casino.mrgreen.com Open in urlscan Pro
104.16.173.213 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ghanteau.com/login/link.php?M=4322061&N=126&L=8&F=H
Effective URL:
https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&va...
Submission: On February 15 via manual (February 15th 2020, 7:33:09 am UTC) from FI

Summary HTTP 91 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 21 IPs in 7 countries across 21 domains to perform 91 HTTP transactions. The main IP is 104.16.173.213, located in United States and belongs to CLOUDFLARENET, US. The main domain is casino.mrgreen.com.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on December 7th 2019. Valid for: 6 months.

This is the only time casino.mrgreen.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	159.203.10.221 159.203.10.221	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:81a::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:815::2003	15169 (GOOGLE) (GOOGLE)
2	35.157.125.133 35.157.125.133	16509 (AMAZON-02) (AMAZON-02)
1 1	3.217.49.197 3.217.49.197	14618 (AMAZON-AES) (AMAZON-AES)
1 1	107.154.251.88 107.154.251.88	19551 (INCAPSULA) (INCAPSULA)
41	104.16.173.213 104.16.173.213	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:4104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.98.159 143.204.98.159	16509 (AMAZON-02) (AMAZON-02)
1 11	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6814:14ef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.204.26.223 54.204.26.223	14618 (AMAZON-AES) (AMAZON-AES)
2 4	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
1	13.224.193.220 13.224.193.220	16509 (AMAZON-02) (AMAZON-02)
6	37.157.6.247 37.157.6.247	198622 (ADFORM) (ADFORM)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:814::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
1	185.10.228.82 185.10.228.82	36351 (SOFTLAYER) (SOFTLAYER)
1	52.215.241.11 52.215.241.11	16509 (AMAZON-02) (AMAZON-02)
3 3	104.16.171.213 104.16.171.213	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2600:1901:0:9... 2600:1901:0:94b6::	15169 (GOOGLE) (GOOGLE)
8	104.17.171.81 104.17.171.81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
91	21

1 159.203.10.221 (Toronto, Canada) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: host.ghanteau.com

ghanteau.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tracklings.page.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.125.133 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-125-133.eu-central-1.compute.amazonaws.com

track.clickstootrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.tracknclicks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.217.49.197 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-49-197.compute-1.amazonaws.com

iaimia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.154.251.88 (United States) 1 redirects

ASN19551 (INCAPSULA, US)
PTR: 107.154.251.88.ip.incapdns.net

ads.mrgreen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 104.16.173.213 (United States)

ASN13335 (CLOUDFLARENET, US)

casino.mrgreen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.mrgreen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4104 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.159 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-159.fra50.r.cloudfront.net

d21ey8j28ejz92.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:806::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:14ef (United States)

ASN13335 (CLOUDFLARENET, US)

rum-static.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.204.26.223 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-26-223.compute-1.amazonaws.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.134 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f134.1e100.net

8460430.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.220 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-220.fra2.r.cloudfront.net

cdn.nanigans.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.6.247 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.10.228.82 (Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: 52.e4.0ab9.ip4.static.sl-reverse.com

api.nanigans.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.241.11 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-241-11.eu-west-1.compute.amazonaws.com

rum-collector-2.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.171.213 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

www.mrgreen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:1901:0:94b6:: (United States)

ASN15169 (GOOGLE, US)

mth-mrgreen.firebaseio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-usc1c-nss-225.firebaseio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.17.171.81 (United States)

ASN13335 (CLOUDFLARENET, US)

static.mrgcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	mrgreen.com 4 redirects ads.mrgreen.com casino.mrgreen.com www.mrgreen.com	1 MB
11	google-analytics.com 1 redirects www.google-analytics.com	48 KB
8	mrgcdn.com static.mrgcdn.com	390 KB
7	firebaseio.com mth-mrgreen.firebaseio.com s-usc1c-nss-225.firebaseio.com	32 KB
6	adform.net track.adform.net	72 KB
5	doubleclick.net 3 redirects 8460430.fls.doubleclick.net stats.g.doubleclick.net	2 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com	29 KB
2	nanigans.com cdn.nanigans.com api.nanigans.com	3 KB
2	pingdom.net rum-static.pingdom.net rum-collector-2.pingdom.net	3 KB
2	googleapis.com fonts.googleapis.com	1 KB
1	google.de www.google.de	109 B
1	google.com 1 redirects www.google.com	190 B
1	ipify.org api.ipify.org	214 B
1	googletagmanager.com www.googletagmanager.com	55 KB
1	cloudfront.net d21ey8j28ejz92.cloudfront.net	5 KB
1	cloudflare.com cdnjs.cloudflare.com	1 KB
1	iaimia.com 1 redirects iaimia.com	749 B
1	tracknclicks.com track.tracknclicks.com	767 B
1	clickstootrack.com track.clickstootrack.com	2 KB
1	page.link tracklings.page.link	60 KB
1	ghanteau.com 1 redirects ghanteau.com	235 B
91	21

	Domain	Requested by
38	casino.mrgreen.com	track.tracknclicks.com casino.mrgreen.com www.google-analytics.com d21ey8j28ejz92.cloudfront.net
11	www.google-analytics.com	1 redirects casino.mrgreen.com www.google-analytics.com
8	static.mrgcdn.com
6	s-usc1c-nss-225.firebaseio.com	casino.mrgreen.com
6	www.mrgreen.com	3 redirects
6	track.adform.net	tracklings.page.link track.adform.net
4	8460430.fls.doubleclick.net	2 redirects www.googletagmanager.com
2	fonts.googleapis.com	casino.mrgreen.com
2	www.gstatic.com
1	mth-mrgreen.firebaseio.com	casino.mrgreen.com
1	rum-collector-2.pingdom.net	rum-static.pingdom.net
1	api.nanigans.com	cdn.nanigans.com
1	www.google.de	casino.mrgreen.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	cdn.nanigans.com	tracklings.page.link
1	api.ipify.org	www.googletagmanager.com
1	rum-static.pingdom.net	casino.mrgreen.com
1	www.googletagmanager.com	casino.mrgreen.com
1	d21ey8j28ejz92.cloudfront.net	casino.mrgreen.com
1	cdnjs.cloudflare.com	casino.mrgreen.com
1	ads.mrgreen.com	1 redirects
1	iaimia.com	1 redirects
1	track.tracknclicks.com	track.clickstootrack.com
1	track.clickstootrack.com
1	fonts.gstatic.com	tracklings.page.link
1	tracklings.page.link
1	ghanteau.com	1 redirects
91	28

This site contains links to these domains. Also see Links.

Domain
itunes.apple.com
mrgreen.com
greengamin.com
help.mrgreen.com
blog.mrgreen.com
greengaming.com
www.mrgreen.com

Subject Issuer	Validity	Valid
*.page.link GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
track.clickstootrack.com Let's Encrypt Authority X3	`2020-02-01` - `2020-05-01`	3 months	crt.sh
track.tracknclicks.com Sectigo RSA Domain Validation Secure Server CA	`2019-06-14` - `2020-06-13`	a year	crt.sh
ssl464724.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-12-07` - `2020-06-14`	6 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
cloudflare.com CloudFlare Inc ECC CA-2	`2020-01-07` - `2020-10-09`	9 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.pingdom.net DigiCert SHA2 High Assurance Server CA	`2019-11-08` - `2021-01-19`	a year	crt.sh
*.ipify.org COMODO RSA Domain Validation Secure Server CA	`2018-01-24` - `2021-01-23`	3 years	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.nanigans.com Go Daddy Secure Certificate Authority - G2	`2019-02-28` - `2021-04-29`	2 years	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
www.google.de GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
firebaseio.com GTS CA 1O1	`2019-03-13` - `2020-03-11`	a year	crt.sh
ssl767972.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-12-06` - `2020-06-13`	6 months	crt.sh

This page contains 5 frames:

Primary Page: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
Frame ID: 96C3B906D201678D61EA5BEFB735A6CF
Requests: 87 HTTP requests in this frame

Frame: https://8460430.fls.doubleclick.net/activityi;dc_pre=CO_ZuKSF0-cCFU7DuwgdzN8G3g;src=8460430;type=lp0;cat=landi0;ord=1;num=798411278236;gtm=2wg250;auiddc=911766261.1581751974;u1=FI;u2=registration%20start;u3=undefined;u4=2020-02-15T08%3A32%3A54.270%2B01%3A00;u5=Prospect;u6=undefined;u7=desktop;u8=1581751974274.qd5xcxz;~oref=https%3A%2F%2Fcasino.mrgreen.com%2Ffi-FI%2Fpay-n-play%2Fregister%3Fbtag%3D3405726_E3E5F3435BE54261B46276CEC24EF8FD%26subid%3D18833-477439555%26var1%3D9811%26utm_medium%3Daffiliates%26utm_source%3D3405726
Frame ID: 4FC94A581479482C6789C322BAA7EB5A
Requests: 1 HTTP requests in this frame

Frame: https://8460430.fls.doubleclick.net/activityi;dc_pre=CJvo_aSF0-cCFcvluwgdd7cGsQ;src=8460430;type=regis0;cat=regis000;ord=1;num=4989528077795;gtm=2wg250;auiddc=911766261.1581751974;u1=FI;u2=registration%20start;u3=GA1.2.707240293.1581751974;u4=2020-02-15T08%3A32%3A55.487%2B01%3A00;u5=Prospect;u6=3405726;u7=desktop;u8=1581751975488.21ula7sl;~oref=https%3A%2F%2Fcasino.mrgreen.com%2Ffi-FI%2Fpay-n-play%2Fregister%2Fwelcome-offer
Frame ID: 2B115FF5C52638B0EA6FC5935E2980F5
Requests: 1 HTTP requests in this frame

Frame: https://mth-mrgreen.firebaseio.com/.lp?start=t&ser=72839754&cb=1&v=5
Frame ID: 0005EDF45B3FEF4469C15604BAE03448
Requests: 6 HTTP requests in this frame

Frame: https://s-usc1c-nss-225.firebaseio.com/.lp?dframe=t&id=689274&pw=ES1tUKhT8P&ns=mth-mrgreen
Frame ID: 340063CB2D57BE2560763180CE8C2533
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ghanteau.com/login/link.php?M=4322061&N=126&L=8&F=H HTTP 302
https://tracklings.page.link/gy1x Page URL
https://track.clickstootrack.com/0192b46a-43ab-445c-a099-7b34329398d4 Page URL
https://track.tracknclicks.com/redirect?target=BASE64aHR0cDovL2lhaW1pYS5jb20vP2E9OTgxMSZjPTE5MTUzJnMxPTAxOT... Page URL
http://iaimia.com/?a=9811&c=19153&s1=0192b46a-43ab-445c-a099-7b34329398d4&s2=waruihqmi43tfvush... HTTP 302
https://ads.mrgreen.com/redirect.aspx?pid=4626947&lpid=3357&bid=5726&subid=18833-477439555&var1=9811 HTTP 301
https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subi... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i

Page Statistics

91
Requests

100 %
HTTPS

46 %
IPv6

21
Domains

28
Subdomains

21
IPs

7
Countries

2105 kB
Transfer

6114 kB
Size

24
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://itunes.apple.com/app/mr-green-online-casino/id995986966
Title:

Search URL Search Domain Scan URL

URL: https://mrgreen.com/fi/download-our-android-app
Title:

Search URL Search Domain Scan URL

URL: https://greengamin.com/
Title: https://greengaming.com/fi/

Search URL Search Domain Scan URL

URL: https://help.mrgreen.com/hc/fi
Title: Help Center Help Center

Search URL Search Domain Scan URL

URL: https://blog.mrgreen.com/int/
Title: Blogi Blogi

Search URL Search Domain Scan URL

URL: https://greengaming.com/fi
Title: Tietoa Green Gamingista Tietoa Green Gamingista

Search URL Search Domain Scan URL

URL: https://mrgreen.com/how-to-play/
Title: Kuinka pelata Kuinka pelata

Search URL Search Domain Scan URL

URL: https://www.mrgreen.com/game-rules
Title: Pelien säännöt Pelien säännöt

Search URL Search Domain Scan URL

URL: https://www.mrgreen.com/careers/
Title: Ura Mr Greenillä

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ghanteau.com/login/link.php?M=4322061&N=126&L=8&F=H HTTP 302
https://tracklings.page.link/gy1x Page URL
https://track.clickstootrack.com/0192b46a-43ab-445c-a099-7b34329398d4 Page URL
https://track.tracknclicks.com/redirect?target=BASE64aHR0cDovL2lhaW1pYS5jb20vP2E9OTgxMSZjPTE5MTUzJnMxPTAxOTJiNDZhLTQzYWItNDQ1Yy1hMDk5LTdiMzQzMjkzOThkNCZzMj13YXJ1aWhxbWk0M3RmdnVzaGE2dmMxZDA&ts=1581751973047&hash=k7Dk7rEAc8J0GQsK3uBdBYbHV9v5aemNUO6lshmyy0g&rm=DJ Page URL
http://iaimia.com/?a=9811&c=19153&s1=0192b46a-43ab-445c-a099-7b34329398d4&s2=waruihqmi43tfvusha6vc1d0 HTTP 302
https://ads.mrgreen.com/redirect.aspx?pid=4626947&lpid=3357&bid=5726&subid=18833-477439555&var1=9811 HTTP 301
https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://ghanteau.com/login/link.php?M=4322061&N=126&L=8&F=H HTTP 302
https://tracklings.page.link/gy1x

