et.clickfinans.com
URL: http://et.clickfinans.com/trk/click/eids_m2tw3lV-tac4b-p6e40ac-uaba0-le-ccYR-23K/?id=m2tw3lV&amp;ei=tac4b&amp;scid=uaba0&amp;eids=m2tw3lV-tac4b-p6e40ac-uaba0-le-ccYR-23K&amp;cb=1558164650179
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
7dff09578729615fcd15c840a32c9f82a33fe2331a851e4ac40be03cb111b3f0
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 02 May 2019 01:33:03 GMT
server
Golfe2
age
5824
date
Fri, 24 May 2019 21:32:33 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17779
expires
Fri, 24 May 2019 23:32:33 GMT
gtm.js
www.googletagmanager.com/ 		474 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TWJJ8L
Requested by
Host: et.clickfinans.com
URL: http://et.clickfinans.com/trk/click/eids_m2tw3lV-tac4b-p6e40ac-uaba0-le-ccYR-23K/?id=m2tw3lV&amp;ei=tac4b&amp;scid=uaba0&amp;eids=m2tw3lV-tac4b-p6e40ac-uaba0-le-ccYR-23K&amp;cb=1558164650179
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
12e8a2acdf531e49a90636e81f8b3a3eaf51aad0778362cf6f582eb1e297c405
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 24 May 2019 23:09:37 GMT
content-encoding
br
last-modified
Fri, 24 May 2019 18:18:32 GMT
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
53078
x-xss-protection
0
expires
Fri, 24 May 2019 23:09:37 GMT
js
www.google-analytics.com/gtm/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-KTH7SWG&cid=179597795.1558739377
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
75d968be970b75bc4d2ea672188004e57051dca42e28edef331ec04f69309d01
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 24 May 2019 23:09:37 GMT
content-encoding
br
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
24567
x-xss-protection
0
expires
Fri, 24 May 2019 23:09:37 GMT
truncated
/ 		220 B
220 B 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd724882dc8a94e7d01094c644badf758051ed60099bb88faf936286f214c97c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://www.mrgreen.com

Response headers

Content-Type
application/font-woff2
woff2.css
use.fortawesome.com/kits/0b3514d0/publications/93161/ 		31 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fortawesome.com/kits/0b3514d0/publications/93161/woff2.css
Requested by
Host: use.fortawesome.com
URL: https://use.fortawesome.com/0b3514d0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.154 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.154.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
88ea8f3d90c5cf03f9a26afd1ec3e14ec09a659e79996d0ab856451dc5868a88

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 24 May 2019 23:09:37 GMT
content-encoding
gzip
last-modified
Wed, 08 May 2019 11:25:18 GMT
server
NetDNA-cache/2.2
x-amz-request-id
DEDEDD798C1D7B29
etag
W/"926c07c570c6836c8fc4ed4ab9c8476e"
x-cache
HIT
content-type
text/css
status
200
cache-control
max-age=31536000
x-amz-id-2
VcXSbP2Nsw7I1xbT6vNi+a/d8UniC2LuBNwQ8Cy1netKLhlGzB/P7gMH2lcvE0WCFGiyjuBIWVM=
index.html
widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/ Frame 270B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=56f16ff20000ff00058a8209
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.93.95 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-93-95.fra2.r.cloudfront.net
Software
CloudFront /
Resource Hash

Request headers

:method
GET
:authority
widget.trustpilot.com
:scheme
https
:path
/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=56f16ff20000ff00058a8209
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320

Response headers

status
200
content-type
text/html
content-length
2101
server
CloudFront
last-modified
Wed, 08 May 2019 12:01:26 GMT
content-encoding
gzip
date
Fri, 24 May 2019 12:03:08 GMT
cache-control
max-age=86400
etag
"17e8bd7956a9b9812e52da832f437729"
age
39993
x-cache
Hit from cloudfront
via
1.1 412049da39a44d4e9af054ecc17534dd.cloudfront.net (CloudFront)
x-amz-cf-id
2jN4fld0r1xP3BBzLk9JSDRxUkRJclYFRYZU4lGBorreAdPYycBgUA==
index.html
widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/ Frame 516B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=56f16ff20000ff00058a8209
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.93.95 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-93-95.fra2.r.cloudfront.net
Software
CloudFront /
Resource Hash

Request headers

:method
GET
:authority
widget.trustpilot.com
:scheme
https
:path
/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=56f16ff20000ff00058a8209
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320

Response headers

status
200
content-type
text/html
content-length
2101
server
CloudFront
last-modified
Wed, 08 May 2019 12:01:26 GMT
content-encoding
gzip
date
Fri, 24 May 2019 12:03:08 GMT
cache-control
max-age=86400
etag
"17e8bd7956a9b9812e52da832f437729"
age
39993
x-cache
Hit from cloudfront
via
1.1 412049da39a44d4e9af054ecc17534dd.cloudfront.net (CloudFront)
x-amz-cf-id
_LGhGZDBVvqMLGYKN82LJfjS8WfOPYQBh6G8LCKNA4mbsfzLOqIBeA==
truncated
/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f84143af863d0fe118d965e72bcf20fb3ec59ad8fbc7bcec1df01148bf069afc

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://www.mrgreen.com

Response headers

Content-Type
application/font-woff2;charset=utf-8
/
api.ipify.org/ 		0
0
NaN_tracker.js
cdn.nanigans.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.nanigans.com/NaN_tracker.js
Requested by
Host: et.clickfinans.com
URL: http://et.clickfinans.com/trk/click/eids_m2tw3lV-tac4b-p6e40ac-uaba0-le-ccYR-23K/?id=m2tw3lV&amp;ei=tac4b&amp;scid=uaba0&amp;eids=m2tw3lV-tac4b-p6e40ac-uaba0-le-ccYR-23K&amp;cb=1558164650179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.171.201 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-171-201.fra54.r.cloudfront.net
Software
Apache /
Resource Hash
e7885fc992f0e640f672c385c1219434f2d3c67d0dc1e06d4e87b44ec04f1122

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 24 May 2019 22:51:27 GMT
content-encoding
gzip
age
1114
x-cache
Hit from cloudfront
status
200
content-length
1584
last-modified
Wed, 10 Apr 2019 17:02:56 GMT
server
Apache
etag
"c4b-586300a7bf000"
vary
Accept-Encoding
content-type
text/javascript
via
1.1 1280e48937eca7de58e32cd35415f48a.cloudfront.net (CloudFront)
cache-control
max-age=3600, must-revalidate
x-amz-cf-pop
FRA54
accept-ranges
bytes
x-amz-cf-id
x9V_48FR1e0JRZkT93y7aNM_D9lJCyADLQw6f8db0C_qo7RsC9dlVA==
d7.js
tb.de17a.com/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tb.de17a.com/d7.js
Requested by
Host: et.clickfinans.com
URL: http://et.clickfinans.com/trk/click/eids_m2tw3lV-tac4b-p6e40ac-uaba0-le-ccYR-23K/?id=m2tw3lV&amp;ei=tac4b&amp;scid=uaba0&amp;eids=m2tw3lV-tac4b-p6e40ac-uaba0-le-ccYR-23K&amp;cb=1558164650179
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.155.156.189 , Ascension Island, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
213-155-156-189.customer.teliacarrier.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
753fd7cd2498a9e17ec3874a2fd29ab6eac09b3600006fe3ebe981617e656d58

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 24 May 2019 23:09:37 GMT
Content-Encoding
gzip
Last-Modified
Tue, 26 Mar 2019 12:53:56 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
W/"PUaUvHY9tNoPUaV1Mwti/M--gzip"
Vary
Accept-Encoding, User-Agent
P3P
CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"
Cache-Control
must-revalidate, private
Connection
close
Content-Type
application/javascript
Content-Length
6269
spef.min.js
trck.spoteffects.net/analytics/ 		77 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trck.spoteffects.net/analytics/spef.min.js
Requested by
Host: et.clickfinans.com
URL: http://et.clickfinans.com/trk/click/eids_m2tw3lV-tac4b-p6e40ac-uaba0-le-ccYR-23K/?id=m2tw3lV&amp;ei=tac4b&amp;scid=uaba0&amp;eids=m2tw3lV-tac4b-p6e40ac-uaba0-le-ccYR-23K&amp;cb=1558164650179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.119.158.131 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
nginx /
Resource Hash
90ba2ef9ef8fb5fd2c6a50ffa0fc4339690c58902bbb7948bc86405735f8e463

