urlscan.io logo urlscan.io
SecurityTrails logo

www.mrgreen.com Open in urlscan Pro
104.16.34.56  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/2nAYytY#336380606a1518885a10890
Effective URL: https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29...
Submission: On October 03 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 39 IPs in 10 countries across 41 domains to perform 79 HTTP transactions. The main IP is 104.16.34.56, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.mrgreen.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on October 9th 2017. Valid for: 2 years.
This is the only time www.mrgreen.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.10 396982 (GOOGLE-PR...)
1 2 212.83.184.28 12876 (AS12876)
1 216.170.125.183 36352 (AS-COLOCR...)
1 104.237.146.183 63949 (LINODE-AP...)
1 1 54.77.55.237 16509 (AMAZON-02)
1 1 54.72.199.154 16509 (AMAZON-02)
1 1 107.154.251.88 19551 (INCAPSULA)
9 104.16.34.56 13335 (CLOUDFLAR...)
1 1 23.37.59.76 16625 (AKAMAI-AS)
5 104.17.168.81 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
3 54.230.95.171 16509 (AMAZON-02)
2 94.31.29.154 33438 (HIGHWINDS2)
1 2a00:1450:400... 15169 (GOOGLE)
1 7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 4 216.58.205.230 15169 (GOOGLE)
1 54.230.203.240 16509 (AMAZON-02)
1 107.22.193.167 14618 (AMAZON-AES)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
3 2a03:2880:f02... 32934 (FACEBOOK)
1 7 37.157.4.40 198622 (ADFORM)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 37.157.4.41 198622 (ADFORM)
1 4 213.155.156.189 1299 (TELIANET ...)
2 40.119.158.131 8075 (MICROSOFT...)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 169.51.68.190 36351 (SOFTLAYER)
3 2a03:2880:f12... 32934 (FACEBOOK)
1 69.173.144.136 26667 (RUBICONPR...)
1 1 172.217.23.98 15169 (GOOGLE)
2 4 213.155.156.164 1299 (TELIANET ...)
1 2 34.95.120.147 15169 (GOOGLE)
2 2 185.33.223.209 29990 (ASN-APPNEXUS)
1 20.36.253.28 8075 (MICROSOFT...)
1 185.64.189.110 62713 (AS-PUBMATIC)
1 2 52.57.44.17 16509 (AMAZON-02)
1 2 185.94.180.126 35220 (SPOTX-AMS)
2 35.157.249.39 16509 (AMAZON-02)
1 54.76.80.172 16509 (AMAZON-02)
2 3 52.31.251.67 16509 (AMAZON-02)
1 2 52.59.155.31 16509 (AMAZON-02)
1 52.209.80.226 16509 (AMAZON-02)
1 2 2.18.234.21 16625 (AKAMAI-AS)
1 52.49.92.140 16509 (AMAZON-02)
79 39
1    67.199.248.10 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD - Google LLC, US)
PTR: bit.ly
bit.ly
2    212.83.184.28 (France)

ASN12876 (AS12876, FR)
PTR: 212-83-184-28.rev.abacf.org
212-83-184-28.rev.abacf.org
1    216.170.125.183 (Buffalo, United States)

ASN36352 (AS-COLOCROSSING - ColoCrossing, US)
balrogworks.com
1    104.237.146.183 (Newark, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li834-183.members.linode.com
www.junkani.com
1    54.77.55.237 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-77-55-237.eu-west-1.compute.amazonaws.com
winds.hurricane8.com
1    54.72.199.154 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-72-199-154.eu-west-1.compute.amazonaws.com
trafficgridmedia.go2cloud.org
1    107.154.251.88 (United States)

ASN19551 (INCAPSULA - Incapsula Inc, US)
PTR: 107.154.251.88.ip.incapdns.net
ads.mrgreen.com
9    104.16.34.56 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.mrgreen.com
1    23.37.59.76 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-37-59-76.deploy.static.akamaitechnologies.com
cloud.typography.com
5    104.17.168.81 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
static.mrgcdn.com
4    2606:4700::6813:c797 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ajax.cloudflare.com
cdnjs.cloudflare.com
3    54.230.95.171 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-95-171.fra2.r.cloudfront.net
widget.trustpilot.com
2    94.31.29.154 (United Kingdom)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)
PTR: 94.31.29.154.IPYX-077437-ZYO.above.net
use.fortawesome.com
1    2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
7    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a00:1450:4001:814::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
4    216.58.205.230 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s24-in-f230.1e100.net
8268145.fls.doubleclick.net
1    54.230.203.240 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-203-240.fra50.r.cloudfront.net
cdn.nanigans.com
1    107.22.193.167 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-107-22-193-167.compute-1.amazonaws.com
api.ipify.org
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
bat.bing.com
3    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
7    37.157.4.40 (Denmark)

ASN198622 (ADFORM, DK)
a1.adform.net
dmp.adform.net
1    2606:4700:10::6814:14ef (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
rum-static.pingdom.net
2    37.157.4.41 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
4    213.155.156.189 (Ascension Island)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-189.customer.teliacarrier.com
tb.de17a.com
2    40.119.158.131 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
trck.spoteffects.net
1    2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    2a00:1450:4001:820::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
1    169.51.68.190 (Fetsund, Norway)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: be.44.33a9.ip4.static.sl-reverse.com
api.nanigans.com
3    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
1    69.173.144.136 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
pixel.rubiconproject.com
1    172.217.23.98 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s45-in-f2.1e100.net
cm.g.doubleclick.net
4    213.155.156.164 (Ascension Island)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-164.customer.teliacarrier.com
d5p.de17a.com
2    34.95.120.147 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 147.120.95.34.bc.googleusercontent.com
us-u.openx.net
2    185.33.223.209 (Netherlands)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 314.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    20.36.253.28 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
atemda.com
1    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)
image2.pubmatic.com
2    52.57.44.17 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-57-44-17.eu-central-1.compute.amazonaws.com
ad.360yield.com
2    185.94.180.126 (Netherlands)

ASN35220 (SPOTX-AMS, NL)
sync.search.spotxchange.com
2    35.157.249.39 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-157-249-39.eu-central-1.compute.amazonaws.com
pixel.advertising.com
1    54.76.80.172 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-76-80-172.eu-west-1.compute.amazonaws.com
soma.smaato.net
3    52.31.251.67 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-31-251-67.eu-west-1.compute.amazonaws.com
ad.sxp.smartclip.net
2    52.59.155.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-59-155-31.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    52.209.80.226 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-209-80-226.eu-west-1.compute.amazonaws.com
usermatch.targeting.unrulymedia.com
2    2.18.234.21 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum.casalemedia.com
1    52.49.92.140 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-49-92-140.eu-west-1.compute.amazonaws.com
rum-collector-2.pingdom.net
Apex Domain
Subdomains		 Transfer
10 mrgreen.com
ads.mrgreen.com
www.mrgreen.com
291 KB
9 adform.net
a1.adform.net
track.adform.net
dmp.adform.net
84 KB
8 de17a.com
tb.de17a.com
d5p.de17a.com
12 KB
7 google-analytics.com
www.google-analytics.com
60 KB
6 doubleclick.net
8268145.fls.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
2 KB
5 mrgcdn.com
static.mrgcdn.com
455 KB
4 cloudflare.com
ajax.cloudflare.com
cdnjs.cloudflare.com
40 KB
3 smartclip.net
ad.sxp.smartclip.net
2 KB
3 facebook.com
www.facebook.com
710 B
3 facebook.net
connect.facebook.net
119 KB
3 trustpilot.com
widget.trustpilot.com
7 KB
2 casalemedia.com
dsum.casalemedia.com
2 KB
2 bidswitch.net
x.bidswitch.net
894 B
2 advertising.com
pixel.advertising.com
184 B
2 spotxchange.com
sync.search.spotxchange.com
1 KB
2 360yield.com
ad.360yield.com
764 B
2 adnxs.com
ib.adnxs.com
2 KB
2 openx.net
us-u.openx.net
333 B
2 spoteffects.net
trck.spoteffects.net
22 KB
2 pingdom.net
rum-static.pingdom.net
rum-collector-2.pingdom.net
3 KB
2 bing.com
bat.bing.com
8 KB
2 nanigans.com
cdn.nanigans.com
api.nanigans.com
3 KB
2 fortawesome.com
use.fortawesome.com
29 KB
2 abacf.org
212-83-184-28.rev.abacf.org
623 B
1 unrulymedia.com
usermatch.targeting.unrulymedia.com
280 B
1 smaato.net
soma.smaato.net
270 B
1 pubmatic.com
image2.pubmatic.com
825 B
1 atemda.com
atemda.com
2 KB
1 rubiconproject.com
pixel.rubiconproject.com
239 B
1 google.de
www.google.de
109 B
1 google.com
www.google.com
187 B
1 ipify.org
api.ipify.org
212 B
1 googletagmanager.com
www.googletagmanager.com
58 KB
1 googleapis.com
ajax.googleapis.com
33 KB
1 typography.com
cloud.typography.com
478 B
1 go2cloud.org
trafficgridmedia.go2cloud.org
2 KB
1 hurricane8.com
winds.hurricane8.com
1 KB
1 junkani.com
www.junkani.com
472 B
1 balrogworks.com
balrogworks.com
452 B
1 bit.ly
bit.ly
301 B
0 angsrvr.com Failed
sy.eu.angsrvr.com Failed
79 41
Domain Requested by
9 www.mrgreen.com www.junkani.com
www.mrgreen.com
ajax.cloudflare.com
7 www.google-analytics.com 1 redirects 212-83-184-28.rev.abacf.org
www.google-analytics.com
www.googletagmanager.com
5 a1.adform.net 212-83-184-28.rev.abacf.org
a1.adform.net
track.adform.net
5 static.mrgcdn.com www.mrgreen.com
4 d5p.de17a.com 2 redirects blank
4 tb.de17a.com 1 redirects 212-83-184-28.rev.abacf.org
tb.de17a.com
4 8268145.fls.doubleclick.net 2 redirects www.googletagmanager.com
3 ad.sxp.smartclip.net 2 redirects blank
3 www.facebook.com
3 connect.facebook.net 212-83-184-28.rev.abacf.org
connect.facebook.net
3 cdnjs.cloudflare.com ajax.cloudflare.com
3 widget.trustpilot.com ajax.cloudflare.com
widget.trustpilot.com
2 dsum.casalemedia.com 1 redirects blank
2 dmp.adform.net 1 redirects blank
2 x.bidswitch.net 1 redirects blank
2 pixel.advertising.com blank
2 sync.search.spotxchange.com 1 redirects blank
2 ad.360yield.com 1 redirects blank
2 ib.adnxs.com 2 redirects
2 us-u.openx.net 1 redirects blank
2 trck.spoteffects.net 212-83-184-28.rev.abacf.org
2 track.adform.net 212-83-184-28.rev.abacf.org
track.adform.net
2 bat.bing.com www.googletagmanager.com
2 use.fortawesome.com ajax.cloudflare.com
use.fortawesome.com
2 212-83-184-28.rev.abacf.org 1 redirects
1 rum-collector-2.pingdom.net rum-static.pingdom.net
1 usermatch.targeting.unrulymedia.com blank
1 soma.smaato.net blank
1 image2.pubmatic.com blank
1 atemda.com blank
1 cm.g.doubleclick.net 1 redirects
1 pixel.rubiconproject.com blank
1 api.nanigans.com cdn.nanigans.com
1 www.google.de
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 rum-static.pingdom.net www.googletagmanager.com
1 api.ipify.org www.googletagmanager.com
1 cdn.nanigans.com 212-83-184-28.rev.abacf.org
1 www.googletagmanager.com 212-83-184-28.rev.abacf.org
1 ajax.googleapis.com ajax.cloudflare.com
1 ajax.cloudflare.com www.mrgreen.com
1 cloud.typography.com 1 redirects
1 ads.mrgreen.com 1 redirects
1 trafficgridmedia.go2cloud.org 1 redirects
1 winds.hurricane8.com 1 redirects
1 www.junkani.com balrogworks.com
1 balrogworks.com 212-83-184-28.rev.abacf.org
1 bit.ly 1 redirects
0 sy.eu.angsrvr.com Failed blank
79 50

This site contains links to these domains. Also see Links.

Domain
casino.mrgreen.com
www.authorisation.mga.org.mt
greengaming.com
Subject Issuer Validity Valid
balrogworks.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-24 -
2020-10-07		 a year crt.sh
www.junkani.com
Let's Encrypt Authority X3		 2019-07-17 -
2019-10-15		 3 months crt.sh
www.mrgreen.com
DigiCert SHA2 Extended Validation Server CA		 2017-10-09 -
2019-11-04		 2 years crt.sh
ssl767972.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-06-28 -
2020-01-04		 6 months crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-08-10 -
2020-02-16		 6 months crt.sh
*.trustpilot.com
Amazon		 2019-05-29 -
2020-06-29		 a year crt.sh
use.fonticons.com
DigiCert SHA2 Secure Server CA		 2018-09-25 -
2019-11-20		 a year crt.sh
*.googleapis.com
GTS CA 1O1		 2019-09-17 -
2019-12-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-09-05 -
2019-11-28		 3 months crt.sh
*.doubleclick.net
GTS CA 1O1		 2019-09-17 -
2019-12-10		 3 months crt.sh
*.nanigans.com
Go Daddy Secure Certificate Authority - G2		 2019-02-28 -
2021-04-29		 2 years crt.sh
*.ipify.org
COMODO RSA Domain Validation Secure Server CA		 2018-01-24 -
2021-01-23		 3 years crt.sh
www.bing.com
Microsoft IT TLS CA 2		 2019-04-30 -
2021-04-30		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-09-22 -
2019-12-20		 3 months crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.pingdom.net
DigiCert SHA2 High Assurance Server CA		 2018-11-19 -
2019-12-16		 a year crt.sh
*.de17a.com
DigiCert SHA2 High Assurance Server CA		 2018-08-16 -
2019-12-18		 a year crt.sh
trck.spoteffects.net
Sectigo RSA Domain Validation Secure Server CA		 2019-08-09 -
2021-11-06		 2 years crt.sh
www.google.de
GTS CA 1O1		 2019-09-05 -
2019-11-28		 3 months crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2019-01-10 -
2021-01-14		 2 years crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2018-01-04 -
2020-07-09		 3 years crt.sh
*.atemda.com
Go Daddy Secure Certificate Authority - G2		 2018-01-12 -
2020-01-12		 2 years crt.sh
*.pubmatic.com
Sectigo RSA Organization Validation Secure Server CA		 2019-02-22 -
2021-02-21		 2 years crt.sh
*.360yield.com
Amazon		 2019-09-24 -
2020-10-24		 a year crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2019-03-20 -
2021-04-21		 2 years crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA		 2017-06-14 -
2020-06-18		 3 years crt.sh
*.ad.smaato.net
Amazon		 2019-08-21 -
2020-09-21		 a year crt.sh
*.smartclip.net
Amazon		 2019-03-28 -
2020-04-28		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2019-04-17 -
2020-05-04		 a year crt.sh
*.targeting.unrulymedia.com
Amazon		 2019-07-31 -
2020-08-31		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2019-07-17 -
2020-03-09		 8 months crt.sh

This page contains 8 frames:

Primary Page: https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
Frame ID: 9E6317298B07D2D64FE5EBA002A7774C
Requests: 62 HTTP requests in this frame