Request Chain 31

https://8460430.fls.doubleclick.net/activityi;src=8460430;type=lp0;cat=landi0;ord=1;num=798411278236;gtm=2wg250;auiddc=911766261.1581751974;u1=FI;u2=registration%20start;u3=undefined;u4=2020-02-15T08%3A32%3A54.270%2B01%3A00;u5=Prospect;u6=undefined;u7=desktop;u8=1581751974274.qd5xcxz;~oref=https%3A%2F%2Fcasino.mrgreen.com%2Ffi-FI%2Fpay-n-play%2Fregister%3Fbtag%3D3405726_E3E5F3435BE54261B46276CEC24EF8FD%26subid%3D18833-477439555%26var1%3D9811%26utm_medium%3Daffiliates%26utm_source%3D3405726 HTTP 302
https://8460430.fls.doubleclick.net/activityi;dc_pre=CO_ZuKSF0-cCFU7DuwgdzN8G3g;src=8460430;type=lp0;cat=landi0;ord=1;num=798411278236;gtm=2wg250;auiddc=911766261.1581751974;u1=FI;u2=registration%20start;u3=undefined;u4=2020-02-15T08%3A32%3A54.270%2B01%3A00;u5=Prospect;u6=undefined;u7=desktop;u8=1581751974274.qd5xcxz;~oref=https%3A%2F%2Fcasino.mrgreen.com%2Ffi-FI%2Fpay-n-play%2Fregister%3Fbtag%3D3405726_E3E5F3435BE54261B46276CEC24EF8FD%26subid%3D18833-477439555%26var1%3D9811%26utm_medium%3Daffiliates%26utm_source%3D3405726

Request Chain 41

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=805261595&t=pageview&_s=1&dl=https%3A%2F%2Fcasino.mrgreen.com%2Ffi-FI%2Fpay-n-play%2Fregister%3Fbtag%3D3405726_E3E5F3435BE54261B46276CEC24EF8FD%26subid%3D18833-477439555%26var1%3D9811%26utm_medium%3Daffiliates%26utm_source%3D3405726&dp=%2Ffi-FI%2Fpay-n-play%2Fregister&ul=en-us&de=UTF-8&dt=&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEALQ~&jid=246400241&gjid=37542578&cid=707240293.1581751974&tid=UA-63985451-3&_gid=1544268481.1581751974&_r=1&gtm=2wg250TWJJ8L&cd5=FI&cd7=2020-02-15T08%3A32%3A54.260%2B01%3A00&cd10=0&cd11=1581751974261.vr45pr7&cd19=registration%20start&cd23=1&cd42=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&cd46=undefined&cm6=1079&z=1585909276 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-63985451-3&cid=707240293.1581751974&jid=246400241&_gid=1544268481.1581751974&gjid=37542578&_v=j81&z=1585909276 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63985451-3&cid=707240293.1581751974&jid=246400241&_v=j81&z=1585909276 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63985451-3&cid=707240293.1581751974&jid=246400241&_v=j81&z=1585909276&slf_rd=1&random=520009004

Request Chain 66

https://8460430.fls.doubleclick.net/activityi;src=8460430;type=regis0;cat=regis000;ord=1;num=4989528077795;gtm=2wg250;auiddc=911766261.1581751974;u1=FI;u2=registration%20start;u3=GA1.2.707240293.1581751974;u4=2020-02-15T08%3A32%3A55.487%2B01%3A00;u5=Prospect;u6=3405726;u7=desktop;u8=1581751975488.21ula7sl;~oref=https%3A%2F%2Fcasino.mrgreen.com%2Ffi-FI%2Fpay-n-play%2Fregister%2Fwelcome-offer HTTP 302
https://8460430.fls.doubleclick.net/activityi;dc_pre=CJvo_aSF0-cCFcvluwgdd7cGsQ;src=8460430;type=regis0;cat=regis000;ord=1;num=4989528077795;gtm=2wg250;auiddc=911766261.1581751974;u1=FI;u2=registration%20start;u3=GA1.2.707240293.1581751974;u4=2020-02-15T08%3A32%3A55.487%2B01%3A00;u5=Prospect;u6=3405726;u7=desktop;u8=1581751975488.21ula7sl;~oref=https%3A%2F%2Fcasino.mrgreen.com%2Ffi-FI%2Fpay-n-play%2Fregister%2Fwelcome-offer

Request Chain 71

http://www.mrgreen.com/app/uploads/MARCOM-24151-Bonus-message-thumbnail-120x120-Casino.jpg HTTP 301
https://www.mrgreen.com/app/uploads/MARCOM-24151-Bonus-message-thumbnail-120x120-Casino.jpg

Request Chain 72

http://www.mrgreen.com/app/uploads/MARCOM-24151-Bonus-message-thumbnail-120x120-Sport-1.jpg HTTP 301
https://www.mrgreen.com/app/uploads/MARCOM-24151-Bonus-message-thumbnail-120x120-Sport-1.jpg

Request Chain 73

http://www.mrgreen.com/app/uploads/MARCOM-24151-Bonus-message-thumbnail-120x120-Live.jpg HTTP 301
https://www.mrgreen.com/app/uploads/MARCOM-24151-Bonus-message-thumbnail-120x120-Live.jpg

91 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

gy1x Show response
tracklings.page.link/
Redirect Chain

http://ghanteau.com/login/link.php?M=4322061&N=126&L=8&F=H
https://tracklings.page.link/gy1x

175 KB
60 KB

152ms
116ms

Document
text/html

2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tracklings.page.link/gy1x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3548a67b95f078743b0a379234dd3b0a96ba6036942fe4badf5013163d944f5d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cFboeZV5KrisrsfHoVUOzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' script-src 'nonce-cFboeZV5KrisrsfHoVUOzg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:method: GET
:authority: tracklings.page.link
:scheme: https
:path: /gy1x
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
content-type: text/html; charset=utf-8
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 15 Feb 2020 07:32:52 GMT
content-security-policy: script-src 'report-sample' 'nonce-cFboeZV5KrisrsfHoVUOzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' script-src 'nonce-cFboeZV5KrisrsfHoVUOzg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

Date: Sat, 15 Feb 2020 07:32:52 GMT
Server: Apache
Location: https://tracklings.page.link/gy1x
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 m=wmwg8b
www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.C-Iey81J3mA.es5.O/ck=boq-devplatform.DurableDeepLinkUi.bzIJU_Lv48o.L.B1.O/am=BA/d=1/exm=_b,_tp/excm=_b,_tp,viewd... 34 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.C-Iey81J3mA.es5.O/ck=boq-devplatform.DurableDeepLinkUi.bzIJU_Lv48o.L.B1.O/am=BA/d=1/exm=_b,_tp/excm=_b,_tp,viewddl/ed=1/wt=2/ct=zgms/rs=ADpVLP57um77TCDzBEMM_ljRj1sT6qsJtw/m=wmwg8b

Requested by

Host:
URL: /_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.C-Iey81J3mA.es5.O/am=BA/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP48pPutu91UJexjOZHa6UdkwhPlAQ/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tracklings.page.link/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 03:03:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16188
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 12687
x-xss-protection: 0
last-modified: Wed, 12 Feb 2020 21:36:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sun, 14 Feb 2021 03:03:04 GMT

GET
H2 200 m=DvZ6Wd
www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.C-Iey81J3mA.es5.O/ck=boq-devplatform.DurableDeepLinkUi.bzIJU_Lv48o.L.B1.O/am=BA/d=1/exm=_b,_tp,wmwg8b/excm=_b,_t... 16 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.C-Iey81J3mA.es5.O/ck=boq-devplatform.DurableDeepLinkUi.bzIJU_Lv48o.L.B1.O/am=BA/d=1/exm=_b,_tp,wmwg8b/excm=_b,_tp,viewddl/ed=1/wt=2/ct=zgms/rs=ADpVLP57um77TCDzBEMM_ljRj1sT6qsJtw/m=DvZ6Wd

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tracklings.page.link/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 03:08:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15848
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5853
x-xss-protection: 0
last-modified: Wed, 12 Feb 2020 21:36:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sun, 14 Feb 2021 03:08:44 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ 10 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: tracklings.page.link
URL: https://tracklings.page.link/gy1x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tracklings.page.link/
Origin: https://tracklings.page.link
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 18:39:24 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:51 GMT
server: sffe
age: 910408
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 10748
x-xss-protection: 0
expires: Wed, 03 Feb 2021 18:39:24 GMT

GET
H/1.1 200 Cookie set 0192b46a-43ab-445c-a099-7b34329398d4 Show response
track.clickstootrack.com/ 820 B
2 KB 117ms
22ms Document
text/html 35.157.125.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.clickstootrack.com/0192b46a-43ab-445c-a099-7b34329398d4
Requested by: Host:
URL: /_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.C-Iey81J3mA.es5.O/am=BA/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP48pPutu91UJexjOZHa6UdkwhPlAQ/m=_b,_tp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.125.133 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-125-133.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3998accbddf1af0d51b056d6743cd06f05252bf1421ac1ac7038c3dd8f15e809

Request headers

Host: track.clickstootrack.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://tracklings.page.link/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Referer: https://tracklings.page.link/

Response headers

Server: nginx
Date: Sat, 15 Feb 2020 07:32:53 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 820
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Set-Cookie: 0192b46a-43ab-445c-a099-7b34329398d4-v4=0192b46a-43ab-445c-a099-7b34329398d4; Max-Age=86400; Expires=Sun, 16-Feb-2020 07:32:53 GMT; Domain=track.clickstootrack.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=%2BAFw%2Fl297ZJ0JonJgNAE%2Fe79xa4R%2FtoYl43pEwZjoKY0sDW3L26wev%2FjzmHA49crzWv%2Fb9lRPl7y%2FZx1WaghgfBxRum0wF%2Bss7Aj4J%2Brg0dSrzvb7YRUrdka3wf9%2Fgt1alvE4pdAl2aFOSgwARsMPg%3D%3D; Max-Age=31536000; Expires=Sun, 14-Feb-2021 07:32:53 GMT; Domain=track.clickstootrack.com; Path=/; Secure; HttpOnly;SameSite=None

GET
H/1.1 200 redirect Show response
track.tracknclicks.com/ 494 B
767 B 88ms
22ms Document
text/html 35.157.125.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.tracknclicks.com/redirect?target=BASE64aHR0cDovL2lhaW1pYS5jb20vP2E9OTgxMSZjPTE5MTUzJnMxPTAxOTJiNDZhLTQzYWItNDQ1Yy1hMDk5LTdiMzQzMjkzOThkNCZzMj13YXJ1aWhxbWk0M3RmdnVzaGE2dmMxZDA&ts=1581751973047&hash=k7Dk7rEAc8J0GQsK3uBdBYbHV9v5aemNUO6lshmyy0g&rm=DJ
Requested by: Host: track.clickstootrack.com
URL: https://track.clickstootrack.com/0192b46a-43ab-445c-a099-7b34329398d4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.125.133 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-125-133.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 97adaf26bca43e68354a68b2e77c0e6e164bfa78ab82c140584ed30e0396dd73

Request headers

Host: track.tracknclicks.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://track.clickstootrack.com/0192b46a-43ab-445c-a099-7b34329398d4
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Referer: https://track.clickstootrack.com/0192b46a-43ab-445c-a099-7b34329398d4

Response headers

Server: nginx
Date: Sat, 15 Feb 2020 07:32:53 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 494
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache

GET
H2

200

Primary Request register Show response
casino.mrgreen.com/fi-FI/pay-n-play/
Redirect Chain

http://iaimia.com/?a=9811&c=19153&s1=0192b46a-43ab-445c-a099-7b34329398d4&s2=waruihqmi43tfvusha6vc1d0
https://ads.mrgreen.com/redirect.aspx?pid=4626947&lpid=3357&bid=5726&subid=18833-477439555&var1=9811
https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726

11 KB
5 KB

304ms
246ms

Document
text/html

104.16.173.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726

Requested by

Host: track.tracknclicks.com
URL: https://track.tracknclicks.com/redirect?target=BASE64aHR0cDovL2lhaW1pYS5jb20vP2E9OTgxMSZjPTE5MTUzJnMxPTAxOTJiNDZhLTQzYWItNDQ1Yy1hMDk5LTdiMzQzMjkzOThkNCZzMj13YXJ1aWhxbWk0M3RmdnVzaGE2dmMxZDA&ts=1581751973047&hash=k7Dk7rEAc8J0GQsK3uBdBYbHV9v5aemNUO6lshmyy0g&rm=DJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.173.213 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9238f848b6c6300d72a959c3e39dcf9575c8d91c24d9542b3b03d19a5ffe539a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .mrgreen.com .casinomodule.com .gameassists.co.uk .gameassists.dk *.netent.com mrgreen-indigo.realsprint.com bmtcw.playngonetwork.com;

Request headers

:method: GET
:authority: casino.mrgreen.com
:scheme: https
:path: /fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: visid_incap_2104320=YejWPQm/TZSw6S7kcAneo6SeR14AAAAAQUIPAAAAAADTagdE0JTx6t6u10u+WL2G; incap_ses_769_2104320=N9CgPhtc+RDKJ5+zjQqsCqSeR14AAAAAG3F4TDx+kwHRk2VJsKneEA==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://track.tracknclicks.com/redirect?target=BASE64aHR0cDovL2lhaW1pYS5jb20vP2E9OTgxMSZjPTE5MTUzJnMxPTAxOTJiNDZhLTQzYWItNDQ1Yy1hMDk5LTdiMzQzMjkzOThkNCZzMj13YXJ1aWhxbWk0M3RmdnVzaGE2dmMxZDA&ts=1581751973047&hash=k7Dk7rEAc8J0GQsK3uBdBYbHV9v5aemNUO6lshmyy0g&rm=DJ