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Fri, 24 May 2019 23:09:37 GMT
content-encoding
gzip
last-modified
Mon, 11 Mar 2019 12:19:04 GMT
server
nginx
etag
W/"5c865238-1323e"
content-type
application/javascript
status
200
cache-control
max-age=604800, public
expires
Fri, 31 May 2019 23:09:37 GMT
adalyser-tracking-tag-v2.js
c3.adalyser.com/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c3.adalyser.com/adalyser-tracking-tag-v2.js
Requested by
Host: et.clickfinans.com
URL: http://et.clickfinans.com/trk/click/eids_m2tw3lV-tac4b-p6e40ac-uaba0-le-ccYR-23K/?id=m2tw3lV&amp;ei=tac4b&amp;scid=uaba0&amp;eids=m2tw3lV-tac4b-p6e40ac-uaba0-le-ccYR-23K&amp;cb=1558164650179
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.246.91 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-50-246-91.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
586020e6ec8efa17618c222147945c59873faf6ad041f97c6242e46956d406c2

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 24 May 2019 23:09:37 GMT
Content-Encoding
gzip
X-Powered-By
Express
ETag
"1cb62b871f54e415fa9a50dc0bd6d4e7455cc51d"
P3P
CP="ADMa OUR IND DSP NON COR"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=21600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript
Access-Control-Allow-Headers
origin, content-type, accept
Content-Length
11551
pa-5a9dcc570b346800070003d9.js
rum-static.pingdom.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rum-static.pingdom.net/pa-5a9dcc570b346800070003d9.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWJJ8L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:15ef , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
10d128002d488f4f4fdcc559e0fb48d31104c7cc2bd50ac7684288a19ce0d2ca

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 24 May 2019 23:09:37 GMT
content-encoding
gzip
cf-cache-status
HIT
status
200
content-length
2714
last-modified
Tue, 11 Sep 2018 05:52:25 GMT
server
cloudflare
etag
W/"5b975819-1878"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
4dc2f0356d312736-FRA
expires
Sat, 25 May 2019 23:09:37 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 24 May 2019 22:16:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Apr 2016 03:17:22 GMT
server
sffe
age
3178
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1296
x-xss-protection
0
expires
Fri, 24 May 2019 23:16:39 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWJJ8L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
7dff09578729615fcd15c840a32c9f82a33fe2331a851e4ac40be03cb111b3f0
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 02 May 2019 01:33:03 GMT
server
Golfe2
age
5824
date
Fri, 24 May 2019 21:32:33 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17779
expires
Fri, 24 May 2019 23:32:33 GMT
bat.js
bat.bing.com/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWJJ8L
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
02c12028c90522c06327c224fefc978df14d510bf337adeb97eb1fb719d2e63e

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 24 May 2019 23:09:36 GMT
content-encoding
gzip
last-modified
Thu, 16 May 2019 02:05:44 GMT
x-msedge-ref
Ref A: 48E77E2A33644AF5AE6ACDEE0212920F Ref B: VIEEDGE0415 Ref C: 2019-05-24T23:09:37Z
access-control-allow-origin
*
etag
"08c95de8bbd51:0"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
7091
fbevents.js
connect.facebook.net/en_US/ 		54 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: et.clickfinans.com
URL: http://et.clickfinans.com/trk/click/eids_m2tw3lV-tac4b-p6e40ac-uaba0-le-ccYR-23K/?id=m2tw3lV&amp;ei=tac4b&amp;scid=uaba0&amp;eids=m2tw3lV-tac4b-p6e40ac-uaba0-le-ccYR-23K&amp;cb=1558164650179
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
2da4bddb294dec8e9872bf3c62a19cc79557300ac8ae97da4ac318f58c6b3512
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
x-fb-debug
jp/Z2yWYq8iWidl70L4xQtio737J/UC8jadCU+ByPd40jnlLwHo5DPLtYTtSWI5YL2sPBG+s/1rmoqIj2mZYmQ==
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 24 May 2019 23:09:37 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
status
200
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
strict-transport-security
max-age=31536000; preload; includeSubDomains
vary
Accept-Encoding
content-length
16355
x-xss-protection
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
a1.adform.net/serving/scripts/trackpoint/async/ 		76 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a1.adform.net/serving/scripts/trackpoint/async/
Requested by
Host: et.clickfinans.com
URL: http://et.clickfinans.com/trk/click/eids_m2tw3lV-tac4b-p6e40ac-uaba0-le-ccYR-23K/?id=m2tw3lV&amp;ei=tac4b&amp;scid=uaba0&amp;eids=m2tw3lV-tac4b-p6e40ac-uaba0-le-ccYR-23K&amp;cb=1558164650179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
f71949eb5abb767c30181fee3c683cf75a45e2a6f9573c0f6bccea82927a46b4