Frame: https://8268145.fls.doubleclick.net/activityi;dc_pre=CMO-iNWmgOUCFYy9dwodhg8KaA;src=8268145;type=lp0;cat=landi0;ord=1;num=814342636354;gtm=2wg9p0;auiddc=1185390227.1570112983;u1=NO;u2=storefront;u3=GA1.2.2136302218.1570112983;u4=2019-10-03T16%3A29%3A43.320%2B02%3A00;u5=Prospect;u6=undefined;u7=desktop;u8=1570112983321.j9f0wzf;~oref=https%3A%2F%2Fwww.mrgreen.com%2Fno%2Fslots-starburst%3Fbtag%3D3407146_6339D65411AE4A748903190A1C89C50C%26subid%3D1028e4ca65e6bec1449852f29b2ada%26var1%3D1038%26utm_medium%3Daffiliates%26utm_source%3D3407146
Frame ID: 456D03BC114512E6D41C6D9596959EC7
Requests: 1 HTTP requests in this frame

Frame: https://8268145.fls.doubleclick.net/activityi;dc_pre=CJHtiNWmgOUCFcSrdwodjqkLTw;src=8268145;type=sitev0;cat=sitev00;ord=1;num=1187882878155;gtm=2wg9p0;auiddc=1185390227.1570112983;u1=NO;u2=https%3A%2F%2Fwww.mrgreen.com%2Fno%2Fslots-starburst%3Fbtag%3D3407146_6339D65411AE4A748903190A1C89C50C%26subid%3D1028e4ca65e6bec1449852f29b2ada%26var1%3D1038%26utm_medium%3Daffiliates%26utm_source%3D3407146;u3=GA1.2.2136302218.1570112983;u4=2019-10-03T16%3A29%3A43.394%2B02%3A00;u5=Prospect;u6=undefined;u7=desktop;u8=1570112983394.s04ittyg;~oref=https%3A%2F%2Fwww.mrgreen.com%2Fno%2Fslots-starburst%3Fbtag%3D3407146_6339D65411AE4A748903190A1C89C50C%26subid%3D1028e4ca65e6bec1449852f29b2ada%26var1%3D1038%26utm_medium%3Daffiliates%26utm_source%3D3407146
Frame ID: 795907BEAECDCB5A1E4FA63FCFDE7B04
Requests: 1 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=56f16ff20000ff00058a8209
Frame ID: E065D73CD72C78EAB04E43D811BBF50A
Requests: 1 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=56f16ff20000ff00058a8209
Frame ID: 60F148CBFEA1F45963D6A34BC4CAC748
Requests: 1 HTTP requests in this frame

Frame: https://tb.de17a.com/api/checkUid?data=%7B%7D&callback=$d7_cb_1
Frame ID: 1EDB0D6DF42984940FFCD76EE5266594
Requests: 1 HTTP requests in this frame

Frame: https://tb.de17a.com/api/pageView?data=%7B%22action%22%3A%22pageView%22%2C%22pageId%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.mrgreen.com%2Fno%2Fslots-starburst%3Fbtag%3D3407146_6339D65411AE4A748903190A1C89C50C%26subid%3D1028e4ca65e6bec1449852f29b2ada%26var1%3D1038%26utm_medium%3Daffiliates%26utm_source%3D3407146%22%2C%22title%22%3A%22Play%20Starburst%20at%20Mr%20Green%22%2C%22trackingAccountId%22%3A%22128%22%2C%22referrer%22%3A%22%22%7D&callback=$d7_cb_2
Frame ID: 5D536CB81B313CEA96C6D0FD73E5F58B
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/tap.php?v=6327&nid=2135&put=6565026267480121959&expires=30
Frame ID: 4D327EA64EF292B5DF56F672DE68AEAF
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://bit.ly/2nAYytY HTTP 301
    http://212-83-184-28.rev.abacf.org/1337300lf1518885Jc0TC0tX24Wnr65744Lqsh Page URL
  2. http://212-83-184-28.rev.abacf.org/1337300lf1518885Jc0TC0tX24Wnr65744Lqsh?inf=336380606a1518885a10890 HTTP 302
    https://balrogworks.com/1761f7f121842d39000/9b-1337300-1518885-65744-10890-/336380606 Page URL
  3. https://www.junkani.com/rd/r.php?sid=420&pub=670066&c1=690135&c2=9b-1337300-1518885-65744-10890-&c3=... Page URL
  4. http://winds.hurricane8.com/aff_c?offer_id=2696&aff_id=2145&aff_click_id=731514678&aff_sub=670066&aff_su... HTTP 302
    http://trafficgridmedia.go2cloud.org/aff_c?offer_id=15&aff_id=1038&url_id=12&aff_click_id=102a3265b5e1527c4be308d... HTTP 302
    https://ads.mrgreen.com/redirect.aspx?pid=4592296&bid=21773&subid=1028e4ca65e6bec1449852f29b2ada&var... HTTP 301
    https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e... Page URL

Page Statistics

79
Requests

97 %
HTTPS

23 %
IPv6

41
Domains

50
Subdomains

39
IPs

10
Countries

1310 kB
Transfer

3429 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/2nAYytY HTTP 301
    http://212-83-184-28.rev.abacf.org/1337300lf1518885Jc0TC0tX24Wnr65744Lqsh Page URL
  2. http://212-83-184-28.rev.abacf.org/1337300lf1518885Jc0TC0tX24Wnr65744Lqsh?inf=336380606a1518885a10890 HTTP 302
    https://balrogworks.com/1761f7f121842d39000/9b-1337300-1518885-65744-10890-/336380606 Page URL
  3. https://www.junkani.com/rd/r.php?sid=420&pub=670066&c1=690135&c2=9b-1337300-1518885-65744-10890-&c3=895079131 Page URL
  4. http://winds.hurricane8.com/aff_c?offer_id=2696&aff_id=2145&aff_click_id=731514678&aff_sub=670066&aff_sub2=690135 HTTP 302
    http://trafficgridmedia.go2cloud.org/aff_c?offer_id=15&aff_id=1038&url_id=12&aff_click_id=102a3265b5e1527c4be308d2579301&aff_sub=2145&aff_sub2=670066 HTTP 302
    https://ads.mrgreen.com/redirect.aspx?pid=4592296&bid=21773&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038 HTTP 301
    https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://bit.ly/2nAYytY HTTP 301
  • http://212-83-184-28.rev.abacf.org/1337300lf1518885Jc0TC0tX24Wnr65744Lqsh
Request Chain 1
  • http://212-83-184-28.rev.abacf.org/1337300lf1518885Jc0TC0tX24Wnr65744Lqsh?inf=336380606a1518885a10890 HTTP 302
  • https://balrogworks.com/1761f7f121842d39000/9b-1337300-1518885-65744-10890-/336380606
Request Chain 3
  • https://cloud.typography.com/7155672/712248/css/fonts.css HTTP 302
  • https://www.mrgreen.com/app/themes/storefront/assets/fonts/553158/C9B824A3E9336530F.css
Request Chain 30
  • https://8268145.fls.doubleclick.net/activityi;src=8268145;type=lp0;cat=landi0;ord=1;num=814342636354;gtm=2wg9p0;auiddc=1185390227.1570112983;u1=NO;u2=storefront;u3=GA1.2.2136302218.1570112983;u4=2019-10-03T16%3A29%3A43.320%2B02%3A00;u5=Prospect;u6=undefined;u7=desktop;u8=1570112983321.j9f0wzf;~oref=https%3A%2F%2Fwww.mrgreen.com%2Fno%2Fslots-starburst%3Fbtag%3D3407146_6339D65411AE4A748903190A1C89C50C%26subid%3D1028e4ca65e6bec1449852f29b2ada%26var1%3D1038%26utm_medium%3Daffiliates%26utm_source%3D3407146 HTTP 302
  • https://8268145.fls.doubleclick.net/activityi;dc_pre=CMO-iNWmgOUCFYy9dwodhg8KaA;src=8268145;type=lp0;cat=landi0;ord=1;num=814342636354;gtm=2wg9p0;auiddc=1185390227.1570112983;u1=NO;u2=storefront;u3=GA1.2.2136302218.1570112983;u4=2019-10-03T16%3A29%3A43.320%2B02%3A00;u5=Prospect;u6=undefined;u7=desktop;u8=1570112983321.j9f0wzf;~oref=https%3A%2F%2Fwww.mrgreen.com%2Fno%2Fslots-starburst%3Fbtag%3D3407146_6339D65411AE4A748903190A1C89C50C%26subid%3D1028e4ca65e6bec1449852f29b2ada%26var1%3D1038%26utm_medium%3Daffiliates%26utm_source%3D3407146
Request Chain 38
  • https://8268145.fls.doubleclick.net/activityi;src=8268145;type=sitev0;cat=sitev00;ord=1;num=1187882878155;gtm=2wg9p0;auiddc=1185390227.1570112983;u1=NO;u2=https%3A%2F%2Fwww.mrgreen.com%2Fno%2Fslots-starburst%3Fbtag%3D3407146_6339D65411AE4A748903190A1C89C50C%26subid%3D1028e4ca65e6bec1449852f29b2ada%26var1%3D1038%26utm_medium%3Daffiliates%26utm_source%3D3407146;u3=GA1.2.2136302218.1570112983;u4=2019-10-03T16%3A29%3A43.394%2B02%3A00;u5=Prospect;u6=undefined;u7=desktop;u8=1570112983394.s04ittyg;~oref=https%3A%2F%2Fwww.mrgreen.com%2Fno%2Fslots-starburst%3Fbtag%3D3407146_6339D65411AE4A748903190A1C89C50C%26subid%3D1028e4ca65e6bec1449852f29b2ada%26var1%3D1038%26utm_medium%3Daffiliates%26utm_source%3D3407146 HTTP 302
  • https://8268145.fls.doubleclick.net/activityi;dc_pre=CJHtiNWmgOUCFcSrdwodjqkLTw;src=8268145;type=sitev0;cat=sitev00;ord=1;num=1187882878155;gtm=2wg9p0;auiddc=1185390227.1570112983;u1=NO;u2=https%3A%2F%2Fwww.mrgreen.com%2Fno%2Fslots-starburst%3Fbtag%3D3407146_6339D65411AE4A748903190A1C89C50C%26subid%3D1028e4ca65e6bec1449852f29b2ada%26var1%3D1038%26utm_medium%3Daffiliates%26utm_source%3D3407146;u3=GA1.2.2136302218.1570112983;u4=2019-10-03T16%3A29%3A43.394%2B02%3A00;u5=Prospect;u6=undefined;u7=desktop;u8=1570112983394.s04ittyg;~oref=https%3A%2F%2Fwww.mrgreen.com%2Fno%2Fslots-starburst%3Fbtag%3D3407146_6339D65411AE4A748903190A1C89C50C%26subid%3D1028e4ca65e6bec1449852f29b2ada%26var1%3D1038%26utm_medium%3Daffiliates%26utm_source%3D3407146
Request Chain 49
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1153410367&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mrgreen.com%2Fno%2Fslots-starburst%3Fbtag%3D3407146_6339D65411AE4A748903190A1C89C50C%26subid%3D1028e4ca65e6bec1449852f29b2ada%26var1%3D1038%26utm_medium%3Daffiliates%26utm_source%3D3407146&dp=%2Fno%2Fslots-starburst&ul=en-us&de=UTF-8&dt=Play%20Starburst%20at%20Mr%20Green&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDAAEALQ~&jid=891210784&gjid=267647045&cid=2136302218.1570112983&tid=UA-63985451-3&_gid=607453430.1570112983&_r=1&gtm=2wg9p0TWJJ8L&cd2=GA1.2.2136302218.1570112983&cd5=NO&cd7=2019-10-03T16%3A29%3A43.384%2B02%3A00&cd10=0&cd11=1570112983384.ikkoqdna&cd16=GA1.2.2136302218.1570112983&cd19=storefront&cd23=1&cd34=GA1.2.2136302218.1570112983&cd42=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&cd46=undefined&cm6=54&z=1910081502 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-63985451-3&cid=2136302218.1570112983&jid=891210784&_gid=607453430.1570112983&gjid=267647045&_v=j79&z=1910081502 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63985451-3&cid=2136302218.1570112983&jid=891210784&_v=j79&z=1910081502 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63985451-3&cid=2136302218.1570112983&jid=891210784&_v=j79&z=1910081502&slf_rd=1&random=2365715327
Request Chain 58
  • https://tb.de17a.com/api/getUid?data=%7B%7D&callback=$d7_cb_1 HTTP 307
  • https://tb.de17a.com/api/checkUid?data=%7B%7D&callback=$d7_cb_1
Request Chain 66
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_cm&google_ula=668382 HTTP 302
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEITyzT3yWGwR3Uyu6DqdAIU&google_cver=1&google_ula=668382,0
Request Chain 67
  • https://us-u.openx.net/w/1.0/sd?id=536878327&val=6565026267480121959 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=536878327&val=6565026267480121959
Request Chain 68
  • https://ib.adnxs.com/getuid?https://d5p.de17a.com/setuid/appnexus?anxs_uid=$UID HTTP 302
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fd5p.de17a.com%2Fsetuid%2Fappnexus%3Fanxs_uid%3D%24UID HTTP 302
  • https://d5p.de17a.com/setuid/appnexus?anxs_uid=7267655540383791860
Request Chain 71
  • https://ad.360yield.com/match?publisher_dsp_id=61&external_user_id=6565026267480121959&expiration=1572704983 HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=61&external_user_id=6565026267480121959&expiration=1572704983
Request Chain 72
  • https://sync.search.spotxchange.com/partner?adv_id=7326&uid=6565026267480121959&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7326&uid=6565026267480121959&img=1&__user_check__=1&sync_id=3e05adbd-e5ea-11e9-b917-15ce3e531206
Request Chain 77
  • https://ad.sxp.smartclip.net/sync?type=red&dsp=39 HTTP 302
  • https://ad.sxp.smartclip.net/sync?type=red&dsp=39&ang_testid=1 HTTP 302
  • https://d5p.de17a.com/getuid/smartclip?uuid=a50e53e7-7d47-4d4a-8ba8-e06d98c50f2a HTTP 302
  • https://d5p.de17a.com/getuid/smartclip;c?uuid=a50e53e7-7d47-4d4a-8ba8-e06d98c50f2a HTTP 302
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=39&dspuuid=396580424338026649&uuid=a50e53e7-7d47-4d4a-8ba8-e06d98c50f2a
Request Chain 78
  • https://x.bidswitch.net/sync?dsp_id=228&user_id=6565026267480121959&expires=30 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=228&user_id=6565026267480121959&expires=30
Request Chain 79
  • https://dmp.adform.net/serving/cookie/match?party=1124&cid=6565026267480121959 HTTP 302
  • https://dmp.adform.net/serving/cookie/match?CC=1&party=1124&cid=6565026267480121959
Request Chain 81
  • https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=6565026267480121959&expiration=1572704983 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=6565026267480121959&expiration=1572704983&C=1

79 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
1337300lf1518885Jc0TC0tX24Wnr65744Lqsh
212-83-184-28.rev.abacf.org/
Redirect Chain
  • https://bit.ly/2nAYytY
  • http://212-83-184-28.rev.abacf.org/1337300lf1518885Jc0TC0tX24Wnr65744Lqsh
214 B
373 B 		Document
General
Check archive.org
Download Go to
Full URL
http://212-83-184-28.rev.abacf.org/1337300lf1518885Jc0TC0tX24Wnr65744Lqsh
Protocol
HTTP/1.1
Server
212.83.184.28 , France, ASN12876 (AS12876, FR),
Reverse DNS
212-83-184-28.rev.abacf.org
Software
Apache /
Resource Hash
532ac5212597742e1d5d141a7500fdafe96edaa9449c8f3fbe0519fd954aef34

Request headers

Host
212-83-184-28.rev.abacf.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

Date
Thu, 03 Oct 2019 14:29:38 GMT
Server
Apache
Content-Length
214
Connection
close
Content-Type
text/html; charset=UTF-8