Response headers

status: 200
date: Sat, 15 Feb 2020 07:32:54 GMT
content-type: text/html
set-cookie: __cfduid=d074cb0e6a809c41c2fa7b94848301e041581751973; expires=Mon, 16-Mar-20 07:32:53 GMT; path=/; domain=.mrgreen.com; HttpOnly; SameSite=Lax netref={"netrefId": "3405726", "btag": "E3E5F3435BE54261B46276CEC24EF8FD"}; Max-Age=259200000; Domain=mrgreen.com; Path=/; Secure btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD; Max-Age=2592000; Domain=mrgreen.com; Path=/; Secure locale=fi-fi; Expires=Wed, 09 Jun 2021 10:18:14 GMT; Domain=.mrgreen.com; Path=/; Secure cf_ipcountry=be; Expires=Fri, 01-Jan-2048 00:00:00 GMT; Path=/; Domain=.mrgreen.com; Secure=nil __cf_bm=c52a416767164246c5d51c2c814649fb160284b3-1581751974-1800-ATG+jJaKFv/x1yAp1ApB15hyCNsPAoyvZaEnh9gdapPMgnN6BePdk0eAcaLNAOM5iWqO+vVFiDhhIm9Bj9mZqiA=; path=/; expires=Sat, 15-Feb-20 08:02:54 GMT; domain=.mrgreen.com; HttpOnly; Secure; SameSite=None
cf-ray: 5655972c2c7ebdf5-AMS
cache-control: no-store
last-modified: Thu, 13 Feb 2020 11:37:25 GMT
vary: Accept-Encoding, Accept-Encoding
cf-cache-status: DYNAMIC
cf-work: 1
content-security-policy: frame-ancestors 'self' *.mrgreen.com *.casinomodule.com *.gameassists.co.uk *.gameassists.dk *.netent.com mrgreen-indigo.realsprint.com bmtcw.playngonetwork.com;
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
content-encoding: br

Redirect headers

Cache-Control: private,no-cache, no-store
Pragma: no-cache
Content-Type: text/html
Location: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
Server: Microsoft-IIS/10.0
P3P: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
X-AspNet-Version: 4.0.30319
Set-Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a4626947%2c%22BID%22%3a5726%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1581751973689)%5c%2f%22%2c%22CookieTag%22%3a%22572646269472319120128C2020215732%22%7d%5d; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/ NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%22997548417%7c1%22%7d%5d; expires=Mon, 15-Feb-3019 07:32:53 GMT; path=/ visid_incap_2104320=YejWPQm/TZSw6S7kcAneo6SeR14AAAAAQUIPAAAAAADTagdE0JTx6t6u10u+WL2G; expires=Sat, 13 Feb 2021 10:32:34 GMT; path=/; Domain=.mrgreen.com incap_ses_769_2104320=N9CgPhtc+RDKJ5+zjQqsCqSeR14AAAAAG3F4TDx+kwHRk2VJsKneEA==; path=/; Domain=.mrgreen.com ___utmvmZzuBLVLZ=HsOuJvrzVss; path=/; Max-Age=900 ___utmvaZzuBLVLZ=wFfzVsy; path=/; Max-Age=900 ___utmvbZzuBLVLZ=mZQ XpIOialK: ctV; path=/; Max-Age=900
Request-Context: appId=cid-v1:42ca6b97-b564-4b23-b218-51b9f4f71628
X-Powered-By: ASP.NET
Date: Sat, 15 Feb 2020 07:32:53 GMT
Connection: close
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-CDN: Incapsula
X-Iinfo: 3-45080716-45080717 NNNN CT(9 23 0) RT(1581751972884 24) q(0 0 0 1) r(0 0) U11

GET
H2 200 mrgreen-5774b0a6cb57b8e9b8e3.css
casino.mrgreen.com/ 674 KB
90 KB 49ms
45ms Stylesheet
text/css 104.16.173.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.css

Requested by

Host: casino.mrgreen.com
URL: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.173.213 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79be2677d965005ad0c46c91557b8bf8a5ea15df5e33f0c99c243dec8bf9598e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .mrgreen.com .casinomodule.com .gameassists.co.uk .gameassists.dk *.netent.com mrgreen-indigo.realsprint.com bmtcw.playngonetwork.com;

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Sat, 15 Feb 2020 07:32:54 GMT
content-encoding: br
cf-cache-status: HIT
age: 179610
cf-polished: origSize=690517
status: 200
cf-bgj: minify
last-modified: Thu, 13 Feb 2020 05:32:57 GMT
server: cloudflare
etag: W/"5e44df89-a8955"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self' *.mrgreen.com *.casinomodule.com *.gameassists.co.uk *.gameassists.dk *.netent.com mrgreen-indigo.realsprint.com bmtcw.playngonetwork.com;
cf-ray: 5655972dfdffbdf5-AMS
expires: Tue, 12 Feb 2030 07:32:54 GMT

GET
H2 200 icon
fonts.googleapis.com/ 574 B
480 B 18ms
14ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

09e13bc501877a8383c2661e6fc80187efadbd82ac4d3b0d1ec8a41d8630756c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 15 Feb 2020 07:32:54 GMT
server: ESF
date: Sat, 15 Feb 2020 07:32:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 15 Feb 2020 07:32:54 GMT

GET
H2 200 owl.carousel.min.css
casino.mrgreen.com/assets/ 3 KB
962 B 46ms
43ms Stylesheet
text/css 104.16.173.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casino.mrgreen.com/assets/owl.carousel.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.173.213 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b794f3708960b080c92f863e8936343433d11bcab48cc68a834e970a394c47e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .mrgreen.com .casinomodule.com .gameassists.co.uk .gameassists.dk *.netent.com mrgreen-indigo.realsprint.com bmtcw.playngonetwork.com;

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Sat, 15 Feb 2020 07:32:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 07 Feb 2020 08:41:31 GMT
server: cloudflare
age: 671130
etag: W/"5e3d22bb-acb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self' *.mrgreen.com *.casinomodule.com *.gameassists.co.uk *.gameassists.dk *.netent.com mrgreen-indigo.realsprint.com bmtcw.playngonetwork.com;
cf-ray: 5655972e0e01bdf5-AMS
expires: Tue, 12 Feb 2030 07:32:54 GMT

GET
H2 200 owl.theme.default.css
casino.mrgreen.com/assets/ 902 B
374 B 73ms
70ms Stylesheet
text/css 104.16.173.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casino.mrgreen.com/assets/owl.theme.default.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.173.213 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f609fd574b2094dafab5320518d76c86c11e9f9a79344707151284b63f2a4345

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .mrgreen.com .casinomodule.com .gameassists.co.uk .gameassists.dk *.netent.com mrgreen-indigo.realsprint.com bmtcw.playngonetwork.com;

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Sat, 15 Feb 2020 07:32:54 GMT
content-encoding: br
cf-cache-status: HIT
age: 671130
cf-polished: origSize=1370
status: 200
cf-bgj: minify
last-modified: Fri, 07 Feb 2020 08:41:31 GMT
server: cloudflare
etag: W/"5e3d22bb-55a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self' *.mrgreen.com *.casinomodule.com *.gameassists.co.uk *.gameassists.dk *.netent.com mrgreen-indigo.realsprint.com bmtcw.playngonetwork.com;
cf-ray: 5655972e0e03bdf5-AMS
expires: Tue, 12 Feb 2030 07:32:54 GMT

GET
H2 200 shepherd-theme-default.css
cdnjs.cloudflare.com/ajax/libs/shepherd/1.7.0/css/ 10 KB
1 KB 18ms
15ms Stylesheet
text/css 2606:4700::6811:4104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/shepherd/1.7.0/css/shepherd-theme-default.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c6dae2f5b2db6bf032ef382436f26217d6c6ef495df7c65e41da42262531439

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Sat, 15 Feb 2020 07:32:54 GMT
content-encoding: br
cf-cache-status: HIT
age: 688491
cf-ray: 5655972df8586401-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Thu, 17 May 2018 09:25:36 GMT
server: cloudflare
etag: W/"5afd4a90-2840"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Thu, 04 Feb 2021 07:32:54 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.001

GET
H2 200 ui-carousel.min.css
casino.mrgreen.com/assets/ 14 KB
4 KB 47ms
44ms Stylesheet
text/css 104.16.173.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casino.mrgreen.com/assets/ui-carousel.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.173.213 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

101bd957a425473143d19c448d9edfd1b57b7b2c8cf8936e60fdc5ab57f4d3ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .mrgreen.com .casinomodule.com .gameassists.co.uk .gameassists.dk *.netent.com mrgreen-indigo.realsprint.com bmtcw.playngonetwork.com;

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Sat, 15 Feb 2020 07:32:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 07 Feb 2020 08:41:31 GMT
server: cloudflare
age: 671130
etag: W/"5e3d22bb-397b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self' *.mrgreen.com *.casinomodule.com *.gameassists.co.uk *.gameassists.dk *.netent.com mrgreen-indigo.realsprint.com bmtcw.playngonetwork.com;
cf-ray: 5655972e0e04bdf5-AMS
expires: Tue, 12 Feb 2030 07:32:54 GMT

GET
H2 200 initial-min.css
casino.mrgreen.com/assets/styles/ 631 B
317 B 66ms
64ms Stylesheet
text/css 104.16.173.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casino.mrgreen.com/assets/styles/initial-min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.173.213 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b342d1c193e6af986661b1a4887bac8f97b41fd7ec3305b8a1cd2581dfabedf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .mrgreen.com .casinomodule.com .gameassists.co.uk .gameassists.dk *.netent.com mrgreen-indigo.realsprint.com bmtcw.playngonetwork.com;

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Sat, 15 Feb 2020 07:32:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 07 Feb 2020 08:41:31 GMT
server: cloudflare
age: 671130
etag: W/"5e3d22bb-277"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self' *.mrgreen.com *.casinomodule.com *.gameassists.co.uk *.gameassists.dk *.netent.com mrgreen-indigo.realsprint.com bmtcw.playngonetwork.com;
cf-ray: 5655972e0e06bdf5-AMS
expires: Tue, 12 Feb 2030 07:32:54 GMT

GET
H2 200 manifest-1.6.0-0.0.0-6275.js Show response
casino.mrgreen.com/ 2 KB
1022 B 45ms
43ms Script
application/javascript 104.16.173.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casino.mrgreen.com/manifest-1.6.0-0.0.0-6275.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.173.213 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

150afb142994b186ecc8c2bc3c54c44b6ce6ddf3c16b5a180d8d4bb7405fbfa9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .mrgreen.com .casinomodule.com .gameassists.co.uk .gameassists.dk *.netent.com mrgreen-indigo.realsprint.com bmtcw.playngonetwork.com;

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 07:32:54 GMT
content-encoding: br
cf-cache-status: HIT
age: 157788
cf-polished: origSize=1681
status: 200
cf-bgj: minify
last-modified: Thu, 13 Feb 2020 11:37:25 GMT
server: cloudflare
etag: W/"5e4534f5-691"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self' *.mrgreen.com *.casinomodule.com *.gameassists.co.uk *.gameassists.dk *.netent.com mrgreen-indigo.realsprint.com bmtcw.playngonetwork.com;
cf-ray: 5655972e0e09bdf5-AMS
expires: Tue, 12 Feb 2030 07:32:54 GMT

GET
H2 200 boot-app-382cdfd3dbf072a31cc8.js Show response
casino.mrgreen.com/ 3 KB
1 KB 44ms
43ms Script
application/javascript 104.16.173.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casino.mrgreen.com/boot-app-382cdfd3dbf072a31cc8.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.173.213 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e28cafa9b1379ba4223daefca64a00e6e38977efcd7c946f208608f55ddd7391

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .mrgreen.com .casinomodule.com .gameassists.co.uk .gameassists.dk *.netent.com mrgreen-indigo.realsprint.com bmtcw.playngonetwork.com;

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 07:32:54 GMT
content-encoding: br
cf-cache-status: HIT
age: 179610
cf-polished: origSize=3116
status: 200
cf-bgj: minify
last-modified: Thu, 13 Feb 2020 05:32:57 GMT
server: cloudflare
etag: W/"5e44df89-c2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self' *.mrgreen.com *.casinomodule.com *.gameassists.co.uk *.gameassists.dk *.netent.com mrgreen-indigo.realsprint.com bmtcw.playngonetwork.com;
cf-ray: 5655972e0e0abdf5-AMS
expires: Tue, 12 Feb 2030 07:32:54 GMT

GET
H2 200 mrgreen-vendor-399601f2936009e01643.js Show response
casino.mrgreen.com/ 661 KB
210 KB 43ms
43ms Script
application/javascript 104.16.173.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casino.mrgreen.com/mrgreen-vendor-399601f2936009e01643.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.173.213 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70999698916515deecb4298b055c6e9ed3770f78d1accb441ac7a0d93c6c438e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .mrgreen.com .casinomodule.com .gameassists.co.uk .gameassists.dk *.netent.com mrgreen-indigo.realsprint.com bmtcw.playngonetwork.com;

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 07:32:54 GMT
content-encoding: br
cf-cache-status: HIT
age: 179610
cf-polished: origSize=678807
status: 200
cf-bgj: minify
last-modified: Thu, 13 Feb 2020 05:32:57 GMT
server: cloudflare
etag: W/"5e44df89-a5b97"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self' *.mrgreen.com *.casinomodule.com *.gameassists.co.uk *.gameassists.dk *.netent.com mrgreen-indigo.realsprint.com bmtcw.playngonetwork.com;
cf-ray: 5655972e4e43bdf5-AMS
expires: Tue, 12 Feb 2030 07:32:54 GMT

GET
H2 200 mrgreen-5774b0a6cb57b8e9b8e3.js Show response
casino.mrgreen.com/ 3 MB
732 KB 39ms
38ms Script
application/javascript 104.16.173.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.173.213 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

478938c9b7972c0439eb2d5ef89e121f597dc6f552fa1004fadd481676868328

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .mrgreen.com .casinomodule.com .gameassists.co.uk .gameassists.dk *.netent.com mrgreen-indigo.realsprint.com bmtcw.playngonetwork.com;