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 24 May 2019 23:09:37 GMT
content-encoding
gzip
server
nginx
access-control-allow-origin
*
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
public, max-age=604800
content-type
text/javascript; charset=utf-8
content-length
30712
expires
Fri, 31 May 2019 23:09:37 GMT
dc_pre=CInQl9ekteICFYKCGQodzoAHig;src=4707643;type=mrgre00;cat=prof;ord=5952765646036;gtm=2wg5f2;auiddc=*
adservice.google.com/ddm/fls/z/
Redirect Chain
  • https://ad.doubleclick.net/activity;src=4707643;type=mrgre00;cat=prof;ord=5952765646036;gtm=2wg5f2;auiddc=1167597046.1558739377?
  • https://ad.doubleclick.net/activity;dc_pre=CInQl9ekteICFYKCGQodzoAHig;src=4707643;type=mrgre00;cat=prof;ord=5952765646036;gtm=2wg5f2;auiddc=1167597046.1558739377?
  • https://adservice.google.com/ddm/fls/z/dc_pre=CInQl9ekteICFYKCGQodzoAHig;src=4707643;type=mrgre00;cat=prof;ord=5952765646036;gtm=2wg5f2;auiddc=*
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CInQl9ekteICFYKCGQodzoAHig;src=4707643;type=mrgre00;cat=prof;ord=5952765646036;gtm=2wg5f2;auiddc=*
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 May 2019 23:09:37 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 24 May 2019 23:09:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://adservice.google.com/ddm/fls/z/dc_pre=CInQl9ekteICFYKCGQodzoAHig;src=4707643;type=mrgre00;cat=prof;ord=5952765646036;gtm=2wg5f2;auiddc=*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activityi;dc_pre=CK7cl9ekteICFRbIdwod9gwD1w;src=8271256;type=lp0;cat=landi0;ord=1;num=7838720749745;gtm=2wg5f2;auiddc=1167597046.1558739377;~oref=https%3A%2F%2Fwww.mrgreen.com%2Fan%2Faff%2Faffiliat...
8271256.fls.doubleclick.net/ Frame 7DFF
Redirect Chain
  • https://8271256.fls.doubleclick.net/activityi;src=8271256;type=lp0;cat=landi0;ord=1;num=7838720749745;gtm=2wg5f2;auiddc=1167597046.1558739377;~oref=https%3A%2F%2Fwww.mrgreen.com%2Fan%2Faff%2Faffili...
  • https://8271256.fls.doubleclick.net/activityi;dc_pre=CK7cl9ekteICFRbIdwod9gwD1w;src=8271256;type=lp0;cat=landi0;ord=1;num=7838720749745;gtm=2wg5f2;auiddc=1167597046.1558739377;~oref=https%3A%2F%2Fw...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://8271256.fls.doubleclick.net/activityi;dc_pre=CK7cl9ekteICFRbIdwod9gwD1w;src=8271256;type=lp0;cat=landi0;ord=1;num=7838720749745;gtm=2wg5f2;auiddc=1167597046.1558739377;~oref=https%3A%2F%2Fwww.mrgreen.com%2Fan%2Faff%2Faffiliate-20-sign-up-spins-starburst%3Fbtag%3D3407320_9E32B88037624F6197EABCE8EA803168%26cb%3D155873937472%26vml_pid%3Dp6e40ac%26utm_medium%3Daffiliates%26utm_source%3D3407320?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWJJ8L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.38 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s16-in-f38.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8271256.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CK7cl9ekteICFRbIdwod9gwD1w;src=8271256;type=lp0;cat=landi0;ord=1;num=7838720749745;gtm=2wg5f2;auiddc=1167597046.1558739377;~oref=https%3A%2F%2Fwww.mrgreen.com%2Fan%2Faff%2Faffiliate-20-sign-up-spins-starburst%3Fbtag%3D3407320_9E32B88037624F6197EABCE8EA803168%26cb%3D155873937472%26vml_pid%3Dp6e40ac%26utm_medium%3Daffiliates%26utm_source%3D3407320?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Fri, 24 May 2019 23:09:37 GMT
expires
Fri, 24 May 2019 23:09:37 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
449
x-xss-protection
0
set-cookie
IDE=AHWqTUkpWqOxbscOL14cSMpKRI5Pq5lcuWAhoUFc_UgRPgPer1CVEtZr5TbTPNg2; expires=Wed, 17-Jun-2020 23:09:37 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Fri, 24 May 2019 23:09:37 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8271256.fls.doubleclick.net/activityi;dc_pre=CK7cl9ekteICFRbIdwod9gwD1w;src=8271256;type=lp0;cat=landi0;ord=1;num=7838720749745;gtm=2wg5f2;auiddc=1167597046.1558739377;~oref=https%3A%2F%2Fwww.mrgreen.com%2Fan%2Faff%2Faffiliate-20-sign-up-spins-starburst%3Fbtag%3D3407320_9E32B88037624F6197EABCE8EA803168%26cb%3D155873937472%26vml_pid%3Dp6e40ac%26utm_medium%3Daffiliates%26utm_source%3D3407320?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 24-May-2019 23:24:37 GMT; path=/; domain=.doubleclick.net
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j75&a=1873624582&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mrgreen.com%2Fan%2Faff%2Faffiliate-20-sign-up-spins-starburst%3Fbtag%3D3407320_9E32B88037624F...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-63985451-3&cid=179597795.1558739377&jid=95994029&_gid=1720751546.1558739377&gjid=1071354166&_v=j75&z=115096538
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63985451-3&cid=179597795.1558739377&jid=95994029&_v=j75&z=115096538
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63985451-3&cid=179597795.1558739377&jid=95994029&_v=j75&z=115096538&slf_rd=1&random=3460915914
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63985451-3&cid=179597795.1558739377&jid=95994029&_v=j75&z=115096538&slf_rd=1&random=3460915914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 May 2019 23:09:37 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 24 May 2019 23:09:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63985451-3&cid=179597795.1558739377&jid=95994029&_v=j75&z=115096538&slf_rd=1&random=3460915914
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
133 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j75&a=1873624582&t=timing&_s=1&dl=https%3A%2F%2Fwww.mrgreen.com%2Fan%2Faff%2Faffiliate-20-sign-up-spins-starburst%3Fbtag%3D3407320_9E32B88037624F6197EABCE8EA803168%26cb%3D155873937472%26vml_pid%3Dp6e40ac%26utm_medium%3Daffiliates%26utm_source%3D3407320&dr=http%3A%2F%2Fet.clickfinans.com%2Ftrk%2Fclick%2Feids_m2tw3lV-tac4b-p6e40ac-uaba0-le-ccYR-23K%2F%3Fid%3Dm2tw3lV%26amp%3Bei%3Dtac4b%26amp%3Bscid%3Duaba0%26amp%3Beids%3Dm2tw3lV-tac4b-p6e40ac-uaba0-le-ccYR-23K%26amp%3Bcb%3D1558164650179&dp=%2Fan%2Faff%2Faffiliate-20-sign-up-spins-starburst&ul=en-us&de=UTF-8&dt=20%20Starburst%20spins%20for%20new%20players%20at%20Mr%20Green&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&utc=Content%20view&utv=Content%20View&utt=2643&_u=aGDACEALR~&jid=&gjid=&cid=179597795.1558739377&tid=UA-63985451-3&_gid=1720751546.1558739377&gtm=2wg5f2TWJJ8L&cd2=GA1.2.179597795.1558739377&cd5=NL&cd7=2019-05-24T23%3A09%3A37.496%2B00%3A00&cd16=GA1.2.179597795.1558739377&cd34=GA1.2.179597795.1558739377&cd42=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_13_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F67.0.3396.87%20Safari%2F537.36&z=730462597
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Apr 2019 22:26:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
3890601
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
500699753395600
connect.facebook.net/signals/config/ 		317 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/500699753395600?v=2.8.50&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
ed14fd8b2cfeb8958a7fd7e67886d183110ef2e6404fdaf57ec7db25da5785e2
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
91793
x-xss-protection
0
pragma
public
x-fb-debug
rLxBqpeg7PLgAaRHu28MPWEYQiYQrbQkAgGBdzC7bBD2Y+1uM5Wm07ze8/y7T3yS2L+hLw7Mcs3oGR5pGwwNhA==
date
Fri, 24 May 2019 23:09:37 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
0
bat.bing.com/action/ 		0
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5065477&Ver=2&mid=9989dd91-e4a5-499e-2cd4-90e3470589c8&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=20%20Starburst%20spins%20for%20new%20players%20at%20Mr%20Green&p=https%3A%2F%2Fwww.mrgreen.com%2Fan%2Faff%2Faffiliate-20-sign-up-spins-starburst%3Fbtag%3D3407320_9E32B88037624F6197EABCE8EA803168%26cb%3D155873937472%26vml_pid%3Dp6e40ac%26utm_medium%3Daffiliates%26utm_source%3D3407320&r=http%3A%2F%2Fet.clickfinans.com%2Ftrk%2Fclick%2Feids_m2tw3lV-tac4b-p6e40ac-uaba0-le-ccYR-23K%2F&lt=2353&evt=pageLoad&msclkid=N&rn=302324
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Fri, 24 May 2019 23:09:36 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: B90B761EA9F446A9ADE8F434025CD0F7 Ref B: VIEEDGE0415 Ref C: 2019-05-24T23:09:37Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
event.php
api.nanigans.com/ 		0
635 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.nanigans.com/event.php?app_id=82356&user_id=GA1.2.179597795.1558739377&type=visit&name=site_visit&nan_hash=a56f1cf2GFQKELDR1558739377593&nan_fp=a490be13413cf4888855d0f3e8968698&nan_dom=et.clickfinans.com&nan_fmt=js
Requested by
Host: cdn.nanigans.com
URL: https://cdn.nanigans.com/NaN_tracker.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.10.228.82 , Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
52.e4.0ab9.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 May 2019 23:09:37 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, must-revalidate, no-store, post-check=0, pre-check=0
Content-Type
text/javascript;charset=UTF-8
Content-Length
20
X-XSS-Protection
1; mode=block
Expires
Sat, 26 Jul 1997 05:00:00 GMT
inferredEvents.js
connect.facebook.net/signals/plugins/ 		1 KB
893 B 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.8.50
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
x-fb-debug
tQzO1OfjUy+MDWHg3mYRIptQOwr5W12hZV+odOJj6dvsM89VP1ND7uD33OqZO/y7GXpCABE5Hz6qiAGU5gTDqw==
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 24 May 2019 23:09:37 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
status
200
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
strict-transport-security
max-age=31536000; preload; includeSubDomains
vary
Accept-Encoding
content-length
772
x-xss-protection
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
checkUid
tb.de17a.com/api/
Redirect Chain
  • https://tb.de17a.com/api/getUid?data=%7B%7D&callback=$d7_cb_1
  • https://tb.de17a.com/api/checkUid?data=%7B%7D&callback=$d7_cb_1
60 B
276 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tb.de17a.com/api/checkUid?data=%7B%7D&callback=$d7_cb_1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.155.156.189 , Ascension Island, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
213-155-156-189.customer.teliacarrier.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
eefe0415a2d010674b24cfd1ef56d96d1fc7a072aaeb891a1d9199ba099b11ca

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 24 May 2019 23:09:37 GMT
Server
nginx/1.4.6 (Ubuntu)
Connection
close
P3P
CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"
Content-Length
60
Content-Type
application/json