Redirect headers

status
301
server
nginx
date
Thu, 03 Oct 2019 14:29:38 GMT
content-type
text/html; charset=utf-8
content-length
160
cache-control
private, max-age=90
content-security-policy
referrer always;
location
http://212-83-184-28.rev.abacf.org/1337300lf1518885Jc0TC0tX24Wnr65744Lqsh
referrer-policy
unsafe-url
set-cookie
_bit=j93etC-f49cbd78da075e1a80-00b; Domain=bit.ly; Expires=Tue, 31 Mar 2020 14:29:38 GMT
via
1.1 google
alt-svc
clear
Cookie set 336380606
balrogworks.com/1761f7f121842d39000/9b-1337300-1518885-65744-10890-/
Redirect Chain
  • http://212-83-184-28.rev.abacf.org/1337300lf1518885Jc0TC0tX24Wnr65744Lqsh?inf=336380606a1518885a10890
  • https://balrogworks.com/1761f7f121842d39000/9b-1337300-1518885-65744-10890-/336380606
172 B
452 B 		Document
General
Check archive.org
Download Go to
Full URL
https://balrogworks.com/1761f7f121842d39000/9b-1337300-1518885-65744-10890-/336380606
Requested by
Host: 212-83-184-28.rev.abacf.org
URL: http://212-83-184-28.rev.abacf.org/1337300lf1518885Jc0TC0tX24Wnr65744Lqsh
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.170.125.183 Buffalo, United States, ASN36352 (AS-COLOCROSSING - ColoCrossing, US),
Reverse DNS
Software
Apache /
Resource Hash
39bd2d98fab7d890eef85cb7573b20a41572da4e25b4e48ab931f25f285fe9fa

Request headers

Host
balrogworks.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://212-83-184-28.rev.abacf.org/1337300lf1518885Jc0TC0tX24Wnr65744Lqsh
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://212-83-184-28.rev.abacf.org/1337300lf1518885Jc0TC0tX24Wnr65744Lqsh

Response headers

Date
Thu, 03 Oct 2019 14:29:39 GMT
Server
Apache
Set-Cookie
uid18362=895079131-20191003102939-5da7b8ae81d98edd2fd580089a8bcebf-; expires=Sat, 02-Nov-2019 14:29:39 GMT; path=/
Content-Length
172
Connection
close
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Thu, 03 Oct 2019 14:29:38 GMT
Server
Apache
location
https://balrogworks.com/1761f7f121842d39000/9b-1337300-1518885-65744-10890-/336380606
Content-Length
0
Connection
close
Content-Type
text/html; charset=UTF-8
Cookie set r.php
www.junkani.com/rd/ 		176 B
472 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.junkani.com/rd/r.php?sid=420&pub=670066&c1=690135&c2=9b-1337300-1518885-65744-10890-&c3=895079131
Requested by
Host: balrogworks.com
URL: https://balrogworks.com/1761f7f121842d39000/9b-1337300-1518885-65744-10890-/336380606
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.237.146.183 Newark, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li834-183.members.linode.com
Software
Apache /
Resource Hash
cd60f9e3ec65e800a5736007fe8cf8c5185fc5557b1df220cb6519e0fa61a8bb

Request headers

Host
www.junkani.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://balrogworks.com/1761f7f121842d39000/9b-1337300-1518885-65744-10890-/336380606
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
https://balrogworks.com/1761f7f121842d39000/9b-1337300-1518885-65744-10890-/336380606

Response headers

Date
Thu, 03 Oct 2019 14:29:40 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
176
Server
Apache
Set-Cookie
uid420=731514678-20191003152940-70ff2e086c8d5cac187359428d4a6f6f-; expires=Sat, 02-Nov-2019 14:29:40 GMT; Max-Age=2592000; path=/; domain=junkani.com
Primary Request slots-starburst
www.mrgreen.com/no/
Redirect Chain
  • http://winds.hurricane8.com/aff_c?offer_id=2696&aff_id=2145&aff_click_id=731514678&aff_sub=670066&aff_sub2=690135
  • http://trafficgridmedia.go2cloud.org/aff_c?offer_id=15&aff_id=1038&url_id=12&aff_click_id=102a3265b5e1527c4be308d2579301&aff_sub=2145&aff_sub2=670066
  • https://ads.mrgreen.com/redirect.aspx?pid=4592296&bid=21773&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038
  • https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
19 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
Requested by
Host: www.junkani.com
URL: https://www.junkani.com/rd/r.php?sid=420&pub=670066&c1=690135&c2=9b-1337300-1518885-65744-10890-&c3=895079131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.34.56 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
99736c9128375ff6983ed79cefcaaf06b2b3669b7f6f3e1ffd352f431b643efc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.mrgreen.com
:scheme
https
:path
/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
accept-encoding
gzip, deflate, br
cookie
visid_incap_2104320=XY9tqyuCT76bSMTu0SKXy9QFll0AAAAAQUIPAAAAAAAJ9PxJuLG3/tqimuraFQp9; incap_ses_449_2104320=xh0Dc1WjGSSyjSIVOyw7BtQFll0AAAAAZQeXFSrcSu3h45xCqQzWiA==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 03 Oct 2019 14:29:42 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d25f7c9c4cd9b67ee4f11a29992b7cd721570112981; expires=Fri, 02-Oct-20 14:29:41 GMT; path=/; domain=.mrgreen.com; HttpOnly cf_ipcountry=nl; Expires=Fri, 01-Jan-2048 00:00:00 GMT; Path=/; Domain=.mrgreen.com; Secure=nil __cf_bm=672a94b3804952531188e6a724f582b9bcb75900-1570112982-1800-AXsfhoxOHlJ2roiAoXQt3RuuqVOGL4zPnMyb5biUD8RTkLdcXTiEfZkvZkdVmK2TV7MUpgKTZyRXXbHFPR3VJQk=; path=/; expires=Thu, 03-Oct-19 14:59:42 GMT; domain=.mrgreen.com; HttpOnly
cf-cache-status
MISS
cache-control
public, max-age=172800
cf-ray
51ff9c134950d909-AMS
cf-work
1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Sat, 05 Oct 2019 14:29:42 GMT
link
<https://www.mrgreen.com/no/wp-json/>; rel="https://api.w.org/" <https://www.mrgreen.com/no/?p=187731/>; rel=shortlink
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block
server
cloudflare
content-encoding
br

Redirect headers

Cache-Control
private,no-cache, no-store
Pragma
no-cache
Content-Type
text/html
Location
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
Server
Microsoft-IIS/10.0
P3P
CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
X-AspNet-Version
4.0.30319
Set-Cookie
NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a4592296%2c%22BID%22%3a21773%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1570112980899)%5c%2f%22%2c%22CookieTag%22%3a%22217734592296557621941C20191031529%22%7d%5d; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/ NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%22989096506%7c1%22%7d%5d; expires=Sat, 03-Oct-3018 14:29:40 GMT; path=/ visid_incap_2104320=XY9tqyuCT76bSMTu0SKXy9QFll0AAAAAQUIPAAAAAAAJ9PxJuLG3/tqimuraFQp9; expires=Fri, 02 Oct 2020 10:51:03 GMT; path=/; Domain=.mrgreen.com incap_ses_449_2104320=xh0Dc1WjGSSyjSIVOyw7BtQFll0AAAAAZQeXFSrcSu3h45xCqQzWiA==; path=/; Domain=.mrgreen.com ___utmvmZEuBLVLZ=XerpbFroDJT; path=/; Max-Age=900 ___utmvaZEuBLVLZ=MsLqpEZ; path=/; Max-Age=900 ___utmvbZEuBLVLZ=cZX XTfOxalW: ctH; path=/; Max-Age=900
Request-Context
appId=cid-v1:42ca6b97-b564-4b23-b218-51b9f4f71628
X-Powered-By
ASP.NET
Date
Thu, 03 Oct 2019 14:29:40 GMT
Connection
close
Content-Length
0
X-Iinfo
9-113948737-113948739 NNNN CT(0 0 0) RT(1570112980772 21) q(0 0 0 0) r(1 1) U11
X-CDN
Incapsula
C9B824A3E9336530F.css
www.mrgreen.com/app/themes/storefront/assets/fonts/553158/
Redirect Chain
  • https://cloud.typography.com/7155672/712248/css/fonts.css
  • https://www.mrgreen.com/app/themes/storefront/assets/fonts/553158/C9B824A3E9336530F.css
224 KB
168 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mrgreen.com/app/themes/storefront/assets/fonts/553158/C9B824A3E9336530F.css
Requested by
Host: www.mrgreen.com
URL: https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.34.56 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
187c8bb2b506ca64efdb76a928f9a400a0d3333534adbbfd31640938599a4167
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 03 Oct 2019 14:29:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
232346
cf-polished
origSize=230007
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
pragma
public
last-modified
Mon, 30 Sep 2019 21:33:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
expires
Fri, 31 Jan 2020 14:29:43 GMT
cache-control
public, max-age=10368000
cf-ray
51ff9c209ab6d909-AMS
cf-bgj
minify

Redirect headers

Date
Thu, 03 Oct 2019 14:29:43 GMT
Last-Modified
Thu, 09 Mar 2017 09:56:55 GMT
Server
Apache
ETag
"eb1b1e257b91824475ffe8abfbfbb34b:1536738569"
Vary
Accept-Encoding
Content-Type
text/html
Location
https://www.mrgreen.com/app/themes/storefront/assets/fonts/553158/C9B824A3E9336530F.css
Cache-Control
must-revalidate, private
Connection
keep-alive
X-HCo-pid
14
Content-Length
154
Expires
Thu, 03 October 2019 14:29:43 GMT
frontend.css
www.mrgreen.com/app/plugins/wp-job-manager-applications/assets/css/ 		13 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mrgreen.com/app/plugins/wp-job-manager-applications/assets/css/frontend.css?ver=4.9.8
Requested by
Host: www.mrgreen.com
URL: https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.34.56 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
55138686144d0f04d70faa92ac3c1568af9090d97ce02c74d4c2863864b4b02d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 03 Oct 2019 14:29:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
232346
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
pragma
public
last-modified
Mon, 30 Sep 2019 21:33:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
expires
Fri, 31 Jan 2020 14:29:43 GMT
cache-control
public, max-age=10368000
cf-ray
51ff9c1fc827d909-AMS
cf-bgj
minify
main-16e185fe.css
www.mrgreen.com/app/themes/storefront/dist/styles/ 		820 KB
75 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mrgreen.com/app/themes/storefront/dist/styles/main-16e185fe.css
Requested by
Host: www.mrgreen.com
URL: https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.34.56 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
04ef57f2030985da730ef6cbbde42bba8fa79ab18f92681ef8a17615150bdd6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 03 Oct 2019 14:29:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
232346
cf-polished
origSize=840212
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
pragma
public
last-modified
Mon, 30 Sep 2019 21:35:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
expires
Fri, 31 Jan 2020 14:29:43 GMT
cache-control
public, max-age=10368000
cf-ray
51ff9c1fc829d909-AMS
cf-bgj
minify
mga.png
static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,q_auto,f_auto,g_auto/https://www.mrgreen.com/app/uploads/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,q_auto,f_auto,g_auto/https://www.mrgreen.com/app/uploads/mga.png
Requested by
Host: www.mrgreen.com
URL: https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.168.81 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d7959a33800baede38622d168b8d555eab6b61e20406674998d5ccb437045b0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 03 Oct 2019 14:29:43 GMT
via
1.1 varnish
cf-cache-status
HIT
age
631031
cf-polished
status=not_needed
edge-cache-tag
343208965763291763670825726697432882084,394292334103148995470552017381715642334,1725d64c98e9ae463aadd0291f222d6c
status
200
x-cache-hits
1
x-cache
HIT
content-length
1510
x-served-by
cache-mxp19824-MXP
timing-allow-origin
*
last-modified
Wed, 31 Jul 2019 13:09:51 GMT
server
cloudflare
x-timer
S1569481952.986180,VS0,VE1
etag
"c52073ef51d1417e873465ca7c8cfbda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,Save-Data, Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Mon, 06 Apr 2020 14:29:43 GMT
cache-control
public, max-age=16070400
accept-ranges
bytes
cf-ray
51ff9c200e609cc9-AMS
access-control-allow-headers
X-Requested-With,Range,User-Agent
cf-bgj
imgq:85
18.png
static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,c_limit,q_auto,f_auto,g_auto/https://www.mrgreen.com/app/uploads/ 		686 B
967 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,c_limit,q_auto,f_auto,g_auto/https://www.mrgreen.com/app/uploads/18.png
Requested by
Host: www.mrgreen.com
URL: https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.168.81 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf5026646a51819085652ec619610280e6a1aac7089485f260b7c3e6ea802ad7

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 03 Oct 2019 14:29:43 GMT
via
1.1 varnish
cf-cache-status
HIT
age
701379
edge-cache-tag
377294821853356387368244018136576591355,644247899263667528033079508521544871138,1725d64c98e9ae463aadd0291f222d6c
status
200
x-cache-hits
1
x-cache
HIT
content-length
686
x-served-by
cache-mxp19838-MXP
timing-allow-origin
*
last-modified
Fri, 26 Jul 2019 11:43:24 GMT
server
cloudflare
x-timer
S1564572464.596451,VS0,VE16
etag
"9a8b607491c6b113a62c7a6e1ba05a25"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,Save-Data, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
content-disposition
inline; filename="18.webp"
cache-control
public, max-age=16070400
accept-ranges
bytes
cf-ray
51ff9c200e639cc9-AMS
access-control-allow-headers
X-Requested-With,Range,User-Agent
expires
Mon, 06 Apr 2020 14:29:43 GMT
gamcare.png
static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,c_limit,q_auto,f_auto,g_auto/https://www.mrgreen.com/app/uploads/ 		893 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,c_limit,q_auto,f_auto,g_auto/https://www.mrgreen.com/app/uploads/gamcare.png
Requested by
Host: www.mrgreen.com
URL: https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.168.81 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
60266c6184ffabff6c8230bb838a93c175279c4857ce608eb8e6688bcb3dbd5e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 03 Oct 2019 14:29:43 GMT
via
1.1 varnish
cf-cache-status
HIT
age
631031
cf-polished
status=not_needed
edge-cache-tag
491349048946222376970598759477447706961,381992598355449997469455537052033090118,1725d64c98e9ae463aadd0291f222d6c
status
200
x-cache-hits
1
x-cache
HIT
content-length
893
x-served-by
cache-mxp19830-MXP
timing-allow-origin
*
last-modified
Wed, 31 Jul 2019 11:51:23 GMT
server
cloudflare
x-timer
S1569481952.988789,VS0,VE1
etag
"ae03a5672e733fde70a9b8d17554c791"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,Save-Data, Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Mon, 06 Apr 2020 14:29:43 GMT
cache-control
public, max-age=16070400
accept-ranges
bytes
cf-ray
51ff9c200e649cc9-AMS
access-control-allow-headers
X-Requested-With,Range,User-Agent
cf-bgj
imgq:85
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.mrgreen.com
URL: https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c797 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ebb1042972496d60bb6555b9622f7e23201bbfe5d25b33d1096f1b61d659045
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 03 Oct 2019 14:29:43 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 30 Sep 2019 13:34:14 GMT
server
cloudflare
etag
W/"5d920456-2fb5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=172800, public
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
51ff9c1fcbfccbc8-VIE
expires
Sat, 05 Oct 2019 14:29:43 GMT
tp.widget.bootstrap.min.js
widget.trustpilot.com/bootstrap/v5/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.95.171 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-95-171.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
58dbae5bdf2b5e9ac2518952762a7d601120590b706c13577ae102c5cabeef73