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 07:32:54 GMT
content-encoding: br
cf-cache-status: HIT
age: 179610
cf-polished: origSize=2956712
status: 200
cf-bgj: minify
last-modified: Thu, 13 Feb 2020 05:32:57 GMT
server: cloudflare
etag: W/"5e44df89-2d1da8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self' *.mrgreen.com *.casinomodule.com *.gameassists.co.uk *.gameassists.dk *.netent.com mrgreen-indigo.realsprint.com bmtcw.playngonetwork.com;
cf-ray: 5655972e4e47bdf5-AMS
expires: Tue, 12 Feb 2030 07:32:54 GMT

GET
H2 200 logo_mrg.svg
casino.mrgreen.com/assets/images/ 5 KB
2 KB 40ms
38ms Image
image/svg+xml 104.16.173.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://casino.mrgreen.com/assets/images/logo_mrg.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.173.213 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

937d7e36fd286f78955a295bc730360279d85d594795cc4a749329019821c2bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .mrgreen.com .casinomodule.com .gameassists.co.uk .gameassists.dk *.netent.com mrgreen-indigo.realsprint.com bmtcw.playngonetwork.com;

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 07:32:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 07 Feb 2020 08:41:30 GMT
server: cloudflare
age: 671130
etag: W/"5e3d22ba-1538"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self' *.mrgreen.com *.casinomodule.com *.gameassists.co.uk *.gameassists.dk *.netent.com mrgreen-indigo.realsprint.com bmtcw.playngonetwork.com;
cf-ray: 5655972e7e68bdf5-AMS
expires: Tue, 12 Feb 2030 07:32:54 GMT

GET
H2 200 hqvnmsydwjoiztkp.js Show response
casino.mrgreen.com/ 40 KB
12 KB 210ms
208ms Script
application/x-javascript 104.16.173.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://casino.mrgreen.com/hqvnmsydwjoiztkp.js
Requested by: Host: casino.mrgreen.com
URL: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.173.213 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4709a7bd94a993b2cf819e928fed0dd8bf8112bc742c425d1f0e4858f86ff63b

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 07:32:54 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
server: cloudflare
surrogate-control: no-store, bypass-cache
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/x-javascript
status: 200
edge-control: no-store, bypass-cache
cache-control: public, max-age=14400
x-dv: 0
cf-ray: 5655972e7e69bdf5-AMS
expires: Sat, 15 Feb 2020 11:32:54 GMT

GET
H/1.1 200
OK sp.min.js Show response
d21ey8j28ejz92.cloudfront.net/analytics/v1/ 4 KB
5 KB 109ms
21ms Script
application/javascript 143.204.98.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d21ey8j28ejz92.cloudfront.net/analytics/v1/sp.min.js
Requested by: Host: casino.mrgreen.com
URL: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.98.159 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-159.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 873238cb7c631e6b3d0b5ee4083669f6338d803ab9d9d1072f47665bfc64b6bd

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 14 Feb 2020 21:36:51 GMT
Via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
Last-Modified: Sat, 28 Sep 2013 00:48:11 GMT
Server: AmazonS3
Age: 35764
ETag: "84916ce763907b4bd7ef3d1505a53869"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
x-amz-storage-class: REDUCED_REDUNDANCY
Cache-Control: max-age=86400
X-Amz-Cf-Pop: FRA50-C1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4365
X-Amz-Cf-Id: OHjqQa5qEHKew_AgMBW5edltW-h03-KRLogGZCUvEp7tt_b8Aj-p1A==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 3562
date: Sat, 15 Feb 2020 06:33:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Sat, 15 Feb 2020 08:33:32 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 395 KB
55 KB 17ms
15ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TWJJ8L

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3b8e2c2b6c91e0b06a82a4c051c372d50b58f2d21fc51b2d454fdf1415971351

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 07:32:54 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 56529
x-xss-protection: 0
last-modified: Sat, 15 Feb 2020 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 15 Feb 2020 07:32:54 GMT

GET
H2 200 prum.min.js Show response
rum-static.pingdom.net/ 6 KB
3 KB 35ms
15ms Script
application/javascript 2606:4700:10::6814:14ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-static.pingdom.net/prum.min.js
Requested by: Host: casino.mrgreen.com
URL: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:14ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d659b59a4cf40320e19b273395524a19b1a354beceb07e791746aec927465c2

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 07:32:54 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 26 Jun 2019 09:19:43 GMT
server: cloudflare
age: 6382
etag: W/"5d1338af-186f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=43200
cf-ray: 5655972e8bad0eab-FRA
access-control-allow-origin: *

GET
H2 200 config Show response
casino.mrgreen.com/api/v2/ 136 KB
44 KB 717ms
715ms XHR
application/json 104.16.173.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://casino.mrgreen.com/api/v2/config?x-mrg-client-type=web&features=null
Requested by: Host: casino.mrgreen.com
URL: https://casino.mrgreen.com/boot-app-382cdfd3dbf072a31cc8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.173.213 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8d0077faee152ea771a45ad69356c67c7d1cffcf0b1d0725acca76b47e3da5f

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

x-gw-cache: MISS
date: Sat, 15 Feb 2020 07:32:54 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
status: 200
x-mrg-request-id: NGINX-WGW:7325-1581751974.203-1412
cf-work: 1
cf-ray: 5655972e7e70bdf5-AMS

GET
H2 200 css
fonts.googleapis.com/ 7 KB
820 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,100,300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d2622f766d11465b3e1618c39a69bbe3177259eb4cbe6aa68305175613ba5ea8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 15 Feb 2020 07:32:54 GMT
server: ESF
date: Sat, 15 Feb 2020 07:32:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 15 Feb 2020 07:32:54 GMT

GET
H2 200 Montserrat-Regular.otf
casino.mrgreen.com/assets/fonts/montserrat/ 91 KB
92 KB 43ms
42ms Font
application/octet-stream 104.16.173.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casino.mrgreen.com/assets/fonts/montserrat/Montserrat-Regular.otf

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.173.213 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16772fa219f7b40708b8d5779952505fb263c865d29bf8437c1c457b1bc2f7aa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .mrgreen.com .casinomodule.com .gameassists.co.uk .gameassists.dk *.netent.com mrgreen-indigo.realsprint.com bmtcw.playngonetwork.com;

Request headers

Referer: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.css
Origin: https://casino.mrgreen.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 15 Feb 2020 07:32:54 GMT
cf-cache-status: HIT
age: 4778
status: 200
content-length: 93516
last-modified: Thu, 13 Feb 2020 11:37:25 GMT
server: cloudflare
etag: "5e4534f5-16d4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=14400
content-security-policy: frame-ancestors 'self' *.mrgreen.com *.casinomodule.com *.gameassists.co.uk *.gameassists.dk *.netent.com mrgreen-indigo.realsprint.com bmtcw.playngonetwork.com;
accept-ranges: bytes
cf-ray: 5655972ecea1bdf5-AMS
expires: Sat, 15 Feb 2020 11:32:54 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 79 KB
28 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-KTH7SWG&cid=117738703.1581751974

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

36669fabb7f716a13291c6790e0fb27370f628d452a6314cabc8bb56d4f9b78b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 07:32:54 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Cache-Control
content-length: 28230
x-xss-protection: 0
expires: Sat, 15 Feb 2020 07:32:54 GMT

GET
DATA 200
OK truncated
/ 121 B
121 B Image
image/vnd.ms-photo

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/vnd.ms-photo

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 07:09:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1377
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1306
x-xss-protection: 0
expires: Sat, 15 Feb 2020 08:09:57 GMT

GET
H/1.1 200
OK / Show response
api.ipify.org/ 30 B
214 B 433ms
111ms Script
application/javascript 54.204.26.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=jsonp&callback=getIP
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWJJ8L
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.204.26.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-26-223.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: f0370381fdb442e9c30c39f8ed24586688c73b735d72746692ee2c531aca8c96

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sat, 15 Feb 2020 07:32:54 GMT
Via: 1.1 vegur
Server: Cowboy
Connection: keep-alive
Content-Length: 30
Vary: Origin
Content-Type: application/javascript

GET
H2

200

activityi;dc_pre=CO_ZuKSF0-cCFU7DuwgdzN8G3g;src=8460430;type=lp0;cat=landi0;ord=1;num=798411278236;gtm=2wg250;auiddc=911766261.1581751974;u1=FI;u2=registration%20start;u3=undefined;u4=2020-02-15T08...
8460430.fls.doubleclick.net/ Frame 4FC9
Redirect Chain

https://8460430.fls.doubleclick.net/activityi;src=8460430;type=lp0;cat=landi0;ord=1;num=798411278236;gtm=2wg250;auiddc=911766261.1581751974;u1=FI;u2=registration%20start;u3=undefined;u4=2020-02-15T...
https://8460430.fls.doubleclick.net/activityi;dc_pre=CO_ZuKSF0-cCFU7DuwgdzN8G3g;src=8460430;type=lp0;cat=landi0;ord=1;num=798411278236;gtm=2wg250;auiddc=911766261.1581751974;u1=FI;u2=registration%2...

0
0

36ms
36ms

Document
text/html

172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8460430.fls.doubleclick.net/activityi;dc_pre=CO_ZuKSF0-cCFU7DuwgdzN8G3g;src=8460430;type=lp0;cat=landi0;ord=1;num=798411278236;gtm=2wg250;auiddc=911766261.1581751974;u1=FI;u2=registration%20start;u3=undefined;u4=2020-02-15T08%3A32%3A54.270%2B01%3A00;u5=Prospect;u6=undefined;u7=desktop;u8=1581751974274.qd5xcxz;~oref=https%3A%2F%2Fcasino.mrgreen.com%2Ffi-FI%2Fpay-n-play%2Fregister%3Fbtag%3D3405726_E3E5F3435BE54261B46276CEC24EF8FD%26subid%3D18833-477439555%26var1%3D9811%26utm_medium%3Daffiliates%26utm_source%3D3405726?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWJJ8L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f134.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8460430.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CO_ZuKSF0-cCFU7DuwgdzN8G3g;src=8460430;type=lp0;cat=landi0;ord=1;num=798411278236;gtm=2wg250;auiddc=911766261.1581751974;u1=FI;u2=registration%20start;u3=undefined;u4=2020-02-15T08%3A32%3A54.270%2B01%3A00;u5=Prospect;u6=undefined;u7=desktop;u8=1581751974274.qd5xcxz;~oref=https%3A%2F%2Fcasino.mrgreen.com%2Ffi-FI%2Fpay-n-play%2Fregister%3Fbtag%3D3405726_E3E5F3435BE54261B46276CEC24EF8FD%26subid%3D18833-477439555%26var1%3D9811%26utm_medium%3Daffiliates%26utm_source%3D3405726?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: about:blank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Sat, 15 Feb 2020 07:32:54 GMT
expires: Sat, 15 Feb 2020 07:32:54 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 543
x-xss-protection: 0
set-cookie: IDE=AHWqTUkG15wWOHJxQ-ax2gTPFkgFtUUn7__MSm-WB1VcpIvbX1rqBvqyusXSy6Er; expires=Thu, 11-Mar-2021 07:32:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Sat, 15 Feb 2020 07:32:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8460430.fls.doubleclick.net/activityi;dc_pre=CO_ZuKSF0-cCFU7DuwgdzN8G3g;src=8460430;type=lp0;cat=landi0;ord=1;num=798411278236;gtm=2wg250;auiddc=911766261.1581751974;u1=FI;u2=registration%20start;u3=undefined;u4=2020-02-15T08%3A32%3A54.270%2B01%3A00;u5=Prospect;u6=undefined;u7=desktop;u8=1581751974274.qd5xcxz;~oref=https%3A%2F%2Fcasino.mrgreen.com%2Ffi-FI%2Fpay-n-play%2Fregister%3Fbtag%3D3405726_E3E5F3435BE54261B46276CEC24EF8FD%26subid%3D18833-477439555%26var1%3D9811%26utm_medium%3Daffiliates%26utm_source%3D3405726?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 15-Feb-2020 07:47:54 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 NaN_tracker.js Show response
cdn.nanigans.com/ 3 KB
2 KB 84ms
21ms Script
text/javascript 13.224.193.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.nanigans.com/NaN_tracker.js
Requested by: Host: tracklings.page.link
URL: https://tracklings.page.link/gy1x
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.193.220 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-220.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: 4eeef187d488fbf4e55ccf729e43357ab481854fec6b5e0b1650cb64b7bf200d

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 06:44:36 GMT
content-encoding: gzip
age: 2899
x-cache: Hit from cloudfront
status: 200
content-length: 1588
last-modified: Tue, 04 Feb 2020 16:45:26 GMT
server: Apache
etag: "c51-59dc2c44ab580"
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
cache-control: max-age=3600, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: 4BC-240m0FNdnDukZDLIv3244k-h4pQwKXXhccO-9hGlBxQMXeUe-g==

GET
H2 200 / Show response
track.adform.net/serving/scripts/trackpoint/async/ 76 KB
30 KB 105ms
45ms Script
text/javascript 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/scripts/trackpoint/async/

Requested by

Host: tracklings.page.link
URL: https://tracklings.page.link/gy1x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a631e8098179b4b6feaca08bce747cb8b3c53450c3fe30eead2c3f23dd288265

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 07:32:54 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: *
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: public, max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 30712
expires: Sat, 22 Feb 2020 07:32:54 GMT