Redirect headers

Location
https://tb.de17a.com/api/checkUid?data=%7B%7D&callback=$d7_cb_1
Date
Fri, 24 May 2019 23:09:37 GMT
Server
nginx/1.10.1
Connection
close
P3P
CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=500699753395600&ev=ViewContent&dl=https%3A%2F%2Fwww.mrgreen.com%2Fan%2Faff%2Faffiliate-20-sign-up-spins-starburst%3Fbtag%3D3407320_9E32B88037624F6197EABCE8EA803168%26cb%3D155873937472%26vml_pid%3Dp6e40ac%26utm_medium%3Daffiliates%26utm_source%3D3407320&rl=http%3A%2F%2Fet.clickfinans.com%2Ftrk%2Fclick%2Feids_m2tw3lV-tac4b-p6e40ac-uaba0-le-ccYR-23K%2F%3Fid%3Dm2tw3lV%26amp%3Bei%3Dtac4b%26amp%3Bscid%3Duaba0%26amp%3Beids%3Dm2tw3lV-tac4b-p6e40ac-uaba0-le-ccYR-23K%26amp%3Bcb%3D1558164650179&if=false&ts=1558739377654&sw=1600&sh=1200&v=2.8.50&r=stable&ec=0&o=30&fbp=fb.1.1558739377653.304189948&it=1558739377558&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 24 May 2019 23:09:37 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Fri, 24 May 2019 23:09:37 GMT
collect
www.google-analytics.com/ 		35 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j75&a=1873624582&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.mrgreen.com%2Fan%2Faff%2Faffiliate-20-sign-up-spins-starburst%3Fbtag%3D3407320_9E32B88037624F6197EABCE8EA803168%26cb%3D155873937472%26vml_pid%3Dp6e40ac%26utm_medium%3Daffiliates%26utm_source%3D3407320&dp=%2Fan%2Faff%2Faffiliate-20-sign-up-spins-starburst&ul=en-us&de=UTF-8&dt=20%20Starburst%20spins%20for%20new%20players%20at%20Mr%20Green&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Test&ea=Test%20Prospect&el=Prospect&_u=aGDACEALR~&jid=&gjid=&cid=179597795.1558739377&tid=UA-63985451-3&_gid=1720751546.1558739377&gtm=2wg5f2TWJJ8L&cd24=http%3A%2F%2Fet.clickfinans.com%2Ftrk%2Fclick%2Feids_m2tw3lV-tac4b-p6e40ac-uaba0-le-ccYR-23K%2F%3Fid%3Dm2tw3lV%26amp%3Bei%3Dtac4b%26amp%3Bscid%3Duaba0%26amp%3Beids%3Dm2tw3lV-tac4b-p6e40ac-uaba0-le-ccYR-23K%26amp%3Bcb%3D1558164650179&cd42=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_13_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F67.0.3396.87%20Safari%2F537.36&cd41=Prospect&z=918308098
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Apr 2019 22:26:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
3890601
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
p
c3.adalyser.com/tracking/track/v2/ 		43 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c3.adalyser.com/tracking/track/v2/p?stm=1558739377709&e=ses&url=https%3A%2F%2Fwww.mrgreen.com%2Fan%2Faff%2Faffiliate-20-sign-up-spins-starburst%3Fbtag%3D3407320_9E32B88037624F6197EABCE8EA803168%26cb%3D155873937472%26vml_pid%3Dp6e40ac%26utm_medium%3Daffiliates%26utm_source%3D3407320&dtm=1558739377706&source=3407320&medium=affiliates&campaign=(not%20set)&content=(not%20set)&keyword=(not%20set)&vid=2&sid=ffdac2ed-014b-4268-b81a-275c89dff538&duid=01da5cba-bb6f-41b5-a211-ef5e12b2734c&domain=www.mrgreen.com&tpid=799234530092&userAgent=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_13_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F67.0.3396.87%20Safari%2F537.36
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.246.91 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-50-246-91.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 May 2019 23:09:37 GMT
X-Powered-By
Express
ETag
W/"2b-B//0C13UlayirE4cP7xgqg"
P3P
CP="ADMa OUR IND DSP NON COR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
content-type
image/gif
Access-Control-Allow-Headers
origin, content-type, accept
Content-Length
43
Expires
0
piwik.php
trck.spoteffects.net/analytics/ 		43 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trck.spoteffects.net/analytics/piwik.php?action_name=20%20Starburst%20spins%20for%20new%20players%20at%20Mr%20Green&idsite=287&rec=1&r=476272&h=23&m=9&s=37&url=https%3A%2F%2Fwww.mrgreen.com%2Fan%2Faff%2Faffiliate-20-sign-up-spins-starburst%3Fbtag%3D3407320_9E32B88037624F6197EABCE8EA803168%26cb%3D155873937472%26vml_pid%3Dp6e40ac%26utm_medium%3Daffiliates%26utm_source%3D3407320&_id=9537fda0acee6664&_idts=1558739378&_idvc=1&_idn=0&_refts=0&_viewts=1558739378&send_image=1&cookie=1&res=1600x1200&gt_ms=1820&pv_id=EzesOr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.119.158.131 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
nginx / PHP/7.2.13
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Fri, 24 May 2019 23:09:37 GMT
cache-control
no-store
server
nginx
x-powered-by
PHP/7.2.13
content-type
image/gif
/
a1.adform.net/Serving/TrackPoint/
Redirect Chain
  • https://a1.adform.net/Serving/TrackPoint/?pm=1397372&ADFPageName=Universal%20Tag&ADFdivider=%7C&ord=745833456523&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzbCI6InNhbGVzIiwiYWdlIjoiPGlu...
  • https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=1397372&ADFPageName=Universal%20Tag&ADFdivider=%7C&ord=745833456523&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzbCI6InNhbGVzIiwiYWdlIjo...
9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=1397372&ADFPageName=Universal%20Tag&ADFdivider=%7C&ord=745833456523&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzbCI6InNhbGVzIiwiYWdlIjoiPGluc2VydCBBZ2UgR3JvdXAgdmFsdWUgaGVyZT4iLCJnZW4iOiI8aW5zZXJ0IEdlbmRlciB2YWx1ZSBoZXJlPiIsImN1ciI6IjxpbnNlcnQgQ3VycmVuY3kgdmFsdWUgaGVyZT4iLCJzdjEiOiJNckdyZWVuIiwic3YyIjoic3RvcmVmcm9udCIsInN2MyI6Imh0dHBzOi8vd3d3Lm1yZ3JlZW4uY29tL2FuL2FmZi9hZmZpbGlhdGUtMjAtc2lnbi11cC1zcGlucy1zdGFyYnVyc3Q_YnRhZz0zNDA3MzIwXzlFMzJCODgwMzc2MjRGNjE5N0VBQkNFOEVBODAzMTY4JmNiPTE1NTg3MzkzNzQ3MiZ2bWxfcGlkPXA2ZTQwYWMmdXRtX21lZGl1bT1hZmZpbGlhdGVzJnV0bV9zb3VyY2U9MzQwNzMyMCIsInN2NCI6Ik5MIiwic3Y1IjoidW5kZWZpbmVkIiwic3Y2IjoiPGluc2VydCBhbnkgb3RoZXIgdmFsdWUgaGVyZT4iLCJzdjciOiJodHRwczovL3d3dy5tcmdyZWVuLmNvbS9hbi9hZmYvYWZmaWxpYXRlLTIwLXNpZ24tdXAtc3BpbnMtc3RhcmJ1cnN0P2J0YWc9MzQwNzMyMF85RTMyQjg4MDM3NjI0RjYxOTdFQUJDRThFQTgwMzE2OCZjYj0xNTU4NzM5Mzc0NzImdm1sX3BpZD1wNmU0MGFjJnV0bV9tZWRpdW09YWZmaWxpYXRlcyZ1dG1fc291cmNlPTM0MDczMjAiLCJzdjgiOiJ3d3cubXJncmVlbi5jb20iLCJzdjkiOiJodHRwOi8vZXQuY2xpY2tmaW5hbnMuY29tL3Ryay9jbGljay9laWRzX20ydHczbFYtdGFjNGItcDZlNDBhYy11YWJhMC1sZS1jY1lSLTIzSy8_aWQ9bTJ0dzNsViZhbXA7ZWk9dGFjNGImYW1wO3NjaWQ9dWFiYTAmYW1wO2VpZHM9bTJ0dzNsVi10YWM0Yi1wNmU0MGFjLXVhYmEwLWxlLWNjWVItMjNLJmFtcDtjYj0xNTU4MTY0NjUwMTc5Iiwic3YxMCI6ImRlc2t0b3AiLCJzdjExIjoiMTU1ODczOTM3NzQ5OS5teTY0eGx2Iiwic3YxMiI6InVuZGVmaW5lZCIsInN2MTMiOiJ1bmRlZmluZWQiLCJzdjE0IjoiMjAxOS0wNS0yNFQyMzowOTozNy40OTkrMDA6MDAiLCJzdjE1IjoidW5kZWZpbmVkIn0&loc=https%3A%2F%2Fwww.mrgreen.com%2Fan%2Faff%2Faffiliate-20-sign-up-spins-starburst%3Fbtag%3D3407320_9E32B88037624F6197
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
045441d4905746cd166fa9f3b83a8aecc3e9c39dba751ea6a199003bf682f48b