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 03 Oct 2019 01:46:04 GMT
content-encoding
gzip
age
45848
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
6405
last-modified
Wed, 24 Jul 2019 07:13:52 GMT
server
AmazonS3
etag
"46836a70570cb9d1b7d22070fd761a91"
content-type
application/x-javascript
via
1.1 9de9a776d0da209cb66ec4bd03877799.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA2
accept-ranges
bytes
x-amz-cf-id
D132E6PKMqIj1UM7KzoFOGSYNLLukwyyrj_zypkRf75S5paoLI2UGA==
external-links.js
www.mrgreen.com/app/themes/storefront/assets/scripts/ 		541 B
343 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mrgreen.com/app/themes/storefront/assets/scripts/external-links.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.34.56 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
694785eaeec88c495973f252a762febf6883deebe838de684f51c337a5e8f230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 03 Oct 2019 14:29:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
232343
cf-polished
origSize=753
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
pragma
public
last-modified
Mon, 30 Sep 2019 21:33:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
expires
Fri, 31 Jan 2020 14:29:43 GMT
cache-control
public, max-age=10368000
cf-ray
51ff9c1ff894d909-AMS
cf-bgj
minify
0b3514d0.js
use.fortawesome.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.fortawesome.com/0b3514d0.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.154 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.154.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
c28e74a706e85ef9a581ecf4ed357accd1272ba87ca98ff0051b37f0c09bcb90

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 03 Oct 2019 14:29:43 GMT
content-encoding
gzip
last-modified
Fri, 13 Sep 2019 09:47:43 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"74d6e633583d055ffb9328740c7b1e4b"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=60, private, must-revalidate
x-cache
HIT
jquery.countdown.min.js
cdnjs.cloudflare.com/ajax/libs/jquery.countdown/2.2.0/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.countdown/2.2.0/jquery.countdown.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c797 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 03 Oct 2019 14:29:43 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
13527448
status
200
served-in-seconds
0.015
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:20:13 GMT
server
cloudflare
etag
W/"5afd494d-14db"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
51ff9c1fec59cbc8-VIE
expires
Tue, 22 Sep 2020 14:29:43 GMT
TweenMax.min.js
www.mrgreen.com/app/themes/storefront/bower_components/gsap/src/minified/ 		102 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mrgreen.com/app/themes/storefront/bower_components/gsap/src/minified/TweenMax.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.34.56 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a324ffab8426503c882cf1903c87537fb3fd0ba84482d24798a795e3927b6ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 03 Oct 2019 14:29:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
232201
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
pragma
public
last-modified
Mon, 11 Apr 2016 07:50:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
cache-control
public, max-age=10368000
cf-ray
51ff9c1ff895d909-AMS
expires
Fri, 31 Jan 2020 14:29:43 GMT
jquery.gsap.min.js
www.mrgreen.com/app/themes/storefront/bower_components/gsap/src/minified/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mrgreen.com/app/themes/storefront/bower_components/gsap/src/minified/jquery.gsap.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.34.56 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ca972b4d30bbb380b96651a09652849cb7affbe7012371237ed9452e357c636
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 03 Oct 2019 14:29:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
232202
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
pragma
public
last-modified
Mon, 11 Apr 2016 07:50:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
cache-control
public, max-age=10368000
cf-ray
51ff9c1ff897d909-AMS
expires
Fri, 31 Jan 2020 14:29:43 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.1.1/ 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c797 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 03 Oct 2019 14:29:43 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
14746919
status
200
served-in-seconds
0.005
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:21:00 GMT
server
cloudflare
etag
W/"5afd497c-152b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
51ff9c1fec5acbc8-VIE
expires
Tue, 22 Sep 2020 14:29:43 GMT
modernizr.min.js
cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c797 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 03 Oct 2019 14:29:43 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
14746921
status
200
served-in-seconds
0.001
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:23:06 GMT
server
cloudflare
etag
W/"5afd49fa-2b4c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
51ff9c1fec5ccbc8-VIE
expires
Tue, 22 Sep 2020 14:29:43 GMT
cookie_write.js
www.mrgreen.com/app/themes/storefront/assets/scripts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mrgreen.com/app/themes/storefront/assets/scripts/cookie_write.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.34.56 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
310849a5f945cbe402c9ee331d5a02b99b133a53b16e5d8291ff9adf5df27363
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 03 Oct 2019 14:29:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
232343
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
pragma
public
last-modified
Mon, 30 Sep 2019 21:33:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
cache-control
public, max-age=10368000
cf-ray
51ff9c1ff899d909-AMS
expires
Fri, 31 Jan 2020 14:29:43 GMT
lookup-e88a2794.js
www.mrgreen.com/app/themes/storefront/dist/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mrgreen.com/app/themes/storefront/dist/scripts/lookup-e88a2794.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.34.56 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a28937b0e6cfcee7a7aac0766213d2acd221aae8ea6d159bbc706a18b52bd45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 03 Oct 2019 14:29:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
232343
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
pragma
public
last-modified
Mon, 30 Sep 2019 21:35:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
expires
Fri, 31 Jan 2020 14:29:43 GMT
cache-control
public, max-age=10368000
cf-ray
51ff9c1ff89bd909-AMS
cf-bgj
minify
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 03 Oct 2019 08:56:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19993
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
33951
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Oct 2020 08:56:30 GMT
starburst-LP.jpg
static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,c_limit,q_auto,f_auto,g_auto/https://www.mrgreen.com/app/uploads/ 		202 KB
203 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,c_limit,q_auto,f_auto,g_auto/https://www.mrgreen.com/app/uploads/starburst-LP.jpg
Requested by
Host: www.mrgreen.com
URL: https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.168.81 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
aca6a7bb5bc0a32e7b74d497fd7b859661b8c49025a67f72c7b3c92757d9c463

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 03 Oct 2019 14:29:43 GMT
via
1.1 varnish
cf-cache-status
HIT
age
687210
cf-polished
status=not_needed
edge-cache-tag
556699186466193121494151725011141279954,381992598355449997469455537052033090118,1725d64c98e9ae463aadd0291f222d6c
status
200
x-cache-hits
0
x-cache
MISS
content-length
207333
x-served-by
cache-mxp19833-MXP
timing-allow-origin
*
last-modified
Wed, 31 Jul 2019 15:35:20 GMT
server
cloudflare
x-timer
S1569425774.705678,VS0,VE214
etag
"025f88d84b115a0a97fed20c8e88063b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,Save-Data, Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 06 Apr 2020 14:29:43 GMT
cache-control
public, max-age=16070400
accept-ranges
bytes
cf-ray
51ff9c200e629cc9-AMS
access-control-allow-headers
X-Requested-With,Range,User-Agent
cf-bgj
imgq:85
starburst-LP-mobile.jpg
static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,c_limit,q_auto,f_auto,g_auto/https://www.mrgreen.com/app/uploads/ 		247 KB
248 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,c_limit,q_auto,f_auto,g_auto/https://www.mrgreen.com/app/uploads/starburst-LP-mobile.jpg
Requested by
Host: www.mrgreen.com
URL: https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.168.81 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0d357525fffa4b6f39b07dfad4b8e028e72feaf57817f3d12d603f6b3a24ca6

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 03 Oct 2019 14:29:43 GMT
via
1.1 varnish
cf-cache-status
HIT
age
1953552
cf-polished
status=not_needed
edge-cache-tag
484509144513553723459284744951928405918,644247899263667528033079508521544871138,1725d64c98e9ae463aadd0291f222d6c
status
200
x-cache-hits
1
x-cache
HIT
content-length
253414
x-served-by
cache-mxp19844-MXP
timing-allow-origin
*
last-modified
Wed, 31 Jul 2019 11:26:47 GMT
server
cloudflare
x-timer
S1568159431.988190,VS0,VE1
etag
"cbf2eed15cf9ae0696f87e9882521bee"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,Save-Data, Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 06 Apr 2020 14:29:43 GMT
cache-control
public, max-age=16070400
accept-ranges
bytes
cf-ray
51ff9c200e619cc9-AMS
access-control-allow-headers
X-Requested-With,Range,User-Agent
cf-bgj
imgq:85
truncated
/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a91531238b3a70dd3cc21b8c8d6c78eff1642ac5dacded120273f04d5e0e89c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin
https://www.mrgreen.com

Response headers

Content-Type
application/x-font-woff2
truncated
/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7bcf1b53835b420a9ff4057f35e9d32cafb506b5fe8703dce261950159b3574

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin
https://www.mrgreen.com

Response headers

Content-Type
application/x-font-woff2
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: 212-83-184-28.rev.abacf.org
URL: http://212-83-184-28.rev.abacf.org/1337300lf1518885Jc0TC0tX24Wnr65744Lqsh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
1177
date
Thu, 03 Oct 2019 14:10:06 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Thu, 03 Oct 2019 16:10:06 GMT
gtm.js
www.googletagmanager.com/ 		487 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TWJJ8L
Requested by
Host: 212-83-184-28.rev.abacf.org
URL: http://212-83-184-28.rev.abacf.org/1337300lf1518885Jc0TC0tX24Wnr65744Lqsh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8b40663a929c440f08915e6f366f6c1e2e1efb478292cb4515ca082881d2ae8e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 03 Oct 2019 14:29:43 GMT
content-encoding
br
last-modified
Thu, 03 Oct 2019 12:17:36 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
59573
x-xss-protection
0
expires
Thu, 03 Oct 2019 14:29:43 GMT
truncated
/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6e4e9e68ea446e385eef104bc9bef4f7b36e7b99b9aea2c1ef27d79151ce065b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin
https://www.mrgreen.com

Response headers

Content-Type
application/x-font-woff2
truncated
/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fadbbfe9ffb5e2e3efd9ce5c2e17f0731352e8d2c2e3d01cb1e0eb6c7b7af725

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin
https://www.mrgreen.com

Response headers

Content-Type
application/x-font-woff2
js
www.google-analytics.com/gtm/ 		64 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-KTH7SWG&cid=2136302218.1570112983
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b78bbe08f6dd34d6cf65957ae5b316be9156bc45f249ff4b69888b577d946a76
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 03 Oct 2019 14:29:43 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
23518
x-xss-protection
0
expires
Thu, 03 Oct 2019 14:29:43 GMT
activityi;dc_pre=CMO-iNWmgOUCFYy9dwodhg8KaA;src=8268145;type=lp0;cat=landi0;ord=1;num=814342636354;gtm=2wg9p0;auiddc=1185390227.1570112983;u1=NO;u2=storefront;u3=GA1.2.2136302218.1570112983;u4=2019...
8268145.fls.doubleclick.net/ Frame 456D
Redirect Chain
  • https://8268145.fls.doubleclick.net/activityi;src=8268145;type=lp0;cat=landi0;ord=1;num=814342636354;gtm=2wg9p0;auiddc=1185390227.1570112983;u1=NO;u2=storefront;u3=GA1.2.2136302218.1570112983;u4=20...
  • https://8268145.fls.doubleclick.net/activityi;dc_pre=CMO-iNWmgOUCFYy9dwodhg8KaA;src=8268145;type=lp0;cat=landi0;ord=1;num=814342636354;gtm=2wg9p0;auiddc=1185390227.1570112983;u1=NO;u2=storefront;u3...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://8268145.fls.doubleclick.net/activityi;dc_pre=CMO-iNWmgOUCFYy9dwodhg8KaA;src=8268145;type=lp0;cat=landi0;ord=1;num=814342636354;gtm=2wg9p0;auiddc=1185390227.1570112983;u1=NO;u2=storefront;u3=GA1.2.2136302218.1570112983;u4=2019-10-03T16%3A29%3A43.320%2B02%3A00;u5=Prospect;u6=undefined;u7=desktop;u8=1570112983321.j9f0wzf;~oref=https%3A%2F%2Fwww.mrgreen.com%2Fno%2Fslots-starburst%3Fbtag%3D3407146_6339D65411AE4A748903190A1C89C50C%26subid%3D1028e4ca65e6bec1449852f29b2ada%26var1%3D1038%26utm_medium%3Daffiliates%26utm_source%3D3407146?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWJJ8L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.205.230 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s24-in-f230.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8268145.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CMO-iNWmgOUCFYy9dwodhg8KaA;src=8268145;type=lp0;cat=landi0;ord=1;num=814342636354;gtm=2wg9p0;auiddc=1185390227.1570112983;u1=NO;u2=storefront;u3=GA1.2.2136302218.1570112983;u4=2019-10-03T16%3A29%3A43.320%2B02%3A00;u5=Prospect;u6=undefined;u7=desktop;u8=1570112983321.j9f0wzf;~oref=https%3A%2F%2Fwww.mrgreen.com%2Fno%2Fslots-starburst%3Fbtag%3D3407146_6339D65411AE4A748903190A1C89C50C%26subid%3D1028e4ca65e6bec1449852f29b2ada%26var1%3D1038%26utm_medium%3Daffiliates%26utm_source%3D3407146?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Thu, 03 Oct 2019 14:29:43 GMT
expires
Thu, 03 Oct 2019 14:29:43 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
546
x-xss-protection
0
set-cookie
IDE=AHWqTUkQuvj190dgluU0LRl7RkX91tQ6Seuz2UqWQJXMnT21QtznXmhIBOwsdyJB; expires=Tue, 27-Oct-2020 14:29:43 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Thu, 03 Oct 2019 14:29:43 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8268145.fls.doubleclick.net/activityi;dc_pre=CMO-iNWmgOUCFYy9dwodhg8KaA;src=8268145;type=lp0;cat=landi0;ord=1;num=814342636354;gtm=2wg9p0;auiddc=1185390227.1570112983;u1=NO;u2=storefront;u3=GA1.2.2136302218.1570112983;u4=2019-10-03T16%3A29%3A43.320%2B02%3A00;u5=Prospect;u6=undefined;u7=desktop;u8=1570112983321.j9f0wzf;~oref=https%3A%2F%2Fwww.mrgreen.com%2Fno%2Fslots-starburst%3Fbtag%3D3407146_6339D65411AE4A748903190A1C89C50C%26subid%3D1028e4ca65e6bec1449852f29b2ada%26var1%3D1038%26utm_medium%3Daffiliates%26utm_source%3D3407146?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 03-Oct-2019 14:44:43 GMT; path=/; domain=.doubleclick.net
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
NaN_tracker.js
cdn.nanigans.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.nanigans.com/NaN_tracker.js
Requested by
Host: 212-83-184-28.rev.abacf.org
URL: http://212-83-184-28.rev.abacf.org/1337300lf1518885Jc0TC0tX24Wnr65744Lqsh
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.203.240 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-203-240.fra50.r.cloudfront.net
Software
Apache /
Resource Hash
e7885fc992f0e640f672c385c1219434f2d3c67d0dc1e06d4e87b44ec04f1122

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 03 Oct 2019 14:05:39 GMT
content-encoding
gzip
age
1444
x-cache
Hit from cloudfront
status
200
content-length
1584
last-modified
Tue, 09 Jul 2019 16:07:42 GMT
server
Apache
etag
"c4b-58d41c2ac0f80"
vary
Accept-Encoding
content-type
text/javascript
via
1.1 74f98ee8547ec50a6b9a4c3d010e1e0d.cloudfront.net (CloudFront)
cache-control
max-age=3600, must-revalidate
x-amz-cf-pop
FRA50
accept-ranges
bytes
x-amz-cf-id
jwhD58Uv7mDAYtl3QUiaCc0xwCq42rMhx4LAPXOuej8IX8Mfl0fx0g==
truncated
/ 		220 B
220 B 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd724882dc8a94e7d01094c644badf758051ed60099bb88faf936286f214c97c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin
https://www.mrgreen.com