GET
H2 200 exception Show response
casino.mrgreen.com/api/v2/log/ 4 B
150 B 224ms
224ms XHR
application/json 104.16.173.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://casino.mrgreen.com/api/v2/log/exception?data={%22error%22:%22Uncaught%20ReferenceError:%20brand%20is%20not%20defined%22,%22script%22:%22\%22\%22%22,%22line%22:5,%22column%22:298,%22stackTrace%22:{}}&vertical=casino&errorMessage=%22Uncaught%20ReferenceError:%20brand%20is%20not%20defined%22&client_version=1.6.0-0.0.0-6275
Requested by: Host: casino.mrgreen.com
URL: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.173.213 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
Sec-Fetch-Dest: empty
x-mrg-client-type: web
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 15 Feb 2020 07:32:54 GMT
content-encoding: br
cf-cache-status: DYNAMIC
content-md5: Wzq/nBqnVWw6Nv6k5pXF0g==
cf-work: 1
status: 200
request-id: abd056a1-09e8-4658-8d7e-36aefbe6aac6
access-control-allow-headers: Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, Api-Version, Response-Time
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Api-Version, Request-Id, Response-Time
cf-ray: 5655972f5f14bdf5-AMS
response-time: 2

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 90 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 track Show response
casino.mrgreen.com/api/v2/log/ 0
77 B 229ms
228ms XHR
text/plain 104.16.173.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://casino.mrgreen.com/api/v2/log/track?data=%7B%22e%22%3A%22UCPM%22%2C%22t%22%3A%222020-02-15T07%3A32%3A54.303Z%22%2C%22kv%22%3A%7B%22category%22%3A%22first-paint%22%2C%22value%22%3A972%2C%22client_version%22%3A%221.6.0-0.0.0-6275%22%2C%22client_type%22%3A%22web%22%2C%22origin%22%3A%22https%3A%2F%2Fcasino.mrgreen.com%2Ffi-FI%2Fpay-n-play%2Fregister%3Fbtag%3D3405726_E3E5F3435BE54261B46276CEC24EF8FD%26subid%3D18833-477439555%26var1%3D9811%26utm_medium%3Daffiliates%26utm_source%3D3405726%22%2C%22country%22%3A%22none%22%2C%22id%22%3A%22346e9e39-3f5e-4643-8869-ea53a667c70a%22%7D%7D
Requested by: Host: d21ey8j28ejz92.cloudfront.net
URL: https://d21ey8j28ejz92.cloudfront.net/analytics/v1/sp.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.173.213 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

date: Sat, 15 Feb 2020 07:32:54 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-origin: *
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
response-time: 1
access-control-expose-headers: Api-Version, Request-Id, Response-Time
cf-work: 1
request-id: f178ec02-05b8-4b9c-af74-715e42808c96
cf-ray: 5655972f7f41bdf5-AMS
access-control-allow-headers: Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, Api-Version, Response-Time

GET
H2 200 track Show response
casino.mrgreen.com/api/v2/log/ 0
77 B 214ms
213ms XHR
text/plain 104.16.173.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://casino.mrgreen.com/api/v2/log/track?data=%7B%22e%22%3A%22UCPM%22%2C%22t%22%3A%222020-02-15T07%3A32%3A54.303Z%22%2C%22kv%22%3A%7B%22category%22%3A%22first-contentful-paint%22%2C%22value%22%3A972%2C%22client_version%22%3A%221.6.0-0.0.0-6275%22%2C%22client_type%22%3A%22web%22%2C%22origin%22%3A%22https%3A%2F%2Fcasino.mrgreen.com%2Ffi-FI%2Fpay-n-play%2Fregister%3Fbtag%3D3405726_E3E5F3435BE54261B46276CEC24EF8FD%26subid%3D18833-477439555%26var1%3D9811%26utm_medium%3Daffiliates%26utm_source%3D3405726%22%2C%22country%22%3A%22none%22%2C%22id%22%3A%22346e9e39-3f5e-4643-8869-ea53a667c70a%22%7D%7D
Requested by: Host: d21ey8j28ejz92.cloudfront.net
URL: https://d21ey8j28ejz92.cloudfront.net/analytics/v1/sp.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.173.213 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

date: Sat, 15 Feb 2020 07:32:54 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-origin: *
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
response-time: 1
access-control-expose-headers: Api-Version, Request-Id, Response-Time
cf-work: 1
request-id: 1949bc3b-123d-48b5-95f0-5b21e42f2042
cf-ray: 5655972f7f42bdf5-AMS
access-control-allow-headers: Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, Api-Version, Response-Time

GET
H2 200 track Show response
casino.mrgreen.com/api/v2/log/ 0
299 B 204ms
204ms XHR
text/plain 104.16.173.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://casino.mrgreen.com/api/v2/log/track?data=%7B%22e%22%3A%22pageview%22%2C%22t%22%3A%222020-02-15T07%3A32%3A54.304Z%22%2C%22kv%22%3A%7B%22name%22%3A%22%22%2C%22referrer%22%3A%22%22%2C%22id%22%3A%22346e9e39-3f5e-4643-8869-ea53a667c70a%22%7D%7D
Requested by: Host: d21ey8j28ejz92.cloudfront.net
URL: https://d21ey8j28ejz92.cloudfront.net/analytics/v1/sp.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.173.213 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

date: Sat, 15 Feb 2020 07:32:54 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-origin: *
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
response-time: 1
access-control-expose-headers: Api-Version, Request-Id, Response-Time
cf-work: 1
request-id: 39152521-b7cf-4a75-b41e-c128b8b94eaf
cf-ray: 5655972f7f44bdf5-AMS
access-control-allow-headers: Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, Api-Version, Response-Time

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=805261595&t=pageview&_s=1&dl=https%3A%2F%2Fcasino.mrgreen.com%2Ffi-FI%2Fpay-n-play%2Fregister%3Fbtag%3D3405726_E3E5F3435BE54261B46276CEC24EF8...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-63985451-3&cid=707240293.1581751974&jid=246400241&_gid=1544268481.1581751974&gjid=37542578&_v=j81&z=1585909276
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63985451-3&cid=707240293.1581751974&jid=246400241&_v=j81&z=1585909276
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63985451-3&cid=707240293.1581751974&jid=246400241&_v=j81&z=1585909276&slf_rd=1&random=520009004

42 B
109 B

17ms
17ms

Image
image/gif

2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63985451-3&cid=707240293.1581751974&jid=246400241&_v=j81&z=1585909276&slf_rd=1&random=520009004

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 07:32:54 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Feb 2020 07:32:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63985451-3&cid=707240293.1581751974&jid=246400241&_v=j81&z=1585909276&slf_rd=1&random=520009004
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
101 B 7ms
6ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=805261595&t=timing&_s=1&dl=https%3A%2F%2Fcasino.mrgreen.com%2Ffi-FI%2Fpay-n-play%2Fregister%3Fbtag%3D3405726_E3E5F3435BE54261B46276CEC24EF8FD%26subid%3D18833-477439555%26var1%3D9811%26utm_medium%3Daffiliates%26utm_source%3D3405726&dp=%2Ffi-FI%2Fpay-n-play%2Fregister&ul=en-us&de=UTF-8&dt=&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=Content%20view&utv=Content%20View&utt=1089&_u=aGDACEALR~&jid=&gjid=&cid=707240293.1581751974&tid=UA-63985451-3&_gid=1544268481.1581751974&gtm=2wg250TWJJ8L&cd5=FI&cd7=2020-02-15T08%3A32%3A54.268%2B01%3A00&cd42=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&cd46=undefined&z=2106103861

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sat, 01 Feb 2020 08:35:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1205874
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK event.php Show response
api.nanigans.com/ 0
658 B 102ms
24ms Script
text/javascript 185.10.228.82
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://api.nanigans.com/event.php?app_id=82356&user_id=undefined&type=visit&name=site_visit&nan_hash=a89b6fd4JZTHABWA1581751974450&nan_fp=aaa8e20b3fe00a2fa57040e098a3c710&nan_fmt=js

Requested by

Host: cdn.nanigans.com
URL: https://cdn.nanigans.com/NaN_tracker.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.10.228.82 , Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

52.e4.0ab9.ip4.static.sl-reverse.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Sat, 15 Feb 2020 07:32:54 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, must-revalidate, no-store, post-check=0, pre-check=0
Content-Type: text/javascript;charset=UTF-8
Content-Length: 20
X-XSS-Protection: 1; mode=block
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ 18 KB
9 KB 32ms
32ms Script
text/javascript 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?pm=933591&ADFPageName=Visits%20Mr%20Green%20Global&ADFdivider=%7C&ord=100958819319&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fcasino.mrgreen.com%2Ffi-FI%2Fpay-n-play%2Fregister%3Fbtag%3D3405726_E3E5F3435BE54261B46276CEC24EF8FD%26

Requested by

Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

efdb4a742e3e7a34ca0d3f1a05b354c0a24eba9d9bff25b5fdcc48d3307685df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 07:32:54 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: *
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 8885
expires: -1

GET
H2 200 collect
www.google-analytics.com/ 35 B
96 B 6ms
5ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=805261595&t=event&ni=1&_s=1&dl=https%3A%2F%2Fcasino.mrgreen.com%2Ffi-FI%2Fpay-n-play%2Fregister%3Fbtag%3D3405726_E3E5F3435BE54261B46276CEC24EF8FD%26subid%3D18833-477439555%26var1%3D9811%26utm_medium%3Daffiliates%26utm_source%3D3405726&dp=%2Ffi-FI%2Fpay-n-play%2Fregister&ul=en-us&de=UTF-8&dt=&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Customer%20status&ea=Customer%20status&el=Prospect&_u=aGDACEALR~&jid=&gjid=&cid=707240293.1581751974&tid=UA-63985451-3&_gid=1544268481.1581751974&gtm=2wg250TWJJ8L&cd24=&cd42=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&cd46=undefined&cd41=Prospect&z=516096244

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sat, 01 Feb 2020 08:35:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1205874
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 hqvnmsydwjoiztkp.js Show response
casino.mrgreen.com/ 0
557 B 255ms
255ms XHR
application/x-javascript 104.16.173.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://casino.mrgreen.com/hqvnmsydwjoiztkp.js?PID=703F990A-AE82-3F22-B757-CCC6761BE1C4
Requested by: Host: casino.mrgreen.com
URL: https://casino.mrgreen.com/hqvnmsydwjoiztkp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.173.213 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
Origin: https://casino.mrgreen.com
Sec-Fetch-Dest: empty
X-Distil-Ajax: cffcssybwdwvdvbcsacxtw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 15 Feb 2020 07:32:54 GMT
cf-cache-status: DYNAMIC
x-uid: 0D555CE3-976B-39C2-8BF1-C83E5B73123B
surrogate-control: no-store, bypass-cache
status: 200
edge-control: no-store, bypass-cache
x-ju: /hqvnmsydwjoiztkp.js
content-length: 0
x-ah: cffcssybwdwvdvbcsacxtw
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: private, no-cache, no-store, must-revalidate
x-dv: 0
accept-ranges: bytes
cf-ray: 5655973138b4bdf5-AMS
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 / Show response
track.adform.net/wpf/v2/.ta44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dFqwomevLNDrhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7s... 122 B
701 B 36ms
35ms Script
text/javascript 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/wpf/v2/.ta44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dFqwomevLNDrhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt3Q9cUVlOrXTAxw63UYOKES5jfzmkflFflczl998tp7ppfAaZ6m1CdC5MQjGejuTDRNziCvTDfWocQTPOKSfB6QqgXK_Pmtd0UbUV8afuyPBCI8ZzYbeQovUDSySI6KUMnGWpwoNSUC56MnGWVQdg3ZLQ0ISHmaAq_114Cmr.S9RdPQSzOy_Aw7UTlf_01kKHoNv_CU.0Y.KI1YXaDK1e6SzKzoEn0y85icCmVWN9e4WX3NlY5DtTklY5B5Rhj.JNldj1DxqAeL9.gJ0Nc1lF4XVA4.L9.KNc0FAKXV4JhL90ftctDL90ftctDL9.J1pNc0FAKXV4jMk.6yR/serving/trackpoint/?pm=933591&ADFPageName=Visits+Mr+Green+Global&ADFdivider=%7c&ord=100958819319&Set1=en-US%7cen-US%7c1600x1200%7c24&ADFtpmode=2&loc=https%3a%2f%2fcasino.mrgreen.com%2ffi-FI%2fpay-n-play%2fregister%3fbtag%3d3405726_E3E5F3435BE54261B46276CEC24EF8FD%26&catdt=0

Requested by

Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

eeff5a60635d1fd4da4d25fe88138d4988bc7adde2d4e506f1b47aa710002568

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 07:32:54 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: *
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 194
expires: -1

GET
H/1.1 200
OK beacon.gif Show response
rum-collector-2.pingdom.net/img/ 0
213 B 181ms
41ms XHR
text/plain 52.215.241.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-collector-2.pingdom.net/img/beacon.gif?id=58467f90724e3a484ad0f92d&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=554&cE=600&dLE=554&dLS=544&fS=541&hS=568&rE=-1&rS=-1&reS=600&resS=846&resE=847&uEE=-1&uES=-1&dL=877&dI=968&dCLES=1268&dCLEE=1268&dC=1531&lES=1531&lEE=1534&s=nt&title=&path=https%3A%2F%2Fcasino.mrgreen.com%2Ffi-FI%2Fpay-n-play%2Fregister&ref=&sId=i5aqioal&sST=1581751974&sIS=1&rV=0&v=1.4.0
Requested by: Host: rum-static.pingdom.net
URL: https://rum-static.pingdom.net/prum.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.241.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-241-11.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
Origin: https://casino.mrgreen.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Sat, 15 Feb 2020 07:32:54 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H2 200 track Show response
casino.mrgreen.com/api/v2/log/ 0
112 B 86ms
85ms XHR
text/plain 104.16.173.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://casino.mrgreen.com/api/v2/log/track?data=%7B%22e%22%3A%22visit%22%2C%22t%22%3A%222020-02-15T07%3A32%3A55.300Z%22%2C%22kv%22%3A%7B%22returning_customer%22%3Afalse%2C%22category%22%3A%22uncategorized%22%2C%22client_version%22%3A%221.6.0-0.0.0-6275%22%2C%22client_type%22%3A%22web%22%2C%22client_width%22%3A1600%2C%22client_height%22%3A1200%2C%22device_category%22%3A%22desktop%22%2C%22culture_code%22%3A%22fi-FI%22%2C%22affiliate_id%22%3A%223405726%22%2C%22id%22%3A%22346e9e39-3f5e-4643-8869-ea53a667c70a%22%7D%7D
Requested by: Host: d21ey8j28ejz92.cloudfront.net
URL: https://d21ey8j28ejz92.cloudfront.net/analytics/v1/sp.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.173.213 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
Sec-Fetch-Dest: empty
X-Distil-Ajax: cffcssybwdwvdvbcsacxtw