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 May 2019 23:09:37 GMT
content-encoding
gzip
server
nginx
access-control-allow-origin
*
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/javascript; charset=utf-8
content-length
2574
expires
-1

Redirect headers

pragma
no-cache
date
Fri, 24 May 2019 23:09:37 GMT
server
nginx
access-control-allow-origin
*
location
https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=1397372&ADFPageName=Universal%20Tag&ADFdivider=%7C&ord=745833456523&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzbCI6InNhbGVzIiwiYWdlIjoiPGluc2VydCBBZ2UgR3JvdXAgdmFsdWUgaGVyZT4iLCJnZW4iOiI8aW5zZXJ0IEdlbmRlciB2YWx1ZSBoZXJlPiIsImN1ciI6IjxpbnNlcnQgQ3VycmVuY3kgdmFsdWUgaGVyZT4iLCJzdjEiOiJNckdyZWVuIiwic3YyIjoic3RvcmVmcm9udCIsInN2MyI6Imh0dHBzOi8vd3d3Lm1yZ3JlZW4uY29tL2FuL2FmZi9hZmZpbGlhdGUtMjAtc2lnbi11cC1zcGlucy1zdGFyYnVyc3Q_YnRhZz0zNDA3MzIwXzlFMzJCODgwMzc2MjRGNjE5N0VBQkNFOEVBODAzMTY4JmNiPTE1NTg3MzkzNzQ3MiZ2bWxfcGlkPXA2ZTQwYWMmdXRtX21lZGl1bT1hZmZpbGlhdGVzJnV0bV9zb3VyY2U9MzQwNzMyMCIsInN2NCI6Ik5MIiwic3Y1IjoidW5kZWZpbmVkIiwic3Y2IjoiPGluc2VydCBhbnkgb3RoZXIgdmFsdWUgaGVyZT4iLCJzdjciOiJodHRwczovL3d3dy5tcmdyZWVuLmNvbS9hbi9hZmYvYWZmaWxpYXRlLTIwLXNpZ24tdXAtc3BpbnMtc3RhcmJ1cnN0P2J0YWc9MzQwNzMyMF85RTMyQjg4MDM3NjI0RjYxOTdFQUJDRThFQTgwMzE2OCZjYj0xNTU4NzM5Mzc0NzImdm1sX3BpZD1wNmU0MGFjJnV0bV9tZWRpdW09YWZmaWxpYXRlcyZ1dG1fc291cmNlPTM0MDczMjAiLCJzdjgiOiJ3d3cubXJncmVlbi5jb20iLCJzdjkiOiJodHRwOi8vZXQuY2xpY2tmaW5hbnMuY29tL3Ryay9jbGljay9laWRzX20ydHczbFYtdGFjNGItcDZlNDBhYy11YWJhMC1sZS1jY1lSLTIzSy8_aWQ9bTJ0dzNsViZhbXA7ZWk9dGFjNGImYW1wO3NjaWQ9dWFiYTAmYW1wO2VpZHM9bTJ0dzNsVi10YWM0Yi1wNmU0MGFjLXVhYmEwLWxlLWNjWVItMjNLJmFtcDtjYj0xNTU4MTY0NjUwMTc5Iiwic3YxMCI6ImRlc2t0b3AiLCJzdjExIjoiMTU1ODczOTM3NzQ5OS5teTY0eGx2Iiwic3YxMiI6InVuZGVmaW5lZCIsInN2MTMiOiJ1bmRlZmluZWQiLCJzdjE0IjoiMjAxOS0wNS0yNFQyMzowOTozNy40OTkrMDA6MDAiLCJzdjE1IjoidW5kZWZpbmVkIn0&loc=https%3A%2F%2Fwww.mrgreen.com%2Fan%2Faff%2Faffiliate-20-sign-up-spins-starburst%3Fbtag%3D3407320_9E32B88037624F6197
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
302
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/html; charset=utf-8
expires
-1
/
a1.adform.net/Serving/TrackPoint/ 		128 B
611 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a1.adform.net/Serving/TrackPoint/?pm=1397497&ADFPageName=MrGreen%20-%20Lobby%20-%20storefront&ADFdivider=%7C&ord=463210784638&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzbCI6InVuZGVmaW5lZCIsImFnZSI6IjxpbnNlcnQgQWdlIEdyb3VwIHZhbHVlIGhlcmU-IiwiZ2VuIjoiPGluc2VydCBHZW5kZXIgdmFsdWUgaGVyZT4iLCJjdXIiOiI8aW5zZXJ0IEN1cnJlbmN5IHZhbHVlIGhlcmU-Iiwic3YxIjoiTXJHcmVlbiIsInN2MiI6InN0b3JlZnJvbnQiLCJzdjMiOiJodHRwczovL3d3dy5tcmdyZWVuLmNvbS9hbi9hZmYvYWZmaWxpYXRlLTIwLXNpZ24tdXAtc3BpbnMtc3RhcmJ1cnN0P2J0YWc9MzQwNzMyMF85RTMyQjg4MDM3NjI0RjYxOTdFQUJDRThFQTgwMzE2OCZjYj0xNTU4NzM5Mzc0NzImdm1sX3BpZD1wNmU0MGFjJnV0bV9tZWRpdW09YWZmaWxpYXRlcyZ1dG1fc291cmNlPTM0MDczMjAiLCJzdjQiOiJOTCIsInN2NSI6InVuZGVmaW5lZCIsInN2NiI6IjxpbnNlcnQgYW55IG90aGVyIHZhbHVlIGhlcmU-Iiwic3Y3IjoiaHR0cHM6Ly93d3cubXJncmVlbi5jb20vYW4vYWZmL2FmZmlsaWF0ZS0yMC1zaWduLXVwLXNwaW5zLXN0YXJidXJzdD9idGFnPTM0MDczMjBfOUUzMkI4ODAzNzYyNEY2MTk3RUFCQ0U4RUE4MDMxNjgmY2I9MTU1ODczOTM3NDcyJnZtbF9waWQ9cDZlNDBhYyZ1dG1fbWVkaXVtPWFmZmlsaWF0ZXMmdXRtX3NvdXJjZT0zNDA3MzIwIiwic3Y4Ijoid3d3Lm1yZ3JlZW4uY29tIiwic3Y5IjoiaHR0cDovL2V0LmNsaWNrZmluYW5zLmNvbS90cmsvY2xpY2svZWlkc19tMnR3M2xWLXRhYzRiLXA2ZTQwYWMtdWFiYTAtbGUtY2NZUi0yM0svP2lkPW0ydHczbFYmYW1wO2VpPXRhYzRiJmFtcDtzY2lkPXVhYmEwJmFtcDtlaWRzPW0ydHczbFYtdGFjNGItcDZlNDBhYy11YWJhMC1sZS1jY1lSLTIzSyZhbXA7Y2I9MTU1ODE2NDY1MDE3OSIsInN2MTAiOiJkZXNrdG9wIiwic3YxMSI6IjE1NTg3MzkzNzc0OTkubXk2NHhsdiIsInN2MTIiOiJ1bmRlZmluZWQiLCJzdjEzIjoidW5kZWZpbmVkIiwic3YxNCI6IjIwMTktMDUtMjRUMjM6MDk6MzcuNDk5KzAwOjAwIiwic3YxNSI6InVuZGVmaW5lZCJ9&loc=https%3A%2F%2Fwww.mrgreen.com%2Fan%2Faff%2Faffiliate-20-sign-up-spins-starburst%3Fbtag%3D3407320_9E32B88037624F6197
Requested by
Host: a1.adform.net
URL: https://a1.adform.net/serving/scripts/trackpoint/async/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
d193e6245ed51c3a0683f483e4849a6531290305898c5214890165a12e3563c2