Response headers

Content-Type
application/font-woff2
woff2.css
use.fortawesome.com/kits/0b3514d0/publications/97395/ 		34 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fortawesome.com/kits/0b3514d0/publications/97395/woff2.css
Requested by
Host: use.fortawesome.com
URL: https://use.fortawesome.com/0b3514d0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.154 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.154.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
e0f5c5fa35c0c9f9ad2fd0468cea730ec890800e099d60893dd4357104f12ea5

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 03 Oct 2019 14:29:43 GMT
content-encoding
gzip
last-modified
Fri, 13 Sep 2019 09:47:44 GMT
server
NetDNA-cache/2.2
x-amz-request-id
BFA74961F0841CD2
etag
W/"2d15ebebb04003d2555b7fd29f772e54"
x-cache
HIT
content-type
text/css
status
200
cache-control
max-age=31536000
x-amz-id-2
WDcniDr6M9TUiOTpo5kcpuc/Pzt4EJ3VP7F9BehhFXdRn6OsfaWV7T6zoJDx6rBsh3S4/2RTLe4=
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 03 Oct 2019 13:41:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Apr 2016 03:17:22 GMT
server
sffe
age
2900
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1296
x-xss-protection
0
expires
Thu, 03 Oct 2019 14:41:23 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWJJ8L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
1177
date
Thu, 03 Oct 2019 14:10:06 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Thu, 03 Oct 2019 16:10:06 GMT
/
api.ipify.org/ 		28 B
212 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=jsonp&callback=getIP
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWJJ8L
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.193.167 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-22-193-167.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
961546766af19a351839e02697d1ca798965514c51ed8824ef49de8a4fe33a04

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 03 Oct 2019 14:29:43 GMT
Via
1.1 vegur
Server
Cowboy
Connection
keep-alive
Content-Length
28
Vary
Origin
Content-Type
application/javascript
bat.js
bat.bing.com/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWJJ8L
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 03 Oct 2019 14:29:43 GMT
content-encoding
gzip
last-modified
Tue, 10 Sep 2019 18:57:28 GMT
x-msedge-ref
Ref A: 522DC01D43C04BECA07CC370831E47A7 Ref B: VIEEDGE1120 Ref C: 2019-10-03T14:29:43Z
status
200
etag
"09c5197968d51:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
7148
activityi;dc_pre=CJHtiNWmgOUCFcSrdwodjqkLTw;src=8268145;type=sitev0;cat=sitev00;ord=1;num=1187882878155;gtm=2wg9p0;auiddc=1185390227.1570112983;u1=NO;u2=https%3A%2F%2Fwww.mrgreen.com%2Fno%2Fslots-s...
8268145.fls.doubleclick.net/ Frame 7959
Redirect Chain
  • https://8268145.fls.doubleclick.net/activityi;src=8268145;type=sitev0;cat=sitev00;ord=1;num=1187882878155;gtm=2wg9p0;auiddc=1185390227.1570112983;u1=NO;u2=https%3A%2F%2Fwww.mrgreen.com%2Fno%2Fslots...
  • https://8268145.fls.doubleclick.net/activityi;dc_pre=CJHtiNWmgOUCFcSrdwodjqkLTw;src=8268145;type=sitev0;cat=sitev00;ord=1;num=1187882878155;gtm=2wg9p0;auiddc=1185390227.1570112983;u1=NO;u2=https%3A...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://8268145.fls.doubleclick.net/activityi;dc_pre=CJHtiNWmgOUCFcSrdwodjqkLTw;src=8268145;type=sitev0;cat=sitev00;ord=1;num=1187882878155;gtm=2wg9p0;auiddc=1185390227.1570112983;u1=NO;u2=https%3A%2F%2Fwww.mrgreen.com%2Fno%2Fslots-starburst%3Fbtag%3D3407146_6339D65411AE4A748903190A1C89C50C%26subid%3D1028e4ca65e6bec1449852f29b2ada%26var1%3D1038%26utm_medium%3Daffiliates%26utm_source%3D3407146;u3=GA1.2.2136302218.1570112983;u4=2019-10-03T16%3A29%3A43.394%2B02%3A00;u5=Prospect;u6=undefined;u7=desktop;u8=1570112983394.s04ittyg;~oref=https%3A%2F%2Fwww.mrgreen.com%2Fno%2Fslots-starburst%3Fbtag%3D3407146_6339D65411AE4A748903190A1C89C50C%26subid%3D1028e4ca65e6bec1449852f29b2ada%26var1%3D1038%26utm_medium%3Daffiliates%26utm_source%3D3407146?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWJJ8L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.205.230 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s24-in-f230.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8268145.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CJHtiNWmgOUCFcSrdwodjqkLTw;src=8268145;type=sitev0;cat=sitev00;ord=1;num=1187882878155;gtm=2wg9p0;auiddc=1185390227.1570112983;u1=NO;u2=https%3A%2F%2Fwww.mrgreen.com%2Fno%2Fslots-starburst%3Fbtag%3D3407146_6339D65411AE4A748903190A1C89C50C%26subid%3D1028e4ca65e6bec1449852f29b2ada%26var1%3D1038%26utm_medium%3Daffiliates%26utm_source%3D3407146;u3=GA1.2.2136302218.1570112983;u4=2019-10-03T16%3A29%3A43.394%2B02%3A00;u5=Prospect;u6=undefined;u7=desktop;u8=1570112983394.s04ittyg;~oref=https%3A%2F%2Fwww.mrgreen.com%2Fno%2Fslots-starburst%3Fbtag%3D3407146_6339D65411AE4A748903190A1C89C50C%26subid%3D1028e4ca65e6bec1449852f29b2ada%26var1%3D1038%26utm_medium%3Daffiliates%26utm_source%3D3407146?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Thu, 03 Oct 2019 14:29:43 GMT
expires
Thu, 03 Oct 2019 14:29:43 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
548
x-xss-protection
0
set-cookie
IDE=AHWqTUnC9O8ix0lHhhTGBpKz8WYoz4xbkMebwDU92CfiIN2C5lGw-H7FACcqDnbc; expires=Tue, 27-Oct-2020 14:29:43 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Thu, 03 Oct 2019 14:29:43 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8268145.fls.doubleclick.net/activityi;dc_pre=CJHtiNWmgOUCFcSrdwodjqkLTw;src=8268145;type=sitev0;cat=sitev00;ord=1;num=1187882878155;gtm=2wg9p0;auiddc=1185390227.1570112983;u1=NO;u2=https%3A%2F%2Fwww.mrgreen.com%2Fno%2Fslots-starburst%3Fbtag%3D3407146_6339D65411AE4A748903190A1C89C50C%26subid%3D1028e4ca65e6bec1449852f29b2ada%26var1%3D1038%26utm_medium%3Daffiliates%26utm_source%3D3407146;u3=GA1.2.2136302218.1570112983;u4=2019-10-03T16%3A29%3A43.394%2B02%3A00;u5=Prospect;u6=undefined;u7=desktop;u8=1570112983394.s04ittyg;~oref=https%3A%2F%2Fwww.mrgreen.com%2Fno%2Fslots-starburst%3Fbtag%3D3407146_6339D65411AE4A748903190A1C89C50C%26subid%3D1028e4ca65e6bec1449852f29b2ada%26var1%3D1038%26utm_medium%3Daffiliates%26utm_source%3D3407146?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 03-Oct-2019 14:44:43 GMT; path=/; domain=.doubleclick.net
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
fbevents.js
connect.facebook.net/en_US/ 		121 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: 212-83-184-28.rev.abacf.org
URL: http://212-83-184-28.rev.abacf.org/1337300lf1518885Jc0TC0tX24Wnr65744Lqsh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
31604
x-xss-protection
0
pragma
public
x-fb-debug
TkDWnOX+7AYnNEwPUppdLLd87xs3NYVD3+kWc2zvJnH5kUgtMJCbK91NggV/WAjUZyqv9t3+e0Rln4wzDCghYw==
x-fb-trip-id
420120009
x-frame-options
DENY
date
Thu, 03 Oct 2019 14:29:43 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
a1.adform.net/serving/scripts/trackpoint/async/ 		76 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a1.adform.net/serving/scripts/trackpoint/async/
Requested by
Host: 212-83-184-28.rev.abacf.org
URL: http://212-83-184-28.rev.abacf.org/1337300lf1518885Jc0TC0tX24Wnr65744Lqsh
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f71949eb5abb767c30181fee3c683cf75a45e2a6f9573c0f6bccea82927a46b4

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 03 Oct 2019 14:29:43 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
text/javascript; charset=utf-8
content-length
30712
expires
Thu, 10 Oct 2019 14:29:43 GMT
pa-5a9dcc570b346800070003d9.js
rum-static.pingdom.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rum-static.pingdom.net/pa-5a9dcc570b346800070003d9.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWJJ8L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:14ef , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
10d128002d488f4f4fdcc559e0fb48d31104c7cc2bd50ac7684288a19ce0d2ca

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 03 Oct 2019 14:29:43 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 26 Jun 2019 09:19:43 GMT
server
cloudflare
age
127
status
200
etag
W/"5d1338af-1878"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cf-ray
51ff9c227bd359be-VIE
expires
Fri, 04 Oct 2019 14:29:43 GMT
/
track.adform.net/serving/scripts/trackpoint/async/ 		76 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/scripts/trackpoint/async/
Requested by
Host: 212-83-184-28.rev.abacf.org
URL: http://212-83-184-28.rev.abacf.org/1337300lf1518885Jc0TC0tX24Wnr65744Lqsh
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a631e8098179b4b6feaca08bce747cb8b3c53450c3fe30eead2c3f23dd288265

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 03 Oct 2019 14:29:43 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
text/javascript; charset=utf-8
content-length
30712
expires
Thu, 10 Oct 2019 14:29:43 GMT
index.html
widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/ Frame E065 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=56f16ff20000ff00058a8209
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.95.171 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-95-171.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
widget.trustpilot.com
:scheme
https
:path
/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=56f16ff20000ff00058a8209
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146

Response headers

status
200
content-type
text/html
content-length
2175
last-modified
Tue, 10 Sep 2019 09:41:20 GMT
x-amz-server-side-encryption
AES256
content-encoding
gzip
accept-ranges
bytes
server
AmazonS3
date
Thu, 03 Oct 2019 01:40:04 GMT
etag
"a620c37e431d8dfc88949d89bf6dfbb7"
cache-control
max-age=86400
x-cache
Hit from cloudfront
via
1.1 9de9a776d0da209cb66ec4bd03877799.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2
x-amz-cf-id
arLFXTd6lQz3ZW58X9iHdow2bB03dHphTA-YUwyYCVTtApu-lwmjZw==
age
46179
index.html
widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/ Frame 60F1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=56f16ff20000ff00058a8209
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.95.171 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-95-171.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
widget.trustpilot.com
:scheme
https
:path
/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=56f16ff20000ff00058a8209
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146

Response headers

status
200
content-type
text/html
content-length
2175
last-modified
Tue, 10 Sep 2019 09:41:20 GMT
x-amz-server-side-encryption
AES256
content-encoding
gzip
accept-ranges
bytes
server
AmazonS3
date
Thu, 03 Oct 2019 01:40:04 GMT
etag
"a620c37e431d8dfc88949d89bf6dfbb7"
cache-control
max-age=86400
x-cache
Hit from cloudfront
via
1.1 9de9a776d0da209cb66ec4bd03877799.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2
x-amz-cf-id
oyYYK6IEq7PnrC7xZ0v6pCA3WH2gnWbuRpKQpi7mgEgoNp8uvrl7mw==
age
46179
d7.js
tb.de17a.com/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tb.de17a.com/d7.js
Requested by
Host: 212-83-184-28.rev.abacf.org
URL: http://212-83-184-28.rev.abacf.org/1337300lf1518885Jc0TC0tX24Wnr65744Lqsh
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.155.156.189 , Ascension Island, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
213-155-156-189.customer.teliacarrier.com
Software
nginx/1.16.0 /
Resource Hash
d724c178eb1f778c4c9211d716816624f4555232e7baa599f02fb54bf202e070

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 03 Oct 2019 14:29:43 GMT
content-encoding
gzip
last-modified
Thu, 27 Jun 2019 06:55:38 GMT
server
nginx/1.16.0
etag
W/"PUxp0GJA7ewPUxouPX3dm8--gzip"
vary
Accept-Encoding, User-Agent
p3p
CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"
status
200
cache-control
must-revalidate, private
content-type
application/javascript
content-length
6264
spef.min.js
trck.spoteffects.net/analytics/ 		77 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trck.spoteffects.net/analytics/spef.min.js
Requested by
Host: 212-83-184-28.rev.abacf.org
URL: http://212-83-184-28.rev.abacf.org/1337300lf1518885Jc0TC0tX24Wnr65744Lqsh
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.119.158.131 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
nginx /
Resource Hash
90ba2ef9ef8fb5fd2c6a50ffa0fc4339690c58902bbb7948bc86405735f8e463

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Thu, 03 Oct 2019 14:29:43 GMT
content-encoding
gzip
last-modified
Mon, 04 Mar 2019 19:31:08 GMT
server
nginx
etag
W/"5c7d7cfc-1323e"
content-type
application/javascript
status
200
cache-control
max-age=604800, public
expires
Thu, 10 Oct 2019 14:29:43 GMT
truncated
/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7ad5e0ca580593b7892c9e3984cc261c12924a2f910e17b30ed6f4257cdb9e7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin
https://www.mrgreen.com