Response headers

date: Sat, 15 Feb 2020 07:32:55 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-origin: *
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
response-time: 1
access-control-expose-headers: Api-Version, Request-Id, Response-Time
cf-work: 1
request-id: 74c2bb40-4e82-4c1a-a434-6df71956fa75
cf-ray: 56559735ac91bdf5-AMS
access-control-allow-headers: Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, Api-Version, Response-Time

POST
H2 200 track
casino.mrgreen.com/api/v2/log/ 0
0 232ms
231ms Fetch 104.16.173.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://casino.mrgreen.com/api/v2/log/track
Requested by: Host: casino.mrgreen.com
URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.173.213 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
Origin: https://casino.mrgreen.com
Sec-Fetch-Dest: empty
VISIT_ID_HEADER_NAME: 619dbae0-4fc5-11ea-8195-0ffac47968ba
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 15 Feb 2020 07:32:55 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-origin: https://casino.mrgreen.com
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
response-time: 2
access-control-expose-headers: api-version, content-length, content-md5, content-type, date, request-id, response-time
cf-work: 1
request-id: 05e5ee00-7d42-4e69-b8f2-acaffedc7305
cf-ray: 56559735bca1bdf5-AMS
access-control-allow-headers: Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, Api-Version, Response-Time

HEAD
H2 200 ping Show response
casino.mrgreen.com/api/v2/config/ 0
37 B 88ms
87ms XHR
application/json 104.16.173.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://casino.mrgreen.com/api/v2/config/ping
Requested by: Host: casino.mrgreen.com
URL: https://casino.mrgreen.com/mrgreen-vendor-399601f2936009e01643.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.173.213 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

x-mrg-request-id: 619d93d0-4fc5-11ea-8195-0ffac47968ba
x-mrg-client-version: 1.6.0-0.0.0-6275
x-mrg-jurisdiction: MGA
Accept: application/json, text/plain, */*
Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
Sec-Fetch-Dest: empty
x-mrg-culture-code: fi-fi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
x-mrg-client-type: web
X-Distil-Ajax: cffcssybwdwvdvbcsacxtw
x-mrg-visit-id: 619dbae0-4fc5-11ea-8195-0ffac47968ba

Response headers

x-gw-cache: MISS
date: Sat, 15 Feb 2020 07:32:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
status: 200
cf-work: 1
cf-ray: 56559735cca4bdf5-AMS

GET
H2 404 undefined Show response
casino.mrgreen.com/api/v2/promotions/INT/fi-FI/ 2 B
90 B 1260ms
1259ms XHR
application/json 104.16.173.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://casino.mrgreen.com/api/v2/promotions/INT/fi-FI/undefined
Requested by: Host: casino.mrgreen.com
URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.173.213 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126

Request headers

x-mrg-device-session: 346e9e39-3f5e-4643-8869-ea53a667c70a
x-mrg-request-id: 619fb6b0-4fc5-11ea-8195-0ffac47968ba
x-mrg-client-version: 1.6.0-0.0.0-6275
x-mrg-jurisdiction: MGA
Accept: application/json, text/plain, */*
Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
Sec-Fetch-Dest: empty
x-mrg-culture-code: fi-fi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
x-mrg-client-type: web
X-Distil-Ajax: cffcssybwdwvdvbcsacxtw
x-mrg-visit-id: 619dbae0-4fc5-11ea-8195-0ffac47968ba

Response headers

date: Sat, 15 Feb 2020 07:32:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
status: 404
x-mrg-request-id: 619fb6b0-4fc5-11ea-8195-0ffac47968ba
cf-work: 1
cf-ray: 56559735dcbbbdf5-AMS

GET
H2 200 track Show response
casino.mrgreen.com/api/v2/log/ 0
78 B 84ms
84ms XHR
text/plain 104.16.173.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://casino.mrgreen.com/api/v2/log/track?data=%7B%22e%22%3A%22pageview%22%2C%22t%22%3A%222020-02-15T07%3A32%3A55.326Z%22%2C%22kv%22%3A%7B%22url%22%3A%22%2Ffi-FI%2Fpay-n-play%2Fregister%3Fbtag%3D3405726_E3E5F3435BE54261B46276CEC24EF8FD%26subid%3D18833-477439555%26var1%3D9811%26utm_medium%3Daffiliates%26utm_source%3D3405726%22%2C%22name%22%3A%22Mr%20Green%20Casino%22%2C%22referrer%22%3A%22%22%2C%22id%22%3A%22346e9e39-3f5e-4643-8869-ea53a667c70a%22%7D%7D
Requested by: Host: casino.mrgreen.com
URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.173.213 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
Sec-Fetch-Dest: empty
X-Distil-Ajax: cffcssybwdwvdvbcsacxtw

Response headers

date: Sat, 15 Feb 2020 07:32:55 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-origin: *
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
response-time: 1
access-control-expose-headers: Api-Version, Request-Id, Response-Time
cf-work: 1
request-id: 6905b685-5b1a-4897-ab01-2bcbd685c26e
cf-ray: 56559735dcbdbdf5-AMS
access-control-allow-headers: Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, Api-Version, Response-Time

POST
H2 200 track Show response
casino.mrgreen.com/api/v2/log/ 0
80 B 213ms
213ms XHR
text/plain 104.16.173.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://casino.mrgreen.com/api/v2/log/track
Requested by: Host: casino.mrgreen.com
URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.173.213 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

x-mrg-device-session: 346e9e39-3f5e-4643-8869-ea53a667c70a
x-mrg-request-id: 61a44a90-4fc5-11ea-8195-0ffac47968ba
Origin: https://casino.mrgreen.com
x-mrg-client-version: 1.6.0-0.0.0-6275
x-mrg-jurisdiction: MGA
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
Sec-Fetch-Dest: empty
x-mrg-culture-code: fi-fi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
x-mrg-client-type: web
X-Distil-Ajax: cffcssybwdwvdvbcsacxtw
x-mrg-visit-id: 619dbae0-4fc5-11ea-8195-0ffac47968ba

Response headers

date: Sat, 15 Feb 2020 07:32:55 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-origin: https://casino.mrgreen.com
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
response-time: 1
access-control-expose-headers: api-version, content-length, content-md5, content-type, date, request-id, response-time
cf-work: 1
request-id: fcea8471-8ab6-4556-941c-401d287068f1
cf-ray: 565597360cdfbdf5-AMS
access-control-allow-headers: Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, Api-Version, Response-Time

GET
H2 200 casino Show response
casino.mrgreen.com/api/v2/menu/INT/fi-FI/web/ 21 KB
3 KB 215ms
215ms XHR
application/json 104.16.173.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://casino.mrgreen.com/api/v2/menu/INT/fi-FI/web/casino
Requested by: Host: casino.mrgreen.com
URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.173.213 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 421b4483b5b98807777d85643c26b05ec89df824ad66a08eeefc07209fe31cf4

Request headers

x-mrg-device-session: 346e9e39-3f5e-4643-8869-ea53a667c70a
x-mrg-request-id: 61a84230-4fc5-11ea-8195-0ffac47968ba
x-mrg-client-version: 1.6.0-0.0.0-6275
x-mrg-jurisdiction: MGA
Accept: application/json, text/plain, */*
Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
Sec-Fetch-Dest: empty
x-mrg-culture-code: fi-fi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
x-mrg-client-type: web
X-Distil-Ajax: cffcssybwdwvdvbcsacxtw
x-mrg-visit-id: 619dbae0-4fc5-11ea-8195-0ffac47968ba

Response headers

date: Sat, 15 Feb 2020 07:32:55 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
status: 200
cache-control: public, max-age=300
cf-work: 1
cf-ray: 565597362cfabdf5-AMS
expires: Sat, 15 Feb 2020 07:37:55 GMT

GET
H2 200 track Show response
casino.mrgreen.com/api/v2/log/ 0
77 B 216ms
215ms XHR
text/plain 104.16.173.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://casino.mrgreen.com/api/v2/log/track?data=%7B%22e%22%3A%22pageview%22%2C%22t%22%3A%222020-02-15T07%3A32%3A55.382Z%22%2C%22kv%22%3A%7B%22url%22%3A%22%2Ffi-FI%2Fpay-n-play%2Fregister%3Fbtag%3D3405726_E3E5F3435BE54261B46276CEC24EF8FD%26subid%3D18833-477439555%26var1%3D9811%26utm_medium%3Daffiliates%26utm_source%3D3405726%22%2C%22name%22%3A%22Mr%20Green%20Casino%22%2C%22referrer%22%3A%22%22%2C%22id%22%3A%22346e9e39-3f5e-4643-8869-ea53a667c70a%22%7D%7D
Requested by: Host: casino.mrgreen.com
URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.173.213 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
Sec-Fetch-Dest: empty
X-Distil-Ajax: cffcssybwdwvdvbcsacxtw

Response headers

date: Sat, 15 Feb 2020 07:32:55 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-origin: *
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
response-time: 1
access-control-expose-headers: Api-Version, Request-Id, Response-Time
cf-work: 1
request-id: 0cfa3fd3-6250-48cc-bfca-65d37d5430b6
cf-ray: 565597363d01bdf5-AMS
access-control-allow-headers: Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, Api-Version, Response-Time

GET
H2 200 Montserrat-Light.otf
casino.mrgreen.com/assets/fonts/montserrat/ 89 KB
90 KB 40ms
40ms Font
application/octet-stream 104.16.173.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casino.mrgreen.com/assets/fonts/montserrat/Montserrat-Light.otf

Requested by

Host: casino.mrgreen.com
URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.173.213 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5511f3787e0d32d6f818fe312032d721efee8ef2b6a9240dd4689fe47d85484c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .mrgreen.com .casinomodule.com .gameassists.co.uk .gameassists.dk *.netent.com mrgreen-indigo.realsprint.com bmtcw.playngonetwork.com;

Request headers

Referer: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.css
Origin: https://casino.mrgreen.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 15 Feb 2020 07:32:55 GMT
cf-cache-status: HIT
age: 3981
status: 200
content-length: 91496
last-modified: Thu, 13 Feb 2020 11:37:25 GMT
server: cloudflare
etag: "5e4534f5-16568"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=14400
content-security-policy: frame-ancestors 'self' *.mrgreen.com *.casinomodule.com *.gameassists.co.uk *.gameassists.dk *.netent.com mrgreen-indigo.realsprint.com bmtcw.playngonetwork.com;
accept-ranges: bytes
cf-ray: 565597363d0fbdf5-AMS
expires: Sat, 15 Feb 2020 11:32:55 GMT

GET
H2 200 Montserrat-Medium.otf
casino.mrgreen.com/assets/fonts/montserrat/ 91 KB
92 KB 38ms
37ms Font
application/octet-stream 104.16.173.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://casino.mrgreen.com/assets/fonts/montserrat/Montserrat-Medium.otf

Requested by

Host: casino.mrgreen.com
URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.173.213 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29da9041677010d26c8ed22919256491814216e0af63978305d6cbd9aae18c67

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .mrgreen.com .casinomodule.com .gameassists.co.uk .gameassists.dk *.netent.com mrgreen-indigo.realsprint.com bmtcw.playngonetwork.com;

Request headers

Referer: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.css
Origin: https://casino.mrgreen.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 15 Feb 2020 07:32:55 GMT
cf-cache-status: HIT
age: 1881
status: 200
content-length: 93256
last-modified: Thu, 13 Feb 2020 11:37:25 GMT
server: cloudflare
etag: "5e4534f5-16c48"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=14400
content-security-policy: frame-ancestors 'self' *.mrgreen.com *.casinomodule.com *.gameassists.co.uk *.gameassists.dk *.netent.com mrgreen-indigo.realsprint.com bmtcw.playngonetwork.com;
accept-ranges: bytes
cf-ray: 565597363d11bdf5-AMS
expires: Sat, 15 Feb 2020 11:32:55 GMT

POST
H2 200 track Show response
casino.mrgreen.com/api/v2/log/ 0
101 B 242ms
242ms XHR
text/plain 104.16.173.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://casino.mrgreen.com/api/v2/log/track
Requested by: Host: casino.mrgreen.com
URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.173.213 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

x-mrg-device-session: 346e9e39-3f5e-4643-8869-ea53a667c70a
x-mrg-request-id: 61abebb0-4fc5-11ea-8195-0ffac47968ba
Origin: https://casino.mrgreen.com
x-mrg-client-version: 1.6.0-0.0.0-6275
x-mrg-jurisdiction: MGA
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
Sec-Fetch-Dest: empty
x-mrg-culture-code: fi-fi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
x-mrg-client-type: web
X-Distil-Ajax: cffcssybwdwvdvbcsacxtw
x-mrg-visit-id: 619dbae0-4fc5-11ea-8195-0ffac47968ba

Response headers

date: Sat, 15 Feb 2020 07:32:55 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-origin: https://casino.mrgreen.com
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
response-time: 2
access-control-expose-headers: api-version, content-length, content-md5, content-type, date, request-id, response-time
cf-work: 1
request-id: 3ff6de39-ba26-4a91-bd7c-3e2a1652b4ad
cf-ray: 565597365d2bbdf5-AMS
access-control-allow-headers: Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, Api-Version, Response-Time