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 May 2019 23:09:37 GMT
content-encoding
gzip
server
nginx
access-control-allow-origin
*
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/javascript; charset=utf-8
content-length
198
expires
-1
pageView
tb.de17a.com/api/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tb.de17a.com/api/pageView?data=%7B%22action%22%3A%22pageView%22%2C%22pageId%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.mrgreen.com%2Fan%2Faff%2Faffiliate-20-sign-up-spins-starburst%3Fbtag%3D3407320_9E32B88037624F6197EABCE8EA803168%26cb%3D155873937472%26vml_pid%3Dp6e40ac%26utm_medium%3Daffiliates%26utm_source%3D3407320%22%2C%22title%22%3A%2220%20Starburst%20spins%20for%20new%20players%20at%20Mr%20Green%22%2C%22trackingAccountId%22%3A%22128%22%2C%22referrer%22%3A%22%22%7D&callback=$d7_cb_2
Requested by
Host: tb.de17a.com
URL: https://tb.de17a.com/d7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.155.156.189 , Ascension Island, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
213-155-156-189.customer.teliacarrier.com
Software
nginx/1.10.1 /
Resource Hash
5eefdedb849266d89d67002068ea5f2648aa7cef381555fde9dd6bc2f07be9dd

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 24 May 2019 23:09:38 GMT
Server
nginx/1.10.1
Connection
close
P3P
CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"
Content-Length
3725
Content-Type
application/json
tap.php
pixel.rubiconproject.com/ Frame EFCA 		42 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6327&nid=2135&put=589466381639324686&expires=30
Requested by
Host: www.mrgreen.com
URL: https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.80 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
Rubicon Project /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 May 2019 23:09:37 GMT
Server
Rubicon Project
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
X-RPHost
DWpk6HUHU143TCowGsuS2w
Expires
0
google
d5p.de17a.com/cookies/ Frame EFCA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_cm&google_ula=668382
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEJTVW3SmwmQvM9M3Vysov5w&google_cver=1&google_ula=668382,0
35 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d5p.de17a.com/cookies/google?google_gid=CAESEJTVW3SmwmQvM9M3Vysov5w&google_cver=1&google_ula=668382,0
Requested by
Host: www.mrgreen.com
URL: https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.155.156.181 , Ascension Island, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
213-155-156-181.customer.teliacarrier.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Connection
close
Content-Type
image/gif
Content-Length
35
P3P
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

Redirect headers

pragma
no-cache
date
Fri, 24 May 2019 23:09:38 GMT
server
HTTP server (unknown)
location
https://d5p.de17a.com/cookies/google?google_gid=CAESEJTVW3SmwmQvM9M3Vysov5w&google_cver=1&google_ula=668382,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame EFCA
Redirect Chain
  • https://us-u.openx.net/w/1.0/sd?id=536878327&val=589466381639324686
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=536878327&val=589466381639324686
43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=536878327&val=589466381639324686
Requested by
Host: www.mrgreen.com
URL: https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.241.240.143 Amsterdam, Netherlands, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS
ox-173-241-240-143.xa.dc.openx.org
Software
OXGW/16.139.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 May 2019 23:09:38 GMT
server
OXGW/16.139.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
status
200
cache-control
private, max-age=0, no-cache
content-type
image/gif
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

status
302
date
Fri, 24 May 2019 23:09:38 GMT
server
OXGW/16.139.0
content-length
0
location
https://us-u.openx.net/w/1.0/sd?cc=1&id=536878327&val=589466381639324686
p3p
CP="CUR ADM OUR NOR STA NID"
appnexus
d5p.de17a.com/setuid/ Frame EFCA
Redirect Chain
  • https://ib.adnxs.com/getuid?https://d5p.de17a.com/setuid/appnexus?anxs_uid=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fd5p.de17a.com%2Fsetuid%2Fappnexus%3Fanxs_uid%3D%24UID
  • https://d5p.de17a.com/setuid/appnexus?anxs_uid=5942013397873588026
35 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d5p.de17a.com/setuid/appnexus?anxs_uid=5942013397873588026
Requested by
Host: www.mrgreen.com
URL: https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.155.156.169 , Ascension Island, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
213-155-156-169.customer.teliacarrier.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Connection
close
Content-Type
image/gif
Content-Length
35
P3P
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

Redirect headers

Pragma
no-cache
Date
Fri, 24 May 2019 23:09:40 GMT
AN-X-Request-Uuid
3f859e2b-243a-4ad0-a092-c12effef3fe7
Content-Type
text/html; charset=utf-8
Server
nginx/1.13.4
Location
https://d5p.de17a.com/setuid/appnexus?anxs_uid=5942013397873588026
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.130.184.117; 185.130.184.117; 319.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.236:80
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
UserMatch.ashx
atemda.com/ Frame EFCA 		43 B
698 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atemda.com/UserMatch.ashx?bidderid=18&bidderuid=589466381639324686&expiration=1561331378
Requested by
Host: www.mrgreen.com
URL: https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.36.253.28 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 24 May 2019 23:09:45 GMT
Access-Control-Allow-Methods
GET
P3P
CP="NOI DSP NID BUS UNI COM NAV INT STA OTC CURa ADMa DEVa PSAa PSDa OUR"
Access-Control-Allow-Origin
*
Cache-Control
private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Access-Control-Allow-Headers
Content-Type
Content-Length
43
Expires
Fri, 24 May 2019 23:09:38 GMT
Pug
image2.pubmatic.com/AdServer/ Frame EFCA 		42 B
779 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=&gdpr_consent=&piggybackCookie=589466381639324686
Requested by
Host: www.mrgreen.com
URL: https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 May 2019 23:09:38 GMT
X-lat
Pug22016:0:690
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Cache-Control
no-store, no-cache, private
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
X-Cnection
close
Content-Type
image/gif; charset=utf-8
Content-Length
42
match
ad.360yield.com/ul_cb/ Frame EFCA
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=61&external_user_id=589466381639324686&expiration=1561331378
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=61&external_user_id=589466381639324686&expiration=1561331378
43 B
825 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=61&external_user_id=589466381639324686&expiration=1561331378
Requested by
Host: www.mrgreen.com
URL: https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.212.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-29-212-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 24 May 2019 23:09:38 GMT
Server
nginx
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43

Redirect headers

Date
Fri, 24 May 2019 23:09:38 GMT
Server
nginx
Location
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=61&external_user_id=589466381639324686&expiration=1561331378
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
m
ad.yieldlab.net/ Frame EFCA 		0
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=31567&ext_id=589466381639324686
Requested by
Host: www.mrgreen.com
URL: https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.122.151 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-122-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 May 2019 23:09:38 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Application-Context
application
Expires
Thu, 23 May 2019 23:09:38 GMT
partner
sync.search.spotxchange.com/ Frame EFCA
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7326&uid=589466381639324686&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=7326&uid=589466381639324686&img=1&__user_check__=1&sync_id=00df2a8e-7e79-11e9-afb1-1a404fd51706
43 B
525 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7326&uid=589466381639324686&img=1&__user_check__=1&sync_id=00df2a8e-7e79-11e9-afb1-1a404fd51706
Requested by
Host: www.mrgreen.com
URL: https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.126 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 24 May 2019 23:09:38 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
85
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Fri, 24 May 2019 23:09:38 GMT
Server
nginx
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS
Location
/partner?adv_id=7326&uid=589466381639324686&img=1&__user_check__=1&sync_id=00df2a8e-7e79-11e9-afb1-1a404fd51706
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
35
Connection
keep-alive
Content-Length
0
sync
pixel.advertising.com/ups/55955/ Frame EFCA 		0
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/55955/sync?uid=589466381639324686&_origin=1
Requested by
Host: www.mrgreen.com
URL: https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.96.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-157-96-7.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
204
date
Fri, 24 May 2019 23:09:38 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
sy.eu.angsrvr.com/ Frame EFCA 		0
0
idsync
soma.smaato.net/oapi/ Frame EFCA 		35 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://soma.smaato.net/oapi/idsync?redirect=https%3A%2F%2Fd5p.de17a.com%2Fsetuid%2Fsmaato%3FpartnerId%3DSomaCookieUserId%26deltaInitiated%3D1
Requested by
Host: www.mrgreen.com
URL: https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.62.179 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-229-62-179.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 24 May 2019 23:09:37 GMT
Last-Modified
Tue, 21 May 2019 12:31:02 GMT
Server
SOMA
ETag
W/"35-1558441862000"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35
sync
pixel.advertising.com/ups/55955/ Frame EFCA 		0
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/55955/sync?uid=589466381639324686&_origin=1&gdpr=&gdpr_consent=
Requested by
Host: www.mrgreen.com
URL: https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.96.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-157-96-7.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
204
date
Fri, 24 May 2019 23:09:38 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ad.sxp.smartclip.net/ Frame EFCA
Redirect Chain
  • https://ad.sxp.smartclip.net/sync?type=red&dsp=39
  • https://ad.sxp.smartclip.net/sync?type=red&dsp=39&ang_testid=1
  • https://d5p.de17a.com/getuid/smartclip?uuid=195bef37-c21f-4b74-8545-3b15bc7839a4
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=39&dspuuid=589466381639324686&uuid=195bef37-c21f-4b74-8545-3b15bc7839a4
42 B
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.sxp.smartclip.net/sync?type=host&dsp=39&dspuuid=589466381639324686&uuid=195bef37-c21f-4b74-8545-3b15bc7839a4
Requested by
Host: www.mrgreen.com
URL: https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.54.225 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-250-54-225.eu-west-1.compute.amazonaws.com
Software
nginx/1.13.12 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 24 May 2019 23:09:39 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.13.12
Connection
keep-alive
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length
42
Content-Type
image/gif