Response headers

Content-Type
application/font-woff2;charset=utf-8
500699753395600
connect.facebook.net/signals/config/ 		308 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/500699753395600?v=2.9.4&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
db0e9f85655389cde32da4582d3773c28663e79216fb58f8b1a68f254fb3ede4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fb-trip-id
420120009
pragma
public
x-fb-debug
31bO5exG9WCdBlLioXHo4yc6onde7LRJJcZxjvUaiy+rKEYJ2dcOtUHW6q9IwLq/9fqsZYvrnS+LvuGnKUHwpg==
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
DENY
date
Thu, 03 Oct 2019 14:29:43 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
status
200
cache-control
public, max-age=1200
vary
Accept-Encoding
content-length
79815
x-xss-protection
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1153410367&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mrgreen.com%2Fno%2Fslots-starburst%3Fbtag%3D3407146_6339D65411AE4A748903190A1C89C50C%26subid%...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-63985451-3&cid=2136302218.1570112983&jid=891210784&_gid=607453430.1570112983&gjid=267647045&_v=j79&z=1910081502
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63985451-3&cid=2136302218.1570112983&jid=891210784&_v=j79&z=1910081502
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63985451-3&cid=2136302218.1570112983&jid=891210784&_v=j79&z=1910081502&slf_rd=1&random=2365715327
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63985451-3&cid=2136302218.1570112983&jid=891210784&_v=j79&z=1910081502&slf_rd=1&random=2365715327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Oct 2019 14:29:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 03 Oct 2019 14:29:43 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63985451-3&cid=2136302218.1570112983&jid=891210784&_v=j79&z=1910081502&slf_rd=1&random=2365715327
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=1153410367&t=timing&_s=1&dl=https%3A%2F%2Fwww.mrgreen.com%2Fno%2Fslots-starburst%3Fbtag%3D3407146_6339D65411AE4A748903190A1C89C50C%26subid%3D1028e4ca65e6bec1449852f29b2ada%26var1%3D1038%26utm_medium%3Daffiliates%26utm_source%3D3407146&dp=%2Fno%2Fslots-starburst&ul=en-us&de=UTF-8&dt=Play%20Starburst%20at%20Mr%20Green&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&utc=Content%20view&utv=Content%20View&utt=65&_u=aGDACEALR~&jid=&gjid=&cid=2136302218.1570112983&tid=UA-63985451-3&_gid=607453430.1570112983&gtm=2wg9p0TWJJ8L&cd2=GA1.2.2136302218.1570112983&cd5=NO&cd7=2019-10-03T16%3A29%3A43.392%2B02%3A00&cd16=GA1.2.2136302218.1570112983&cd34=GA1.2.2136302218.1570112983&cd42=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&cd46=undefined&z=458366937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Aug 2019 12:44:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
3289541
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
event.php
api.nanigans.com/ 		0
635 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.nanigans.com/event.php?app_id=82356&user_id=GA1.2.2136302218.1570112983&type=visit&name=site_visit&nan_hash=a23557c8NEAKNTCM1570112983464&nan_fp=a43fcc857db6e1f5568094fc6d3cee40&nan_fmt=js
Requested by
Host: cdn.nanigans.com
URL: https://cdn.nanigans.com/NaN_tracker.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
169.51.68.190 Fetsund, Norway, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
be.44.33a9.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Oct 2019 14:29:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, must-revalidate, no-store, post-check=0, pre-check=0
Content-Type
text/javascript;charset=UTF-8
Content-Length
20
X-XSS-Protection
1; mode=block
Expires
Sat, 26 Jul 1997 05:00:00 GMT
inferredEvents.js
connect.facebook.net/signals/plugins/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.9.4
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
10218
x-xss-protection
0
pragma
public
x-fb-debug
Lk+w4xfKaVIHOzHRKqzfFlTe/LWV7dwbzPp/E1wL4dbFH5+A8Gmx18KkV7s8msrblfso63Y2xpOSoZaIEsH7Wg==
x-fb-trip-id
420120009
x-frame-options
DENY
date
Thu, 03 Oct 2019 14:29:43 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
0
bat.bing.com/action/ 		0
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5065477&Ver=2&mid=b1a4a4ae-6c5b-29a9-8f5d-b298234d0053&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Play%20Starburst%20at%20Mr%20Green&p=https%3A%2F%2Fwww.mrgreen.com%2Fno%2Fslots-starburst%3Fbtag%3D3407146_6339D65411AE4A748903190A1C89C50C%26subid%3D1028e4ca65e6bec1449852f29b2ada%26var1%3D1038%26utm_medium%3Daffiliates%26utm_source%3D3407146&r=&lt=2598&evt=pageLoad&msclkid=N&rn=696902
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Thu, 03 Oct 2019 14:29:43 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 44A2CF0C54AC477B96879E5420F7265A Ref B: VIEEDGE1120 Ref C: 2019-10-03T14:29:43Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=500699753395600&ev=ViewContent&dl=https%3A%2F%2Fwww.mrgreen.com%2Fno%2Fslots-starburst%3Fbtag%3D3407146_6339D65411AE4A748903190A1C89C50C%26subid%3D1028e4ca65e6bec1449852f29b2ada%26var1%3D1038%26utm_medium%3Daffiliates%26utm_source%3D3407146&rl=&if=false&ts=1570112983499&sw=1600&sh=1200&v=2.9.4&r=stable&ec=0&o=30&fbp=fb.1.1570112983498.549651626&it=1570112983444&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 03 Oct 2019 14:29:43 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Thu, 03 Oct 2019 14:29:43 GMT
/
www.facebook.com/tr/ 		44 B
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=500699753395600&ev=PageView&dl=https%3A%2F%2Fwww.mrgreen.com%2Fno%2Fslots-starburst%3Fbtag%3D3407146_6339D65411AE4A748903190A1C89C50C%26subid%3D1028e4ca65e6bec1449852f29b2ada%26var1%3D1038%26utm_medium%3Daffiliates%26utm_source%3D3407146&rl=&if=false&ts=1570112983500&sw=1600&sh=1200&v=2.9.4&r=stable&ec=1&o=30&fbp=fb.1.1570112983498.549651626&it=1570112983444&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 03 Oct 2019 14:29:43 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Thu, 03 Oct 2019 14:29:43 GMT
/
a1.adform.net/Serving/TrackPoint/ 		19 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a1.adform.net/Serving/TrackPoint/?pm=1397372&ADFPageName=Universal%20Tag&ADFdivider=%7C&ord=172459512407&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzbCI6InNhbGVzIiwiYWdlIjoiPGluc2VydCBBZ2UgR3JvdXAgdmFsdWUgaGVyZT4iLCJnZW4iOiJudWxsIiwiY3VyIjoiPGluc2VydCBDdXJyZW5jeSB2YWx1ZSBoZXJlPiIsInN2MSI6Ik1yR3JlZW4iLCJzdjIiOiJzdG9yZWZyb250Iiwic3YzIjoidW5kZWZpbmVkIiwic3Y0IjoiTk8iLCJzdjUiOiJ1bmRlZmluZWQiLCJzdjYiOiJzcG9ydCIsInN2NyI6Imh0dHBzOi8vd3d3Lm1yZ3JlZW4uY29tL25vL3Nsb3RzLXN0YXJidXJzdD9idGFnPTM0MDcxNDZfNjMzOUQ2NTQxMUFFNEE3NDg5MDMxOTBBMUM4OUM1MEMmc3ViaWQ9MTAyOGU0Y2E2NWU2YmVjMTQ0OTg1MmYyOWIyYWRhJnZhcjE9MTAzOCZ1dG1fbWVkaXVtPWFmZmlsaWF0ZXMmdXRtX3NvdXJjZT0zNDA3MTQ2Iiwic3Y4Ijoid3d3Lm1yZ3JlZW4uY29tIiwic3Y5IjoiIiwic3YxMCI6ImRlc2t0b3AiLCJzdjExIjoiMTU3MDExMjk4MzM5OS5yemZzazgwZyIsInN2MTIiOiJ1bmRlZmluZWQiLCJzdjEzIjoidW5kZWZpbmVkIiwic3YxNCI6IjIwMTktMTAtMDNUMTY6Mjk6NDMuMzk5KzAyOjAwIiwic3YxNSI6InVuZGVmaW5lZCJ9&loc=https%3A%2F%2Fwww.mrgreen.com%2Fno%2Fslots-starburst%3Fbtag%3D3407146_6339D65411AE4A748903190A1C89C50C%26subid%3D1028
Requested by
Host: a1.adform.net
URL: https://a1.adform.net/serving/scripts/trackpoint/async/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ede3145c3919f8aa17d3c2dd7f9f74e43d1f7a9adfd0e9aecfa7e2ff90ff396e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Oct 2019 14:29:43 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/javascript; charset=utf-8
content-length
9602
expires
-1
/
a1.adform.net/Serving/TrackPoint/ 		19 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a1.adform.net/Serving/TrackPoint/?pm=933591&ADFPageName=Visits%20Mr%20Green%20Global&ADFdivider=%7C&ord=394378555774&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.mrgreen.com%2Fno%2Fslots-starburst%3Fbtag%3D3407146_6339D65411AE4A748903190A1C89C50C%26subid%3D1028
Requested by
Host: a1.adform.net
URL: https://a1.adform.net/serving/scripts/trackpoint/async/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e6a66aa306eb0f0abccbd509ff99d9ea93641e81e84962bca52d58a8d297c01a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Oct 2019 14:29:43 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/javascript; charset=utf-8
content-length
8980
expires
-1
checkUid
tb.de17a.com/api/ Frame 1EDB
Redirect Chain
  • https://tb.de17a.com/api/getUid?data=%7B%7D&callback=$d7_cb_1
  • https://tb.de17a.com/api/checkUid?data=%7B%7D&callback=$d7_cb_1
61 B
214 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tb.de17a.com/api/checkUid?data=%7B%7D&callback=$d7_cb_1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.155.156.189 , Ascension Island, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
213-155-156-189.customer.teliacarrier.com
Software
nginx/1.16.0 /
Resource Hash
5a4a269efdb70a676efb886e800731c273b10a9456c8a385f16de67723dad419

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 03 Oct 2019 14:29:43 GMT
server
nginx/1.16.0
content-type
application/json
content-length
61
p3p
CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"

Redirect headers

status
307
date
Thu, 03 Oct 2019 14:29:43 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
server
nginx/1.16.0
content-length
0
location
https://tb.de17a.com/api/checkUid?data=%7B%7D&callback=$d7_cb_1
p3p
CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"
/
a1.adform.net/wpf/v2/cla44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dFqwomevLNDrhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt... 		122 B
606 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a1.adform.net/wpf/v2/cla44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dFqwomevLNDrhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt3Q9cUVlOrXTAxw63UYOKES5jfzmkflFflczl998tp7ppfAaZ6m1CdC5MQjGejuTDRNziCvTDfWocQTPOKSfB6QqgXK_Pmtd0UbUV8afuyPBAhqvnpCuSjbDzDdYejftckuyPBDjaY2ftckkCoq75uQ0IHZ1evSJa_0Rhk6Hb9LarUqUdHz16rgPtFFg4Jh5DtFMk.Nk4JkL3t8mX6QSsMuinw9UTlfe2Rc7L1eWNNW5BNlYie3NlY52DLrV9BNorW6Tv4pA4.L9.gJ0Nc1lF4XVA4.9gJ.c4elF1eLf4.pwoRbA4.pwoRbA4.90PgJ.c4elF1rfs.2Ag/serving/trackpoint/?pm=933591&ADFPageName=Visits+Mr+Green+Global&ADFdivider=%7c&ord=394378555774&Set1=en-US%7cen-US%7c1600x1200%7c24&ADFtpmode=2&loc=https%3a%2f%2fwww.mrgreen.com%2fno%2fslots-starburst%3fbtag%3d3407146_6339D65411AE4A748903190A1C89C50C%26subid%3d1028&catdt=0
Requested by
Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
eeff5a60635d1fd4da4d25fe88138d4988bc7adde2d4e506f1b47aa710002568

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Oct 2019 14:29:43 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/javascript; charset=utf-8
content-length
194
expires
-1
collect
www.google-analytics.com/ 		35 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=1153410367&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.mrgreen.com%2Fno%2Fslots-starburst%3Fbtag%3D3407146_6339D65411AE4A748903190A1C89C50C%26subid%3D1028e4ca65e6bec1449852f29b2ada%26var1%3D1038%26utm_medium%3Daffiliates%26utm_source%3D3407146&dp=%2Fno%2Fslots-starburst&ul=en-us&de=UTF-8&dt=Play%20Starburst%20at%20Mr%20Green&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Customer%20status&ea=Customer%20status&el=Prospect&_u=aGDACEALR~&jid=&gjid=&cid=2136302218.1570112983&tid=UA-63985451-3&_gid=607453430.1570112983&gtm=2wg9p0TWJJ8L&cd24=&cd42=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&cd46=undefined&cd41=Prospect&z=2139813632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Aug 2019 12:44:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
3289541
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
piwik.php
trck.spoteffects.net/analytics/ 		43 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trck.spoteffects.net/analytics/piwik.php?action_name=Play%20Starburst%20at%20Mr%20Green&idsite=287&rec=1&r=230041&h=16&m=29&s=43&url=https%3A%2F%2Fwww.mrgreen.com%2Fno%2Fslots-starburst%3Fbtag%3D3407146_6339D65411AE4A748903190A1C89C50C%26subid%3D1028e4ca65e6bec1449852f29b2ada%26var1%3D1038%26utm_medium%3Daffiliates%26utm_source%3D3407146&_id=2188d20af8c468c7&_idts=1570112984&_idvc=1&_idn=0&_refts=0&_viewts=1570112984&send_image=1&cookie=1&res=1600x1200&gt_ms=2008&pv_id=qFMt5I
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.119.158.131 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
nginx / PHP/7.2.15
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 03 Oct 2019 14:29:43 GMT
cache-control
no-store
server
nginx
x-powered-by
PHP/7.2.15
content-type
image/gif
/
a1.adform.net/wpf/v2/Vla44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dFqwomevLNDrhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt... 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a1.adform.net/wpf/v2/Vla44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dFqwomevLNDrhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt3Q9cUVlOrXTAxw63UYOKES5jfzmkflFflczl998tp7ppfAaZ6m1CdC5MQjGejuTDRNziCvTDfWocQTPOKSfB6QqgXK_Pmtd0UbUV8afuyPBAhqvnpCuSjbDzDdYejftckuyPBDjaY2ftckkCoq75uQ0IHZ1evSJV9PtQVD_DJhCizgzH_y3EjNpmVWN9dPBSork.Nk4JkL3t8mX6QSsMuinw9UTlfe2Rc7L1eWNNW5BNlYie3NlY52DLrV9BNorW6Tv4pA4.L9.gJ0Nc1lF4XVA4.9gJ.c4elF1eLf4.pwoRbA4.pwoRbA4.90PgJ.c4elF1rfs.DfB/serving/trackpoint/?pm=1397372&ADFPageName=Universal+Tag&ADFdivider=%7c&ord=172459512407&Set1=en-US%7cen-US%7c1600x1200%7c24&ADFtpmode=2&itm=eyJzbCI6InNhbGVzIiwiYWdlIjoiPGluc2VydCBBZ2UgR3JvdXAgdmFsdWUgaGVyZT4iLCJnZW4iOiJudWxsIiwiY3VyIjoiPGluc2VydCBDdXJyZW5jeSB2YWx1ZSBoZXJlPiIsInN2MSI6Ik1yR3JlZW4iLCJzdjIiOiJzdG9yZWZyb250Iiwic3YzIjoidW5kZWZpbmVkIiwic3Y0IjoiTk8iLCJzdjUiOiJ1bmRlZmluZWQiLCJzdjYiOiJzcG9ydCIsInN2NyI6Imh0dHBzOi8vd3d3Lm1yZ3JlZW4uY29tL25vL3Nsb3RzLXN0YXJidXJzdD9idGFnPTM0MDcxNDZfNjMzOUQ2NTQxMUFFNEE3NDg5MDMxOTBBMUM4OUM1MEMmc3ViaWQ9MTAyOGU0Y2E2NWU2YmVjMTQ0OTg1MmYyOWIyYWRhJnZhcjE9MTAzOCZ1dG1fbWVkaXVtPWFmZmlsaWF0ZXMmdXRtX3NvdXJjZT0zNDA3MTQ2Iiwic3Y4Ijoid3d3Lm1yZ3JlZW4uY29tIiwic3Y5IjoiIiwic3YxMCI6ImRlc2t0b3AiLCJzdjExIjoiMTU3MDExMjk4MzM5OS5yemZzazgwZyIsInN2MTIiOiJ1bmRlZmluZWQiLCJzdjEzIjoidW5kZWZpbmVkIiwic3YxNCI6IjIwMTktMTAtMDNUMTY6Mjk6NDMuMzk5KzAyOjAwIiwic3YxNSI6InVuZGVmaW5lZCJ9&loc=https%3a%2f%2fwww.mrgreen.com%2fno%2fslots-starburst%3fbtag%3d3407146_6339D65411AE4A748903190A1C89C50C%26subid%3d1028&catdt=0
Requested by
Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
54b5c74832ea28fcc0218dc1b17f2e164082ce46234a2001f354326c39f32a9b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Oct 2019 14:29:43 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/javascript; charset=utf-8
content-length
2670
expires
-1
pageView
tb.de17a.com/api/ Frame 5D53 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tb.de17a.com/api/pageView?data=%7B%22action%22%3A%22pageView%22%2C%22pageId%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.mrgreen.com%2Fno%2Fslots-starburst%3Fbtag%3D3407146_6339D65411AE4A748903190A1C89C50C%26subid%3D1028e4ca65e6bec1449852f29b2ada%26var1%3D1038%26utm_medium%3Daffiliates%26utm_source%3D3407146%22%2C%22title%22%3A%22Play%20Starburst%20at%20Mr%20Green%22%2C%22trackingAccountId%22%3A%22128%22%2C%22referrer%22%3A%22%22%7D&callback=$d7_cb_2
Requested by
Host: tb.de17a.com
URL: https://tb.de17a.com/d7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.155.156.189 , Ascension Island, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
213-155-156-189.customer.teliacarrier.com
Software
nginx/1.16.0 /
Resource Hash
090fb1e73106b740a843f953287d1f3c578932c851934b379a530832ae6dd4c3