GET
H2 200 / Show response
track.adform.net/serving/scripts/trackpoint/async/ 76 KB
30 KB 49ms
48ms Script
text/javascript 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/scripts/trackpoint/async/

Requested by

Host: tracklings.page.link
URL: https://tracklings.page.link/gy1x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a631e8098179b4b6feaca08bce747cb8b3c53450c3fe30eead2c3f23dd288265

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register/welcome-offer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 07:32:55 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: *
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: public, max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 30712
expires: Sat, 22 Feb 2020 07:32:55 GMT

GET
H2 200 exception Show response
casino.mrgreen.com/api/v2/log/ 4 B
132 B 231ms
231ms XHR
application/json 104.16.173.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://casino.mrgreen.com/api/v2/log/exception?data={%22error%22:%22Uncaught%20ReferenceError:%20brand%20is%20not%20defined%22,%22script%22:%22\%22\%22%22,%22line%22:5,%22column%22:298,%22stackTrace%22:{}}&vertical=casino&errorMessage=%22Uncaught%20ReferenceError:%20brand%20is%20not%20defined%22&client_version=1.6.0-0.0.0-6275
Requested by: Host: casino.mrgreen.com
URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.173.213 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register/welcome-offer
Sec-Fetch-Dest: empty
X-Distil-Ajax: cffcssybwdwvdvbcsacxtw
x-mrg-client-type: web
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 15 Feb 2020 07:32:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
content-md5: Wzq/nBqnVWw6Nv6k5pXF0g==
cf-work: 1
status: 200
request-id: 51f11a1a-94da-438b-ab8a-9a1ca2f3d2cf
access-control-allow-headers: Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, Api-Version, Response-Time
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Api-Version, Request-Id, Response-Time
cf-ray: 56559736bd97bdf5-AMS
response-time: 1

GET
H2 200 paymentlogos Show response
casino.mrgreen.com/api/v2/paymentinfo/INT/fi-FI/ 509 B
303 B 226ms
226ms XHR
application/json 104.16.173.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://casino.mrgreen.com/api/v2/paymentinfo/INT/fi-FI/paymentlogos
Requested by: Host: casino.mrgreen.com
URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.173.213 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f1098b31d11dd9734b587d44a492795c8420a7806f3a374248db940a8bad527

Request headers

x-mrg-device-session: 346e9e39-3f5e-4643-8869-ea53a667c70a
x-mrg-request-id: 61b5afb0-4fc5-11ea-8195-0ffac47968ba
x-mrg-client-version: 1.6.0-0.0.0-6275
x-mrg-jurisdiction: MGA
Accept: application/json, text/plain, */*
Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register/welcome-offer
Sec-Fetch-Dest: empty
x-mrg-culture-code: fi-fi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
x-mrg-client-type: web
X-Distil-Ajax: cffcssybwdwvdvbcsacxtw
x-mrg-visit-id: 619dbae0-4fc5-11ea-8195-0ffac47968ba

Response headers

date: Sat, 15 Feb 2020 07:32:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
status: 200
x-mrg-request-id: 61b5afb0-4fc5-11ea-8195-0ffac47968ba
cf-work: 1
cf-ray: 56559736bd9ebdf5-AMS

GET
H2 200 license Show response
casino.mrgreen.com/api/v2/content/INT/fi-FI/pages/ 1 KB
801 B 771ms
771ms XHR
application/json 104.16.173.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://casino.mrgreen.com/api/v2/content/INT/fi-FI/pages/license
Requested by: Host: casino.mrgreen.com
URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.173.213 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15110ef72cff2a6e1982b01a951a0a4938e5a7aee59599f965c3b0390058fb25

Request headers

x-mrg-device-session: 346e9e39-3f5e-4643-8869-ea53a667c70a
x-mrg-request-id: 61b5afb1-4fc5-11ea-8195-0ffac47968ba
x-mrg-client-version: 1.6.0-0.0.0-6275
x-mrg-jurisdiction: MGA
Accept: application/json, text/plain, */*
Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register/welcome-offer
Sec-Fetch-Dest: empty
x-mrg-culture-code: fi-fi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
x-mrg-client-type: web
X-Distil-Ajax: cffcssybwdwvdvbcsacxtw
x-mrg-visit-id: 619dbae0-4fc5-11ea-8195-0ffac47968ba

Response headers

date: Sat, 15 Feb 2020 07:32:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
status: 200
x-mrg-request-id: 61b5afb1-4fc5-11ea-8195-0ffac47968ba
cf-work: 1
cf-ray: 56559736bd9fbdf5-AMS

GET
H2 200 support Show response
casino.mrgreen.com/api/v2/content/INT/fi-FI/pages/ 385 B
323 B 778ms
778ms XHR
application/json 104.16.173.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://casino.mrgreen.com/api/v2/content/INT/fi-FI/pages/support
Requested by: Host: casino.mrgreen.com
URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.173.213 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c19488ef4223e720f3274b43c3d8cdf782b31de83e8b57457faf71a6232b889b

Request headers

x-mrg-device-session: 346e9e39-3f5e-4643-8869-ea53a667c70a
x-mrg-request-id: 61b5afb2-4fc5-11ea-8195-0ffac47968ba
x-mrg-client-version: 1.6.0-0.0.0-6275
x-mrg-jurisdiction: MGA
Accept: application/json, text/plain, */*
Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register/welcome-offer
Sec-Fetch-Dest: empty
x-mrg-culture-code: fi-fi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
x-mrg-client-type: web
X-Distil-Ajax: cffcssybwdwvdvbcsacxtw
x-mrg-visit-id: 619dbae0-4fc5-11ea-8195-0ffac47968ba

Response headers

date: Sat, 15 Feb 2020 07:32:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
status: 200
x-mrg-request-id: 61b5afb2-4fc5-11ea-8195-0ffac47968ba
cf-work: 1
cf-ray: 56559736bda0bdf5-AMS

GET
H2 200 track Show response
casino.mrgreen.com/api/v2/log/ 0
109 B 108ms
108ms XHR
text/plain 104.16.173.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://casino.mrgreen.com/api/v2/log/track?data=%7B%22e%22%3A%22registration%3Aattempt%22%2C%22t%22%3A%222020-02-15T07%3A32%3A55.476Z%22%2C%22kv%22%3A%7B%22eventCategory%22%3A%22registration%22%2C%22cultureCode%22%3A%22fi-FI%22%2C%22deviceCategory%22%3A%22desktop%22%2C%22eventLabel%22%3A%22PayNPlay%22%2C%22category%22%3A%22uncategorized%22%2C%22client_version%22%3A%221.6.0-0.0.0-6275%22%2C%22client_type%22%3A%22web%22%2C%22client_width%22%3A1600%2C%22client_height%22%3A1200%2C%22device_category%22%3A%22desktop%22%2C%22culture_code%22%3A%22fi-FI%22%2C%22affiliate_id%22%3A%223405726%22%2C%22id%22%3A%22346e9e39-3f5e-4643-8869-ea53a667c70a%22%7D%7D
Requested by: Host: casino.mrgreen.com
URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.173.213 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register/welcome-offer
Sec-Fetch-Dest: empty
X-Distil-Ajax: cffcssybwdwvdvbcsacxtw

Response headers

date: Sat, 15 Feb 2020 07:32:55 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-origin: *
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
response-time: 2
access-control-expose-headers: Api-Version, Request-Id, Response-Time
cf-work: 1
request-id: cec0f9e0-5a2a-4b8e-b293-1406d0cd3833
cf-ray: 56559736cdadbdf5-AMS
access-control-allow-headers: Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, Api-Version, Response-Time

GET
H2

200

activityi;dc_pre=CJvo_aSF0-cCFcvluwgdd7cGsQ;src=8460430;type=regis0;cat=regis000;ord=1;num=4989528077795;gtm=2wg250;auiddc=911766261.1581751974;u1=FI;u2=registration%20start;u3=GA1.2.707240293.1581...
8460430.fls.doubleclick.net/ Frame 2B11
Redirect Chain

https://8460430.fls.doubleclick.net/activityi;src=8460430;type=regis0;cat=regis000;ord=1;num=4989528077795;gtm=2wg250;auiddc=911766261.1581751974;u1=FI;u2=registration%20start;u3=GA1.2.707240293.15...
https://8460430.fls.doubleclick.net/activityi;dc_pre=CJvo_aSF0-cCFcvluwgdd7cGsQ;src=8460430;type=regis0;cat=regis000;ord=1;num=4989528077795;gtm=2wg250;auiddc=911766261.1581751974;u1=FI;u2=registra...

0
0

36ms
36ms

Document
text/html

172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8460430.fls.doubleclick.net/activityi;dc_pre=CJvo_aSF0-cCFcvluwgdd7cGsQ;src=8460430;type=regis0;cat=regis000;ord=1;num=4989528077795;gtm=2wg250;auiddc=911766261.1581751974;u1=FI;u2=registration%20start;u3=GA1.2.707240293.1581751974;u4=2020-02-15T08%3A32%3A55.487%2B01%3A00;u5=Prospect;u6=3405726;u7=desktop;u8=1581751975488.21ula7sl;~oref=https%3A%2F%2Fcasino.mrgreen.com%2Ffi-FI%2Fpay-n-play%2Fregister%2Fwelcome-offer?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWJJ8L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f134.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8460430.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CJvo_aSF0-cCFcvluwgdd7cGsQ;src=8460430;type=regis0;cat=regis000;ord=1;num=4989528077795;gtm=2wg250;auiddc=911766261.1581751974;u1=FI;u2=registration%20start;u3=GA1.2.707240293.1581751974;u4=2020-02-15T08%3A32%3A55.487%2B01%3A00;u5=Prospect;u6=3405726;u7=desktop;u8=1581751975488.21ula7sl;~oref=https%3A%2F%2Fcasino.mrgreen.com%2Ffi-FI%2Fpay-n-play%2Fregister%2Fwelcome-offer?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register/welcome-offer
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkG15wWOHJxQ-ax2gTPFkgFtUUn7__MSm-WB1VcpIvbX1rqBvqyusXSy6Er
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: about:blank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Sat, 15 Feb 2020 07:32:55 GMT
expires: Sat, 15 Feb 2020 07:32:55 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 470
x-xss-protection: 0
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Sat, 15 Feb 2020 07:32:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8460430.fls.doubleclick.net/activityi;dc_pre=CJvo_aSF0-cCFcvluwgdd7cGsQ;src=8460430;type=regis0;cat=regis000;ord=1;num=4989528077795;gtm=2wg250;auiddc=911766261.1581751974;u1=FI;u2=registration%20start;u3=GA1.2.707240293.1581751974;u4=2020-02-15T08%3A32%3A55.487%2B01%3A00;u5=Prospect;u6=3405726;u7=desktop;u8=1581751975488.21ula7sl;~oref=https%3A%2F%2Fcasino.mrgreen.com%2Ffi-FI%2Fpay-n-play%2Fregister%2Fwelcome-offer?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 logo-white-shadow.png
casino.mrgreen.com/assets/images/ 7 KB
7 KB 37ms
36ms Image
image/png 104.16.173.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://casino.mrgreen.com/assets/images/logo-white-shadow.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.173.213 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c65adb6b2c659031c03bb711caa964af0aded79516535b6840ea6411814610b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .mrgreen.com .casinomodule.com .gameassists.co.uk .gameassists.dk *.netent.com mrgreen-indigo.realsprint.com bmtcw.playngonetwork.com;

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register/welcome-offer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 07:32:55 GMT
cf-cache-status: HIT
age: 671128
cf-polished: origSize=13410, status=webp_bigger
status: 200
cf-bgj: imgq:85
content-length: 7444
last-modified: Fri, 07 Feb 2020 08:41:30 GMT
server: cloudflare
etag: "5e3d22ba-3462"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self' *.mrgreen.com *.casinomodule.com *.gameassists.co.uk *.gameassists.dk *.netent.com mrgreen-indigo.realsprint.com bmtcw.playngonetwork.com;
accept-ranges: bytes
cf-ray: 56559736ddbdbdf5-AMS
expires: Tue, 12 Feb 2030 07:32:55 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
102 B 6ms
5ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=805261595&t=pageview&_s=1&dl=https%3A%2F%2Fcasino.mrgreen.com%2Ffi-FI%2Fpay-n-play%2Fregister%2Fwelcome-offer&dp=%2Ffi-FI%2Fpay-n-play%2Fregister%2Fwelcome-offer&ul=en-us&de=UTF-8&dt=Mr%20Green%20Casino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEALR~&jid=&gjid=&cid=707240293.1581751974&tid=UA-63985451-3&_gid=1544268481.1581751974&gtm=2wg250TWJJ8L&cd2=GA1.2.707240293.1581751974&cd5=FI&cd7=2020-02-15T08%3A32%3A55.435%2B01%3A00&cd10=0&cd11=1581751975435.qp3dgl8&cd16=GA1.2.707240293.1581751974&cd19=registration%20start&cd23=1&cd24=&cd34=GA1.2.707240293.1581751974&cd42=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&cd46=U2FsdGVkX1%2FloBip6Ig0KfsbI%2BGR9hjgJ7eo%2FjYAUoQ%3D&cm6=2254&z=237736197