Redirect headers

Location
https://ad.sxp.smartclip.net/sync?type=host&dsp=39&dspuuid=589466381639324686&uuid=195bef37-c21f-4b74-8545-3b15bc7839a4
Connection
close
P3P
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
sync
x.bidswitch.net/ul_cb/ Frame EFCA
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=228&user_id=589466381639324686&expires=30
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=228&user_id=589466381639324686&expires=30
43 B
575 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=228&user_id=589466381639324686&expires=30
Requested by
Host: www.mrgreen.com
URL: https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.153.11.1 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-153-11-1.eu-central-1.compute.amazonaws.com
Software
nginx/1.12.0 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 24 May 2019 23:09:38 GMT
Server
nginx/1.12.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=10
Content-Length
43

Redirect headers

Date
Fri, 24 May 2019 23:09:38 GMT
Server
nginx/1.12.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://x.bidswitch.net/ul_cb/sync?dsp_id=228&user_id=589466381639324686&expires=30
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
0
match
dmp.adform.net/serving/cookie/ Frame EFCA 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match?party=1124&cid=589466381639324686
Requested by
Host: www.mrgreen.com
URL: https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 May 2019 23:09:38 GMT
server
nginx
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
589466381639324686
usermatch.targeting.unrulymedia.com/usermatch/delta/ Frame EFCA 		0
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usermatch.targeting.unrulymedia.com/usermatch/delta/589466381639324686
Requested by
Host: www.mrgreen.com
URL: https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.42.75 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-242-42-75.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 24 May 2019 23:09:38 GMT
Server
nginx
X-Unruly-Server
usermatch-eu-006.unrulymedia.com
Allow
GET
P3P
CP="CUR IVDo OUR IND"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html
Content-Length
0
rum
dsum.casalemedia.com/ Frame EFCA
Redirect Chain
  • https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=589466381639324686&expiration=1561331378
  • https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=589466381639324686&expiration=1561331378&C=1
43 B
873 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=589466381639324686&expiration=1561331378&C=1
Requested by
Host: www.mrgreen.com
URL: https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 May 2019 23:09:38 GMT
Server
Apache
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 24 May 2019 23:09:38 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 24 May 2019 23:09:38 GMT
Server
Apache
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=589466381639324686&expiration=1561331378&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
304
Expires
Fri, 24 May 2019 23:09:38 GMT
/
www.facebook.com/tr/ Frame 9CD7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
2318
pragma
no-cache
cache-control
no-cache
origin
https://www.mrgreen.com
upgrade-insecure-requests
1
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320
accept-encoding
gzip, deflate, br
cookie
fr=0mLnsdnfbaScFU2ot..Bc6Hmx...1.0.Bc6Hmx.
Origin
https://www.mrgreen.com
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.mrgreen.com/an/aff/affiliate-20-sign-up-spins-starburst?btag=3407320_9E32B88037624F6197EABCE8EA803168&cb=155873937472&vml_pid=p6e40ac&utm_medium=affiliates&utm_source=3407320

Response headers

status
200
content-type
text/plain
access-control-allow-origin
https://www.mrgreen.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-length
0
server
proxygen
date
Fri, 24 May 2019 23:09:38 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.ipify.org
URL
https://api.ipify.org/?format=jsonp&callback=getIP
Domain
sy.eu.angsrvr.com
URL
https://sy.eu.angsrvr.com/sync?type=host&dsp=10&dspuuid=589466381639324686

Verdicts & Comments Add Verdict or Comment

169 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| __cfQR function| $ function| jQuery string| ajaxurl object| dataLayer string| GoogleAnalyticsObject function| ga function| getParameterByName undefined| data undefined| obj boolean| is_root string| mockdata boolean| got_cookies string| sportBasePath undefined| country undefined| exclusions function| processData function| objData function| createRedirect undefined| xhr function| Cookies function| createCookie function| getCookie function| delete_cookie function| createCookieConsent object| html5 object| Modernizr object| google_tag_data object| gaplugins object| gaGlobal object| _gsScope object| _gsQueue object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| TweenMax function| TimelineLite function| TimelineMax function| BezierPlugin function| CSSPlugin function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup object| FortAwesomeConfig string| woffCSSFilename string| cssFilename string| cssUrl object| tlGameTiles object| curTime string| endTime number| endTimeUnix string| device string| deviceAgent object| isTouchDevice boolean| __cfRLUnblockHandlers object| google_tag_manager object| Trustpilot object| google_optimize function| getIP object| NaN_api object| _d7 object| _spef object| GlobalAdalyserNamespace function| adalyserTracker number| currentTime object| uetq function| fbq function| _fbq object| _adftrack string| $page_url object| $this string| $href object| gaData function| UET boolean| K object| $d7_cb_1 function| La object| d string| expires function| adalyserModules function| trackerCore function| rng object| _rnds8 undefined| _rnds function| parse function| unparse function| v1 function| v4 object| _byteToHex object| _hexToByte object| _seedBytes object| _nodeId number| _clockseq number| _lastMSecs number| _lastNSecs function| uuid function| cookie string| queueName function| queue function| sha1 function| api object| mutState object| AdalyserTracker string| configSilo object| JSON_PIWIK object| Spef object| AnalyticsTracker function| spef_log object| Adform object| KJUR object| adf string| tpPageName string| adfURL function| findMarket function| findSuffix function| distributeAustria function| findBrand function| findSales object| marketsTable object| conversionNames object| order string| marketID string| suffix string| brand undefined| adfPageName undefined| brandSuffix object| $d7_cb_2

3 Cookies

Domain/Path Name / Value
.mrgreen.com/ Name: __cf_bm
Value: 298bc55a1ce0d7a5e68fac49a74860b924b5556f-1558739376-1800-AehEVk/Zcsgex2Uvp/xiUYzInbMbgfQRQtsezzMfdNkYvSxVDrqrZ0Kclj6Zh3twJbo+QLbE0q0UAyvbImt/cRM=
.mrgreen.com/ Name: cf_ipcountry
Value: de
.mrgreen.com/ Name: __cfduid
Value: dcb29b911099b50a0e049d93e5b5b69171558739375