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 03 Oct 2019 14:29:43 GMT
server
nginx/1.16.0
content-type
application/json
content-length
3579
p3p
CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"
/
track.adform.net/Serving/TrackPoint/ 		128 B
610 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/TrackPoint/?pm=1397503&ADFPageName=MrGreen%20-%20Lobby%20-%20storefront&ADFdivider=%7C&ord=92586907194&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzbCI6InVuZGVmaW5lZCIsImFnZSI6IjxpbnNlcnQgQWdlIEdyb3VwIHZhbHVlIGhlcmU-IiwiZ2VuIjoibnVsbCIsImN1ciI6IjxpbnNlcnQgQ3VycmVuY3kgdmFsdWUgaGVyZT4iLCJzdjEiOiJNckdyZWVuIiwic3YyIjoic3RvcmVmcm9udCIsInN2MyI6InVuZGVmaW5lZCIsInN2NCI6Ik5PIiwic3Y1IjoidW5kZWZpbmVkIiwic3Y2Ijoic3BvcnQiLCJzdjciOiJodHRwczovL3d3dy5tcmdyZWVuLmNvbS9uby9zbG90cy1zdGFyYnVyc3Q_YnRhZz0zNDA3MTQ2XzYzMzlENjU0MTFBRTRBNzQ4OTAzMTkwQTFDODlDNTBDJnN1YmlkPTEwMjhlNGNhNjVlNmJlYzE0NDk4NTJmMjliMmFkYSZ2YXIxPTEwMzgmdXRtX21lZGl1bT1hZmZpbGlhdGVzJnV0bV9zb3VyY2U9MzQwNzE0NiIsInN2OCI6Ind3dy5tcmdyZWVuLmNvbSIsInN2OSI6IiIsInN2MTAiOiJkZXNrdG9wIiwic3YxMSI6IjE1NzAxMTI5ODMzOTkucnpmc2s4MGciLCJzdjEyIjoidW5kZWZpbmVkIiwic3YxMyI6InVuZGVmaW5lZCIsInN2MTQiOiIyMDE5LTEwLTAzVDE2OjI5OjQzLjM5OSswMjowMCIsInN2MTUiOiJ1bmRlZmluZWQifQ&loc=https%3A%2F%2Fwww.mrgreen.com%2Fno%2Fslots-starburst%3Fbtag%3D3407146_6339D65411AE4A748903190A1C89C50C%26subid%3D1028
Requested by
Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ff321cd25b4d010da41cb13fd6f0b88373ff1110eca33654fb5378c567e51a56

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Oct 2019 14:29:43 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/javascript; charset=utf-8
content-length
198
expires
-1
tap.php
pixel.rubiconproject.com/ Frame 4D32 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6327&nid=2135&put=6565026267480121959&expires=30
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.136 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif
google
d5p.de17a.com/cookies/ Frame 4D32
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_cm&google_ula=668382
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEITyzT3yWGwR3Uyu6DqdAIU&google_cver=1&google_ula=668382,0
35 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d5p.de17a.com/cookies/google?google_gid=CAESEITyzT3yWGwR3Uyu6DqdAIU&google_cver=1&google_ula=668382,0
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.155.156.164 , Ascension Island, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
213-155-156-164.customer.teliacarrier.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Connection
close
P3P
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Content-Length
35
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 03 Oct 2019 14:29:43 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://d5p.de17a.com/cookies/google?google_gid=CAESEITyzT3yWGwR3Uyu6DqdAIU&google_cver=1&google_ula=668382,0
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4D32
Redirect Chain
  • https://us-u.openx.net/w/1.0/sd?id=536878327&val=6565026267480121959
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=536878327&val=6565026267480121959
43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=536878327&val=6565026267480121959
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.163.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Oct 2019 14:29:43 GMT
via
1.1 google
server
OXGW/16.163.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
status
200
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Thu, 03 Oct 2019 14:29:43 GMT
via
1.1 google
server
OXGW/16.163.0
status
302
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://us-u.openx.net/w/1.0/sd?cc=1&id=536878327&val=6565026267480121959
alt-svc
clear
content-length
0
appnexus
d5p.de17a.com/setuid/ Frame 4D32
Redirect Chain
  • https://ib.adnxs.com/getuid?https://d5p.de17a.com/setuid/appnexus?anxs_uid=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fd5p.de17a.com%2Fsetuid%2Fappnexus%3Fanxs_uid%3D%24UID
  • https://d5p.de17a.com/setuid/appnexus?anxs_uid=7267655540383791860
35 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d5p.de17a.com/setuid/appnexus?anxs_uid=7267655540383791860
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.155.156.164 , Ascension Island, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
213-155-156-164.customer.teliacarrier.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Connection
close
P3P
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Content-Length
35
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 03 Oct 2019 14:29:45 GMT
X-Proxy-Origin
89.38.98.91; 89.38.98.91; 314.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.9:80
AN-X-Request-Uuid
826a4b24-7a13-4e89-87c9-6903ef5f9f35
Server
nginx/1.13.4
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://d5p.de17a.com/setuid/appnexus?anxs_uid=7267655540383791860
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
UserMatch.ashx
atemda.com/ Frame 4D32 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atemda.com/UserMatch.ashx?bidderid=18&bidderuid=6565026267480121959&expiration=1572704983
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.36.253.28 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 03 Oct 2019 14:29:22 GMT
Access-Control-Allow-Methods
GET
P3P
CP="NOI DSP NID BUS UNI COM NAV INT STA OTC CURa ADMa DEVa PSAa PSDa OUR"
Access-Control-Allow-Origin
*
Cache-Control
private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Access-Control-Allow-Headers
Content-Type
Content-Length
43
Expires
Thu, 03 Oct 2019 14:29:43 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 4D32 		42 B
825 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=&gdpr_consent=&piggybackCookie=6565026267480121959
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Thu, 03 Oct 2019 14:29:43 GMT
X-lat
Pug22067:0:292
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42
match
ad.360yield.com/ul_cb/ Frame 4D32
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=61&external_user_id=6565026267480121959&expiration=1572704983
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=61&external_user_id=6565026267480121959&expiration=1572704983
43 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=61&external_user_id=6565026267480121959&expiration=1572704983
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.44.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-57-44-17.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 03 Oct 2019 14:29:43 GMT
access-control-allow-origin
*
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

status
302
date
Thu, 03 Oct 2019 14:29:43 GMT
content-type
text/plain
content-length
0
location
https://ad.360yield.com:443/ul_cb/match?publisher_dsp_id=61&external_user_id=6565026267480121959&expiration=1572704983
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
partner
sync.search.spotxchange.com/ Frame 4D32
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7326&uid=6565026267480121959&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=7326&uid=6565026267480121959&img=1&__user_check__=1&sync_id=3e05adbd-e5ea-11e9-b917-15ce3e531206
43 B
526 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7326&uid=6565026267480121959&img=1&__user_check__=1&sync_id=3e05adbd-e5ea-11e9-b917-15ce3e531206
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.126 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 03 Oct 2019 14:29:43 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
133
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Thu, 03 Oct 2019 14:29:43 GMT
Server
nginx
Location
/partner?adv_id=7326&uid=6565026267480121959&img=1&__user_check__=1&sync_id=3e05adbd-e5ea-11e9-b917-15ce3e531206
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
18
Connection
keep-alive
Content-Length
0
sync
pixel.advertising.com/ups/55955/ Frame 4D32 		0
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/55955/sync?uid=6565026267480121959&_origin=1
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.249.39 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-157-249-39.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Thu, 03 Oct 2019 14:29:43 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
sy.eu.angsrvr.com/ Frame 4D32 		0
0
idsync
soma.smaato.net/oapi/ Frame 4D32 		35 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://soma.smaato.net/oapi/idsync?redirect=https%3A%2F%2Fd5p.de17a.com%2Fsetuid%2Fsmaato%3FpartnerId%3DSomaCookieUserId%26deltaInitiated%3D1
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.80.172 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-76-80-172.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 03 Oct 2019 14:29:43 GMT
Last-Modified
Mon, 30 Sep 2019 07:24:56 GMT
Server
SOMA
ETag
W/"35-1569828296000"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35
sync
pixel.advertising.com/ups/55955/ Frame 4D32 		0
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/55955/sync?uid=6565026267480121959&_origin=1&gdpr=&gdpr_consent=
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.249.39 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-157-249-39.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Thu, 03 Oct 2019 14:29:43 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ad.sxp.smartclip.net/ Frame 4D32
Redirect Chain
  • https://ad.sxp.smartclip.net/sync?type=red&dsp=39
  • https://ad.sxp.smartclip.net/sync?type=red&dsp=39&ang_testid=1
  • https://d5p.de17a.com/getuid/smartclip?uuid=a50e53e7-7d47-4d4a-8ba8-e06d98c50f2a
  • https://d5p.de17a.com/getuid/smartclip;c?uuid=a50e53e7-7d47-4d4a-8ba8-e06d98c50f2a
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=39&dspuuid=396580424338026649&uuid=a50e53e7-7d47-4d4a-8ba8-e06d98c50f2a
42 B
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.sxp.smartclip.net/sync?type=host&dsp=39&dspuuid=396580424338026649&uuid=a50e53e7-7d47-4d4a-8ba8-e06d98c50f2a
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.251.67 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-251-67.eu-west-1.compute.amazonaws.com
Software
nginx/1.13.12 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 03 Oct 2019 14:29:44 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.13.12
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

Redirect headers

Location
https://ad.sxp.smartclip.net/sync?type=host&dsp=39&dspuuid=396580424338026649&uuid=a50e53e7-7d47-4d4a-8ba8-e06d98c50f2a
Connection
close
P3P
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
x.bidswitch.net/ul_cb/ Frame 4D32
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=228&user_id=6565026267480121959&expires=30
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=228&user_id=6565026267480121959&expires=30
43 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=228&user_id=6565026267480121959&expires=30
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.155.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-59-155-31.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 03 Oct 2019 14:29:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

status
302
date
Thu, 03 Oct 2019 14:29:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
location
https://x.bidswitch.net/ul_cb/sync?dsp_id=228&user_id=6565026267480121959&expires=30
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
match
dmp.adform.net/serving/cookie/ Frame 4D32
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match?party=1124&cid=6565026267480121959
  • https://dmp.adform.net/serving/cookie/match?CC=1&party=1124&cid=6565026267480121959
35 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match?CC=1&party=1124&cid=6565026267480121959
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Oct 2019 14:29:43 GMT
server
nginx
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1

Redirect headers

pragma
no-cache
date
Thu, 03 Oct 2019 14:29:43 GMT
server
nginx
status
302
location
https://dmp.adform.net/serving/cookie/match?CC=1&party=1124&cid=6565026267480121959
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
6565026267480121959
usermatch.targeting.unrulymedia.com/usermatch/delta/ Frame 4D32 		0
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usermatch.targeting.unrulymedia.com/usermatch/delta/6565026267480121959
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.80.226 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-209-80-226.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 03 Oct 2019 14:29:43 GMT
server
nginx
status
200
allow
GET
p3p
CP="CUR IVDo OUR IND"
access-control-allow-origin
*
cache-control
no-store, no-transform
access-control-allow-credentials
true
content-type
text/html
content-length
0
rum
dsum.casalemedia.com/ Frame 4D32
Redirect Chain
  • https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=6565026267480121959&expiration=1572704983
  • https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=6565026267480121959&expiration=1572704983&C=1
43 B
874 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=6565026267480121959&expiration=1572704983&C=1
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Oct 2019 14:29:43 GMT
Server
Apache
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 03 Oct 2019 14:29:43 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 03 Oct 2019 14:29:43 GMT
Server
Apache
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=6565026267480121959&expiration=1572704983&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
305
Expires
Thu, 03 Oct 2019 14:29:43 GMT
beacon.gif
rum-collector-2.pingdom.net/img/ 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rum-collector-2.pingdom.net/img/beacon.gif?id=5a9dcc570b346800070003d9&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=347&cE=387&dLE=347&dLS=332&fS=331&hS=361&rE=-1&rS=-1&reS=387&resS=2393&resE=2395&uEE=-1&uES=-1&dL=2398&dI=2405&dCLES=2427&dCLEE=2427&dC=2597&lES=2597&lEE=2598&s=nt&title=Play%20Starburst%20at%20Mr%20Green&path=https%3A%2F%2Fwww.mrgreen.com%2Fno%2Fslots-starburst&ref=&sId=bbo8f787&sST=1570112983&sIS=1&rV=0&v=1.4.0
Requested by
Host: rum-static.pingdom.net
URL: https://rum-static.pingdom.net/pa-5a9dcc570b346800070003d9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.92.140 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-49-92-140.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Thu, 03 Oct 2019 14:29:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
/
www.facebook.com/tr/ 		44 B
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=500699753395600&ev=Microdata&dl=https%3A%2F%2Fwww.mrgreen.com%2Fno%2Fslots-starburst%3Fbtag%3D3407146_6339D65411AE4A748903190A1C89C50C%26subid%3D1028e4ca65e6bec1449852f29b2ada%26var1%3D1038%26utm_medium%3Daffiliates%26utm_source%3D3407146&rl=&if=false&ts=1570112984002&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Play%20Starburst%20at%20Mr%20Green%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22nb_NO%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22Play%20Starburst%20at%20Mr%20Green%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.mrgreen.com%2Fno%2Fslots-starburst%22%2C%22og%3Asite_name%22%3A%22Mr%20Green%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Organization%22%2C%22url%22%3A%22https%3A%2F%2Fwww.mrgreen.com%2Fno%2F%22%2C%22sameAs%22%3A%5B%5D%2C%22%40id%22%3A%22https%3A%2F%2Fwww.mrgreen.com%2Fno%2F%23organization%22%2C%22name%22%3A%22Mr%20Green%20ltd%22%2C%22logo%22%3A%22https%3A%2F%2Fwww.mrgreen.com%2Fapp%2Fuploads%2FMr-Green-Logo-Bonus-Message-Thumbnail.jpg%22%7D%2C%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22BreadcrumbList%22%2C%22itemListElement%22%3A%5B%7B%22%40type%22%3A%22ListItem%22%2C%22position%22%3A1%2C%22item%22%3A%7B%22%40id%22%3A%22https%3A%2F%2Fwww.mrgreen.com%2Fno%2F%22%2C%22name%22%3A%22Casino%22%7D%7D%2C%7B%22%40type%22%3A%22ListItem%22%2C%22position%22%3A2%2C%22item%22%3A%7B%22%40id%22%3A%22https%3A%2F%2Fwww.mrgreen.com%2Fno%2Fslots-starburst%22%2C%22name%22%3A%22Slots%3A%20Starburst%22%7D%7D%5D%7D%5D&sw=1600&sh=1200&v=2.9.4&r=stable&ec=2&o=30&fbp=fb.1.1570112984001.1414628222&it=1570112983444&coo=false&es=automatic&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.mrgreen.com/no/slots-starburst?btag=3407146_6339D65411AE4A748903190A1C89C50C&subid=1028e4ca65e6bec1449852f29b2ada&var1=1038&utm_medium=affiliates&utm_source=3407146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 03 Oct 2019 14:29:44 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Thu, 03 Oct 2019 14:29:44 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sy.eu.angsrvr.com
URL
https://sy.eu.angsrvr.com/sync?type=host&dsp=10&dspuuid=6565026267480121959