1 Console Messages

Source Level URL
Text
console-api log URL: https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=1397372&ADFPageName=Universal%20Tag&ADFdivider=%7C&ord=745833456523&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzbCI6InNhbGVzIiwiYWdlIjoiPGluc2VydCBBZ2UgR3JvdXAgdmFsdWUgaGVyZT4iLCJnZW4iOiI8aW5zZXJ0IEdlbmRlciB2YWx1ZSBoZXJlPiIsImN1ciI6IjxpbnNlcnQgQ3VycmVuY3kgdmFsdWUgaGVyZT4iLCJzdjEiOiJNckdyZWVuIiwic3YyIjoic3RvcmVmcm9udCIsInN2MyI6Imh0dHBzOi8vd3d3Lm1yZ3JlZW4uY29tL2FuL2FmZi9hZmZpbGlhdGUtMjAtc2lnbi11cC1zcGlucy1zdGFyYnVyc3Q_YnRhZz0zNDA3MzIwXzlFMzJCODgwMzc2MjRGNjE5N0VBQkNFOEVBODAzMTY4JmNiPTE1NTg3MzkzNzQ3MiZ2bWxfcGlkPXA2ZTQwYWMmdXRtX21lZGl1bT1hZmZpbGlhdGVzJnV0bV9zb3VyY2U9MzQwNzMyMCIsInN2NCI6Ik5MIiwic3Y1IjoidW5kZWZpbmVkIiwic3Y2IjoiPGluc2VydCBhbnkgb3RoZXIgdmFsdWUgaGVyZT4iLCJzdjciOiJodHRwczovL3d3dy5tcmdyZWVuLmNvbS9hbi9hZmYvYWZmaWxpYXRlLTIwLXNpZ24tdXAtc3BpbnMtc3RhcmJ1cnN0P2J0YWc9MzQwNzMyMF85RTMyQjg4MDM3NjI0RjYxOTdFQUJDRThFQTgwMzE2OCZjYj0xNTU4NzM5Mzc0NzImdm1sX3BpZD1wNmU0MGFjJnV0bV9tZWRpdW09YWZmaWxpYXRlcyZ1dG1fc291cmNlPTM0MDczMjAiLCJzdjgiOiJ3d3cubXJncmVlbi5jb20iLCJzdjkiOiJodHRwOi8vZXQuY2xpY2tmaW5hbnMuY29tL3Ryay9jbGljay9laWRzX20ydHczbFYtdGFjNGItcDZlNDBhYy11YWJhMC1sZS1jY1lSLTIzSy8_aWQ9bTJ0dzNsViZhbXA7ZWk9dGFjNGImYW1wO3NjaWQ9dWFiYTAmYW1wO2VpZHM9bTJ0dzNsVi10YWM0Yi1wNmU0MGFjLXVhYmEwLWxlLWNjWVItMjNLJmFtcDtjYj0xNTU4MTY0NjUwMTc5Iiwic3YxMCI6ImRlc2t0b3AiLCJzdjExIjoiMTU1ODczOTM3NzQ5OS5teTY0eGx2Iiwic3YxMiI6InVuZGVmaW5lZCIsInN2MTMiOiJ1bmRlZmluZWQiLCJzdjE0IjoiMjAxOS0wNS0yNFQyMzowOTozNy40OTkrMDA6MDAiLCJzdjE1IjoidW5kZWZpbmVkIn0&loc=https%3A%2F%2Fwww.mrgreen.com%2Fan%2Faff%2Faffiliate-20-sign-up-spins-starburst%3Fbtag%3D3407320_9E32B88037624F6197(Line 4)
Message:
deu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8271256.fls.doubleclick.net
a1.adform.net
ad.360yield.com
ad.doubleclick.net
ad.sxp.smartclip.net
ad.yieldlab.net
ads.mrgreen.com
adservice.google.com
ajax.cloudflare.com
ajax.googleapis.com
api.ipify.org
api.nanigans.com
atemda.com
bat.bing.com
c3.adalyser.com
cdn.nanigans.com
cdnjs.cloudflare.com
cloud.typography.com
cm.g.doubleclick.net
connect.facebook.net
d5p.de17a.com
dmp.adform.net
dsum.casalemedia.com
et.clickfinans.com
ib.adnxs.com
image2.pubmatic.com
pixel.advertising.com
pixel.rubiconproject.com
rum-static.pingdom.net
soma.smaato.net
static.mrgcdn.com
stats.g.doubleclick.net
sy.eu.angsrvr.com
sync.search.spotxchange.com
tb.de17a.com
trck.spoteffects.net
us-u.openx.net
use.fortawesome.com
usermatch.targeting.unrulymedia.com
vmltracker.com
widget.trustpilot.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.mrgreen.com
x.bidswitch.net
api.ipify.org
sy.eu.angsrvr.com
104.111.246.59
104.16.33.56
104.17.171.81
146.177.40.248
172.217.22.102
172.217.22.34
172.217.22.38
173.241.240.143
18.153.11.1
185.10.228.82
185.33.223.204
185.64.189.110
185.94.180.126
2.16.122.151
2.18.234.21
20.36.253.28
213.155.156.169
213.155.156.181
213.155.156.182
213.155.156.188
213.155.156.189
213.19.162.80
2606:4700:10::6814:15ef
2606:4700::6813:c797
2620:1ec:c11::200
2a00:1450:4001:808::200e
2a00:1450:4001:809::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:81e::200a
2a00:1450:4001:820::2008
2a00:1450:4001:824::2003
2a00:1450:400c:c06::9a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.242.42.75
34.250.54.225
35.157.96.7
37.157.2.237
37.157.6.251
40.119.158.131
52.222.171.201
52.29.212.156
52.30.156.88
52.50.246.91
54.229.62.179
54.230.93.95
54.76.97.65
94.31.29.154
02c12028c90522c06327c224fefc978df14d510bf337adeb97eb1fb719d2e63e
045441d4905746cd166fa9f3b83a8aecc3e9c39dba751ea6a199003bf682f48b
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
09cb7c36c13be7810320607e581c11cd14b5b53eefe52a528b944a43f5a91cda
10d128002d488f4f4fdcc559e0fb48d31104c7cc2bd50ac7684288a19ce0d2ca
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12e8a2acdf531e49a90636e81f8b3a3eaf51aad0778362cf6f582eb1e297c405
187c8bb2b506ca64efdb76a928f9a400a0d3333534adbbfd31640938599a4167
1a324ffab8426503c882cf1903c87537fb3fd0ba84482d24798a795e3927b6ee
2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f
2d7959a33800baede38622d168b8d555eab6b61e20406674998d5ccb437045b0
2da4bddb294dec8e9872bf3c62a19cc79557300ac8ae97da4ac318f58c6b3512
4a28937b0e6cfcee7a7aac0766213d2acd221aae8ea6d159bbc706a18b52bd45
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55138686144d0f04d70faa92ac3c1568af9090d97ce02c74d4c2863864b4b02d
586020e6ec8efa17618c222147945c59873faf6ad041f97c6242e46956d406c2
5ca972b4d30bbb380b96651a09652849cb7affbe7012371237ed9452e357c636
5eefdedb849266d89d67002068ea5f2648aa7cef381555fde9dd6bc2f07be9dd
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
693aa7a4869995b8d10fb133cd1bc9ae54e44c11916ea34e3d6d2a5ea6bc002c
694785eaeec88c495973f252a762febf6883deebe838de684f51c337a5e8f230
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e4e9e68ea446e385eef104bc9bef4f7b36e7b99b9aea2c1ef27d79151ce065b
753fd7cd2498a9e17ec3874a2fd29ab6eac09b3600006fe3ebe981617e656d58
75d968be970b75bc4d2ea672188004e57051dca42e28edef331ec04f69309d01
7a91531238b3a70dd3cc21b8c8d6c78eff1642ac5dacded120273f04d5e0e89c
7dff09578729615fcd15c840a32c9f82a33fe2331a851e4ac40be03cb111b3f0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
838d5cec52890b36217c9a59fb368b5027df7bc2d747eb18beee6437e5db5ab6
84f1d9da53a4456bf20055448abe536b4c4a83a83aacc6e3996db76535090205
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
88ea8f3d90c5cf03f9a26afd1ec3e14ec09a659e79996d0ab856451dc5868a88
90ba2ef9ef8fb5fd2c6a50ffa0fc4339690c58902bbb7948bc86405735f8e463
9e03234f9008048658f89fdfcb1ac6eb4ffa24222a940d2629ef65ff9350a815
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
ac9979a75121edae90e508dfc70bf16ab50bcd0b711a1d3551448974ff16665d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2505c5129472c206215229df73018270151539bb52f12c425095ca1d2f22fdc
b64c19b53e7f77a7f4d544ab4ea9304e2a0896715fd3599d546544b6a5513f5e
c6ce7f40ee78d5061328a7afaf0d106f2810b4e57ae4188858804f3d678db949
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
d193e6245ed51c3a0683f483e4849a6531290305898c5214890165a12e3563c2
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
d7bcf1b53835b420a9ff4057f35e9d32cafb506b5fe8703dce261950159b3574
dc8a0ed09554e0799efe884f4caa4c26a612d185db68f7b15bbdde7f5892602b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7885fc992f0e640f672c385c1219434f2d3c67d0dc1e06d4e87b44ec04f1122
e8fd96c82514f1457a54d2621204aa0ed74adb721c20231cab398e919b80699b
ed14fd8b2cfeb8958a7fd7e67886d183110ef2e6404fdaf57ec7db25da5785e2
eefe0415a2d010674b24cfd1ef56d96d1fc7a072aaeb891a1d9199ba099b11ca
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f71949eb5abb767c30181fee3c683cf75a45e2a6f9573c0f6bccea82927a46b4
f84143af863d0fe118d965e72bcf20fb3ec59ad8fbc7bcec1df01148bf069afc
fadbbfe9ffb5e2e3efd9ce5c2e17f0731352e8d2c2e3d01cb1e0eb6c7b7af725
fd724882dc8a94e7d01094c644badf758051ed60099bb88faf936286f214c97c