Verdicts & Comments Add Verdict or Comment

144 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| __cfQR string| sf_cookieOverride function| $ function| jQuery string| ajaxurl object| dataLayer string| GoogleAnalyticsObject function| ga function| getParameterByName undefined| data undefined| obj boolean| is_root string| mockdata boolean| got_cookies string| sportBasePath undefined| country undefined| exclusions function| processData function| objData function| createRedirect undefined| xhr function| Cookies function| createCookie function| getCookie function| delete_cookie function| createCookieConsent object| html5 object| Modernizr object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager object| NaN_api number| currentTime object| _gsScope object| _gsQueue object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| TweenMax function| TimelineLite function| TimelineMax function| BezierPlugin function| CSSPlugin function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup object| google_optimize object| FortAwesomeConfig string| woffCSSFilename string| cssFilename string| cssUrl object| tlGameTiles object| curTime string| endTime number| endTimeUnix string| device string| deviceAgent object| isTouchDevice boolean| __cfRLUnblockHandlers function| getIP object| uetq function| fbq function| _fbq object| _adftrack object| Trustpilot object| _d7 object| _spef string| $page_url object| $this string| $href function| UET object| Adform object| KJUR object| adf boolean| K function| La object| fortyone object| d string| expires object| JSON_PIWIK object| Spef object| AnalyticsTracker function| spef_log string| tpPageName string| adfURL function| findMarket function| findSuffix function| distributeAustria function| findBrand function| findSales object| marketsTable object| conversionNames object| order string| marketID string| suffix string| brand undefined| adfPageName undefined| brandSuffix object| CryptoJS object| ctObj string| ctStr

3 Cookies

Domain/Path Name / Value
.mrgreen.com/ Name: __cf_bm
Value: 672a94b3804952531188e6a724f582b9bcb75900-1570112982-1800-AXsfhoxOHlJ2roiAoXQt3RuuqVOGL4zPnMyb5biUD8RTkLdcXTiEfZkvZkdVmK2TV7MUpgKTZyRXXbHFPR3VJQk=
.mrgreen.com/ Name: cf_ipcountry
Value: nl
.mrgreen.com/ Name: __cfduid
Value: d25f7c9c4cd9b67ee4f11a29992b7cd721570112981

2 Console Messages

Source Level URL
Text
console-api log URL: https://a1.adform.net/wpf/v2/Vla44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dFqwomevLNDrhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt3Q9cUVlOrXTAxw63UYOKES5jfzmkflFflczl998tp7ppfAaZ6m1CdC5MQjGejuTDRNziCvTDfWocQTPOKSfB6QqgXK_Pmtd0UbUV8afuyPBAhqvnpCuSjbDzDdYejftckuyPBDjaY2ftckkCoq75uQ0IHZ1evSJV9PtQVD_DJhCizgzH_y3EjNpmVWN9dPBSork.Nk4JkL3t8mX6QSsMuinw9UTlfe2Rc7L1eWNNW5BNlYie3NlY52DLrV9BNorW6Tv4pA4.L9.gJ0Nc1lF4XVA4.9gJ.c4elF1eLf4.pwoRbA4.pwoRbA4.90PgJ.c4elF1rfs.DfB/serving/trackpoint/?pm=1397372&ADFPageName=Universal+Tag&ADFdivider=%7c&ord=172459512407&Set1=en-US%7cen-US%7c1600x1200%7c24&ADFtpmode=2&itm=eyJzbCI6InNhbGVzIiwiYWdlIjoiPGluc2VydCBBZ2UgR3JvdXAgdmFsdWUgaGVyZT4iLCJnZW4iOiJudWxsIiwiY3VyIjoiPGluc2VydCBDdXJyZW5jeSB2YWx1ZSBoZXJlPiIsInN2MSI6Ik1yR3JlZW4iLCJzdjIiOiJzdG9yZWZyb250Iiwic3YzIjoidW5kZWZpbmVkIiwic3Y0IjoiTk8iLCJzdjUiOiJ1bmRlZmluZWQiLCJzdjYiOiJzcG9ydCIsInN2NyI6Imh0dHBzOi8vd3d3Lm1yZ3JlZW4uY29tL25vL3Nsb3RzLXN0YXJidXJzdD9idGFnPTM0MDcxNDZfNjMzOUQ2NTQxMUFFNEE3NDg5MDMxOTBBMUM4OUM1MEMmc3ViaWQ9MTAyOGU0Y2E2NWU2YmVjMTQ0OTg1MmYyOWIyYWRhJnZhcjE9MTAzOCZ1dG1fbWVkaXVtPWFmZmlsaWF0ZXMmdXRtX3NvdXJjZT0zNDA3MTQ2Iiwic3Y4Ijoid3d3Lm1yZ3JlZW4uY29tIiwic3Y5IjoiIiwic3YxMCI6ImRlc2t0b3AiLCJzdjExIjoiMTU3MDExMjk4MzM5OS5yemZzazgwZyIsInN2MTIiOiJ1bmRlZmluZWQiLCJzdjEzIjoidW5kZWZpbmVkIiwic3YxNCI6IjIwMTktMTAtMDNUMTY6Mjk6NDMuMzk5KzAyOjAwIiwic3YxNSI6InVuZGVmaW5lZCJ9&loc=https%3a%2f%2fwww.mrgreen.com%2fno%2fslots-starburst%3fbtag%3d3407146_6339D65411AE4A748903190A1C89C50C%26subid%3d1028&catdt=0(Line 43)
Message:
suffix Lobby - storefront returned
console-api log URL: https://a1.adform.net/wpf/v2/Vla44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dFqwomevLNDrhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt3Q9cUVlOrXTAxw63UYOKES5jfzmkflFflczl998tp7ppfAaZ6m1CdC5MQjGejuTDRNziCvTDfWocQTPOKSfB6QqgXK_Pmtd0UbUV8afuyPBAhqvnpCuSjbDzDdYejftckuyPBDjaY2ftckkCoq75uQ0IHZ1evSJV9PtQVD_DJhCizgzH_y3EjNpmVWN9dPBSork.Nk4JkL3t8mX6QSsMuinw9UTlfe2Rc7L1eWNNW5BNlYie3NlY52DLrV9BNorW6Tv4pA4.L9.gJ0Nc1lF4XVA4.9gJ.c4elF1eLf4.pwoRbA4.pwoRbA4.90PgJ.c4elF1rfs.DfB/serving/trackpoint/?pm=1397372&ADFPageName=Universal+Tag&ADFdivider=%7c&ord=172459512407&Set1=en-US%7cen-US%7c1600x1200%7c24&ADFtpmode=2&itm=eyJzbCI6InNhbGVzIiwiYWdlIjoiPGluc2VydCBBZ2UgR3JvdXAgdmFsdWUgaGVyZT4iLCJnZW4iOiJudWxsIiwiY3VyIjoiPGluc2VydCBDdXJyZW5jeSB2YWx1ZSBoZXJlPiIsInN2MSI6Ik1yR3JlZW4iLCJzdjIiOiJzdG9yZWZyb250Iiwic3YzIjoidW5kZWZpbmVkIiwic3Y0IjoiTk8iLCJzdjUiOiJ1bmRlZmluZWQiLCJzdjYiOiJzcG9ydCIsInN2NyI6Imh0dHBzOi8vd3d3Lm1yZ3JlZW4uY29tL25vL3Nsb3RzLXN0YXJidXJzdD9idGFnPTM0MDcxNDZfNjMzOUQ2NTQxMUFFNEE3NDg5MDMxOTBBMUM4OUM1MEMmc3ViaWQ9MTAyOGU0Y2E2NWU2YmVjMTQ0OTg1MmYyOWIyYWRhJnZhcjE9MTAzOCZ1dG1fbWVkaXVtPWFmZmlsaWF0ZXMmdXRtX3NvdXJjZT0zNDA3MTQ2Iiwic3Y4Ijoid3d3Lm1yZ3JlZW4uY29tIiwic3Y5IjoiIiwic3YxMCI6ImRlc2t0b3AiLCJzdjExIjoiMTU3MDExMjk4MzM5OS5yemZzazgwZyIsInN2MTIiOiJ1bmRlZmluZWQiLCJzdjEzIjoidW5kZWZpbmVkIiwic3YxNCI6IjIwMTktMTAtMDNUMTY6Mjk6NDMuMzk5KzAyOjAwIiwic3YxNSI6InVuZGVmaW5lZCJ9&loc=https%3a%2f%2fwww.mrgreen.com%2fno%2fslots-starburst%3fbtag%3d3407146_6339D65411AE4A748903190A1C89C50C%26subid%3d1028&catdt=0(Line 62)
Message:
brand MrGreen returned

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

212-83-184-28.rev.abacf.org
8268145.fls.doubleclick.net
a1.adform.net
ad.360yield.com
ad.sxp.smartclip.net
ads.mrgreen.com
ajax.cloudflare.com
ajax.googleapis.com
api.ipify.org
api.nanigans.com
atemda.com
balrogworks.com
bat.bing.com
bit.ly
cdn.nanigans.com
cdnjs.cloudflare.com
cloud.typography.com
cm.g.doubleclick.net
connect.facebook.net
d5p.de17a.com
dmp.adform.net
dsum.casalemedia.com
ib.adnxs.com
image2.pubmatic.com
pixel.advertising.com
pixel.rubiconproject.com
rum-collector-2.pingdom.net
rum-static.pingdom.net
soma.smaato.net
static.mrgcdn.com
stats.g.doubleclick.net
sy.eu.angsrvr.com
sync.search.spotxchange.com
tb.de17a.com
track.adform.net
trafficgridmedia.go2cloud.org
trck.spoteffects.net
us-u.openx.net
use.fortawesome.com
usermatch.targeting.unrulymedia.com
widget.trustpilot.com
winds.hurricane8.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.junkani.com
www.mrgreen.com
x.bidswitch.net
sy.eu.angsrvr.com
104.16.34.56
104.17.168.81
104.237.146.183
107.154.251.88
107.22.193.167
169.51.68.190
172.217.23.98
185.33.223.209
185.64.189.110
185.94.180.126
2.18.234.21
20.36.253.28
212.83.184.28
213.155.156.164
213.155.156.189
216.170.125.183
216.58.205.230
23.37.59.76
2606:4700:10::6814:14ef
2606:4700::6813:c797
2620:1ec:c11::200
2a00:1450:4001:80b::200e
2a00:1450:4001:814::2008
2a00:1450:4001:81c::2003
2a00:1450:4001:820::2004
2a00:1450:4001:820::200a
2a00:1450:400c:c07::9d
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.95.120.147
35.157.249.39
37.157.4.40
37.157.4.41
40.119.158.131
52.209.80.226
52.31.251.67
52.49.92.140
52.57.44.17
52.59.155.31
54.230.203.240
54.230.95.171
54.72.199.154
54.76.80.172
54.77.55.237
67.199.248.10
69.173.144.136
94.31.29.154
04ef57f2030985da730ef6cbbde42bba8fa79ab18f92681ef8a17615150bdd6e
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
090fb1e73106b740a843f953287d1f3c578932c851934b379a530832ae6dd4c3
10d128002d488f4f4fdcc559e0fb48d31104c7cc2bd50ac7684288a19ce0d2ca
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177
187c8bb2b506ca64efdb76a928f9a400a0d3333534adbbfd31640938599a4167
1a324ffab8426503c882cf1903c87537fb3fd0ba84482d24798a795e3927b6ee
2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f
2d7959a33800baede38622d168b8d555eab6b61e20406674998d5ccb437045b0
310849a5f945cbe402c9ee331d5a02b99b133a53b16e5d8291ff9adf5df27363
39bd2d98fab7d890eef85cb7573b20a41572da4e25b4e48ab931f25f285fe9fa
4a28937b0e6cfcee7a7aac0766213d2acd221aae8ea6d159bbc706a18b52bd45
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
532ac5212597742e1d5d141a7500fdafe96edaa9449c8f3fbe0519fd954aef34
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54b5c74832ea28fcc0218dc1b17f2e164082ce46234a2001f354326c39f32a9b
55138686144d0f04d70faa92ac3c1568af9090d97ce02c74d4c2863864b4b02d
58dbae5bdf2b5e9ac2518952762a7d601120590b706c13577ae102c5cabeef73
5a4a269efdb70a676efb886e800731c273b10a9456c8a385f16de67723dad419
5ca972b4d30bbb380b96651a09652849cb7affbe7012371237ed9452e357c636
60266c6184ffabff6c8230bb838a93c175279c4857ce608eb8e6688bcb3dbd5e
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
694785eaeec88c495973f252a762febf6883deebe838de684f51c337a5e8f230
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e4e9e68ea446e385eef104bc9bef4f7b36e7b99b9aea2c1ef27d79151ce065b
7a91531238b3a70dd3cc21b8c8d6c78eff1642ac5dacded120273f04d5e0e89c
7ebb1042972496d60bb6555b9622f7e23201bbfe5d25b33d1096f1b61d659045
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8b40663a929c440f08915e6f366f6c1e2e1efb478292cb4515ca082881d2ae8e
90ba2ef9ef8fb5fd2c6a50ffa0fc4339690c58902bbb7948bc86405735f8e463
961546766af19a351839e02697d1ca798965514c51ed8824ef49de8a4fe33a04
99736c9128375ff6983ed79cefcaaf06b2b3669b7f6f3e1ffd352f431b643efc
a631e8098179b4b6feaca08bce747cb8b3c53450c3fe30eead2c3f23dd288265
aca6a7bb5bc0a32e7b74d497fd7b859661b8c49025a67f72c7b3c92757d9c463
b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b
b78bbe08f6dd34d6cf65957ae5b316be9156bc45f249ff4b69888b577d946a76
bf5026646a51819085652ec619610280e6a1aac7089485f260b7c3e6ea802ad7
c28e74a706e85ef9a581ecf4ed357accd1272ba87ca98ff0051b37f0c09bcb90
cd60f9e3ec65e800a5736007fe8cf8c5185fc5557b1df220cb6519e0fa61a8bb
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
d724c178eb1f778c4c9211d716816624f4555232e7baa599f02fb54bf202e070
d7ad5e0ca580593b7892c9e3984cc261c12924a2f910e17b30ed6f4257cdb9e7
d7bcf1b53835b420a9ff4057f35e9d32cafb506b5fe8703dce261950159b3574
db0e9f85655389cde32da4582d3773c28663e79216fb58f8b1a68f254fb3ede4
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e0f5c5fa35c0c9f9ad2fd0468cea730ec890800e099d60893dd4357104f12ea5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6a66aa306eb0f0abccbd509ff99d9ea93641e81e84962bca52d58a8d297c01a
e7885fc992f0e640f672c385c1219434f2d3c67d0dc1e06d4e87b44ec04f1122
ede3145c3919f8aa17d3c2dd7f9f74e43d1f7a9adfd0e9aecfa7e2ff90ff396e
eeff5a60635d1fd4da4d25fe88138d4988bc7adde2d4e506f1b47aa710002568
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d357525fffa4b6f39b07dfad4b8e028e72feaf57817f3d12d603f6b3a24ca6
f71949eb5abb767c30181fee3c683cf75a45e2a6f9573c0f6bccea82927a46b4
fadbbfe9ffb5e2e3efd9ce5c2e17f0731352e8d2c2e3d01cb1e0eb6c7b7af725
fd724882dc8a94e7d01094c644badf758051ed60099bb88faf936286f214c97c
ff321cd25b4d010da41cb13fd6f0b88373ff1110eca33654fb5378c567e51a56