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register/welcome-offer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sat, 01 Feb 2020 08:35:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1205875
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
96 B 7ms
7ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=805261595&t=timing&_s=1&dl=https%3A%2F%2Fcasino.mrgreen.com%2Ffi-FI%2Fpay-n-play%2Fregister%2Fwelcome-offer&dp=%2Ffi-FI%2Fpay-n-play%2Fregister%2Fwelcome-offer&ul=en-us&de=UTF-8&dt=Mr%20Green%20Casino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=Content%20view&utv=Content%20View&utt=2277&_u=aGDACEALR~&jid=&gjid=&cid=707240293.1581751974&tid=UA-63985451-3&_gid=1544268481.1581751974&gtm=2wg250TWJJ8L&cd2=GA1.2.707240293.1581751974&cd5=FI&cd7=2020-02-15T08%3A32%3A55.457%2B01%3A00&cd16=GA1.2.707240293.1581751974&cd24=&cd34=GA1.2.707240293.1581751974&cd42=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&cd46=U2FsdGVkX1%2FloBip6Ig0KfsbI%2BGR9hjgJ7eo%2FjYAUoQ%3D&z=670736357

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register/welcome-offer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sat, 01 Feb 2020 08:35:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1205875
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
96 B 7ms
6ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=805261595&t=event&ni=0&_s=1&dl=https%3A%2F%2Fcasino.mrgreen.com%2Ffi-FI%2Fpay-n-play%2Fregister%2Fwelcome-offer&ul=en-us&de=UTF-8&dt=Mr%20Green%20Casino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=registration&ea=registration%3Aattempt&el=undefined&_u=aGDACEALR~&jid=&gjid=&cid=707240293.1581751974&tid=UA-63985451-3&_gid=1544268481.1581751974&gtm=2wg250TWJJ8L&cd2=GA1.2.707240293.1581751974&cd5=FI&cd7=2020-02-15T08%3A32%3A55.480%2B01%3A00&cd10=0&cd11=1581751975480.j78ubjh6&cd16=GA1.2.707240293.1581751974&cd23=1&cd24=&cd34=GA1.2.707240293.1581751974&cd42=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&cd46=U2FsdGVkX1%2FloBip6Ig0KfsbI%2BGR9hjgJ7eo%2FjYAUoQ%3D&cm6=2300&cd6=PayNPlay&cm3=1.28&cm5=1&z=938148713

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register/welcome-offer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sat, 01 Feb 2020 08:35:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1205875
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

MARCOM-24151-Bonus-message-thumbnail-120x120-Casino.jpg
www.mrgreen.com/app/uploads/
Redirect Chain

http://www.mrgreen.com/app/uploads/MARCOM-24151-Bonus-message-thumbnail-120x120-Casino.jpg
https://www.mrgreen.com/app/uploads/MARCOM-24151-Bonus-message-thumbnail-120x120-Casino.jpg

4 KB
5 KB

41ms
40ms

Image
image/jpeg

104.16.173.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mrgreen.com/app/uploads/MARCOM-24151-Bonus-message-thumbnail-120x120-Casino.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.173.213 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43b5a25350524411ae87d0f2e031fa63bc3f91dfe94548f68a27c1757219536a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 15 Feb 2020 07:32:55 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7071
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 4348
x-xss-protection: 1; mode=block
pragma: public
last-modified: Tue, 19 Feb 2019 08:57:42 GMT
server: cloudflare
etag: "5c6bc506-10fc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 565597377e32bdf5-AMS
expires: Sun, 14 Jun 2020 07:32:55 GMT

Redirect headers

Date: Sat, 15 Feb 2020 07:32:55 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://www.mrgreen.com/app/uploads/MARCOM-24151-Bonus-message-thumbnail-120x120-Casino.jpg
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 565597372b0ac833-AMS
Expires: Sat, 15 Feb 2020 08:32:55 GMT

GET
H2

200

MARCOM-24151-Bonus-message-thumbnail-120x120-Sport-1.jpg
www.mrgreen.com/app/uploads/
Redirect Chain

http://www.mrgreen.com/app/uploads/MARCOM-24151-Bonus-message-thumbnail-120x120-Sport-1.jpg
https://www.mrgreen.com/app/uploads/MARCOM-24151-Bonus-message-thumbnail-120x120-Sport-1.jpg

5 KB
6 KB

222ms
221ms

Image
image/webp

104.16.173.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mrgreen.com/app/uploads/MARCOM-24151-Bonus-message-thumbnail-120x120-Sport-1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.173.213 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6f22e7d14746124c49a3c0d3f47b28ab99b799b5df5dffccd862c01775b7db8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 15 Feb 2020 07:32:55 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: qual=85, origFmt=jpeg, origSize=6006
status: 200
last-modified: Tue, 19 Feb 2019 08:57:02 GMT
content-disposition: inline; filename="MARCOM-24151-Bonus-message-thumbnail-120x120-Sport-1.webp"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 5594
x-xss-protection: 1; mode=block
pragma: public
cf-bgj: imgq:85
server: cloudflare
etag: "5c6bc4de-1776"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 565597377e35bdf5-AMS
expires: Sun, 14 Jun 2020 07:32:55 GMT

Redirect headers

Date: Sat, 15 Feb 2020 07:32:55 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://www.mrgreen.com/app/uploads/MARCOM-24151-Bonus-message-thumbnail-120x120-Sport-1.jpg
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 565597372cefd8e5-AMS
Expires: Sat, 15 Feb 2020 08:32:55 GMT

GET
H2

200

MARCOM-24151-Bonus-message-thumbnail-120x120-Live.jpg
www.mrgreen.com/app/uploads/
Redirect Chain

http://www.mrgreen.com/app/uploads/MARCOM-24151-Bonus-message-thumbnail-120x120-Live.jpg
https://www.mrgreen.com/app/uploads/MARCOM-24151-Bonus-message-thumbnail-120x120-Live.jpg

4 KB
4 KB

234ms
233ms

Image
image/jpeg

104.16.173.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mrgreen.com/app/uploads/MARCOM-24151-Bonus-message-thumbnail-120x120-Live.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.173.213 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cef08cd8282c112ae81f6f3f1bbabc748646e79e4e32939074741c27975035f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 15 Feb 2020 07:32:55 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: status=not_needed
status: 200
last-modified: Tue, 19 Feb 2019 08:57:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 4399
x-xss-protection: 1; mode=block
pragma: public
cf-bgj: imgq:85
server: cloudflare
etag: "5c6bc4ff-112f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 565597377e33bdf5-AMS
expires: Sun, 14 Jun 2020 07:32:55 GMT

Redirect headers

Date: Sat, 15 Feb 2020 07:32:55 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://www.mrgreen.com/app/uploads/MARCOM-24151-Bonus-message-thumbnail-120x120-Live.jpg
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 565597372d579cfa-AMS
Expires: Sat, 15 Feb 2020 08:32:55 GMT

GET
H2 200 exception Show response
casino.mrgreen.com/api/v2/log/ 4 B
200 B 308ms
307ms XHR
application/json 104.16.173.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://casino.mrgreen.com/api/v2/log/exception?data={%22error%22:%22Uncaught%20ReferenceError:%20brand%20is%20not%20defined%22,%22script%22:%22\%22\%22%22,%22line%22:5,%22column%22:298,%22stackTrace%22:{}}&vertical=casino&errorMessage=%22Uncaught%20ReferenceError:%20brand%20is%20not%20defined%22&client_version=1.6.0-0.0.0-6275
Requested by: Host: casino.mrgreen.com
URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.173.213 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register/welcome-offer?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
Sec-Fetch-Dest: empty
X-Distil-Ajax: cffcssybwdwvdvbcsacxtw
x-mrg-client-type: web
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 15 Feb 2020 07:32:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
content-md5: Wzq/nBqnVWw6Nv6k5pXF0g==
cf-work: 1
status: 200
request-id: bb86c817-9ef3-4c4c-9339-006a40fb7166
access-control-allow-headers: Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, Api-Version, Response-Time
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Api-Version, Request-Id, Response-Time
cf-ray: 565597373e06bdf5-AMS
response-time: 1

GET
H2 200 collect
www.google-analytics.com/ 35 B
96 B 6ms
6ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=805261595&t=pageview&_s=1&dl=https%3A%2F%2Fcasino.mrgreen.com%2Ffi-FI%2Fpay-n-play%2Fregister%2Fwelcome-offer%3Fbtag%3D3405726_E3E5F3435BE54261B46276CEC24EF8FD%26subid%3D18833-477439555%26var1%3D9811%26utm_medium%3Daffiliates%26utm_source%3D3405726&dp=%2Ffi-FI%2Fpay-n-play%2Fregister%2Fwelcome-offer&ul=en-us&de=UTF-8&dt=Mr%20Green%20Casino&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDACEALR~&jid=&gjid=&cid=707240293.1581751974&tid=UA-63985451-3&_gid=1544268481.1581751974&gtm=2wg250TWJJ8L&cd2=GA1.2.707240293.1581751974&cd5=FI&cd7=2020-02-15T08%3A32%3A55.534%2B01%3A00&cd10=0&cd11=1581751975534.dpgnzm3h&cd16=GA1.2.707240293.1581751974&cd19=registration%20start&cd23=1&cd24=&cd34=GA1.2.707240293.1581751974&cd42=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&cd46=U2FsdGVkX1%2FloBip6Ig0KfsbI%2BGR9hjgJ7eo%2FjYAUoQ%3D&cm6=2352&z=698367040

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register/welcome-offer?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sat, 01 Feb 2020 08:35:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1205875
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
96 B 6ms
6ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=805261595&t=timing&_s=1&dl=https%3A%2F%2Fcasino.mrgreen.com%2Ffi-FI%2Fpay-n-play%2Fregister%2Fwelcome-offer%3Fbtag%3D3405726_E3E5F3435BE54261B46276CEC24EF8FD%26subid%3D18833-477439555%26var1%3D9811%26utm_medium%3Daffiliates%26utm_source%3D3405726&dp=%2Ffi-FI%2Fpay-n-play%2Fregister%2Fwelcome-offer&ul=en-us&de=UTF-8&dt=Mr%20Green%20Casino&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&utc=Content%20view&utv=Content%20View&utt=2361&_u=aGDACEALR~&jid=&gjid=&cid=707240293.1581751974&tid=UA-63985451-3&_gid=1544268481.1581751974&gtm=2wg250TWJJ8L&cd2=GA1.2.707240293.1581751974&cd5=FI&cd7=2020-02-15T08%3A32%3A55.541%2B01%3A00&cd16=GA1.2.707240293.1581751974&cd24=&cd34=GA1.2.707240293.1581751974&cd42=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&cd46=U2FsdGVkX1%2FloBip6Ig0KfsbI%2BGR9hjgJ7eo%2FjYAUoQ%3D&z=643101414

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register/welcome-offer?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sat, 01 Feb 2020 08:35:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1205875
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK .lp Show response
mth-mrgreen.firebaseio.com/ Frame 0005 421 B
663 B 358ms
115ms Script
application/javascript 2600:1901:0:94b6::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://mth-mrgreen.firebaseio.com/.lp?start=t&ser=72839754&cb=1&v=5

Requested by

Host: casino.mrgreen.com
URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2600:1901:0:94b6:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

3ab85d3dbc80718f8b00b96a35d7c35a40569a274c837e64afcd2fe41657611a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register/welcome-offer?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sat, 15 Feb 2020 07:32:55 GMT
Server: nginx
Connection: keep-alive
Content-Length: 421
Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
Content-Type: application/javascript; charset=utf-8

GET
H2 200 apple-primary.png
static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,f_webp/https://casino.mrgreen.com/assets/images/dashboard/ 2 KB
2 KB 92ms
32ms Image
image/webp 104.17.171.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,f_webp/https://casino.mrgreen.com/assets/images/dashboard/apple-primary.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.171.81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49645c801594b32f1a6dd96b0f54df58bf1915dbe099f2ccbab1616f392243a6

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register/welcome-offer?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 07:32:55 GMT
cf-cache-status: HIT
age: 1552575
cf-ray: 56559737d94f7263-AMS
status: 200
content-disposition: inline; filename="apple-primary.webp"
server-timing: fastly;dur=0;total=1;start=2019-11-05T08:10:44.830Z;desc=HIT,rtt;dur=41
content-length: 2054
last-modified: Wed, 08 Mar 2017 09:00:18 GMT
server: cloudflare
etag: "765931545913bd8593cb93c11a9777f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Server-Timing
cache-control: public, max-age=16070400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Aug 2020 07:32:55 GMT

GET
H2 200 android-primary.png
static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,f_webp/https://casino.mrgreen.com/assets/images/dashboard/ 2 KB
2 KB 89ms
28ms Image
image/webp 104.17.171.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,f_webp/https://casino.mrgreen.com/assets/images/dashboard/android-primary.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.171.81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6c52642e1aa55bc919917d7741475553fab882c058a7d5b42f6bd4dc7ca49ac

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register/welcome-offer?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 07:32:55 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 89339
cf-ray: 56559737d9507263-AMS
edge-cache-tag: 367004239320928711385668501570568543529,534551232734901397148432381138845641352,1725d64c98e9ae463aadd0291f222d6c
status: 200
x-cache: HIT
content-length: 1686
x-served-by: cache-mxp19842-MXP
expires: Wed, 19 Aug 2020 07:32:55 GMT
last-modified: Wed, 08 Mar 2017 09:00:18 GMT
server: cloudflare
x-timer: S1569564809.895477,VS0,VE1
etag: "3e6b54685850ed6c4db9bad3eaff5ffe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
content-disposition: inline; filename="android-primary.webp"
cache-control: public, max-age=16070400
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Range,User-Agent
x-cache-hits: 1

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ 122 B
701 B 33ms
33ms Script
text/javascript 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?pm=933591&ADFPageName=Visits%20Mr%20Green%20Global&ADFdivider=%7C&ord=434142136069&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fcasino.mrgreen.com%2Ffi-FI%2Fpay-n-play%2Fregister%2Fwelcome-offer%3Fbtag%3D3405726_E3E5F3435BE54261B46

Requested by

Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

eeff5a60635d1fd4da4d25fe88138d4988bc7adde2d4e506f1b47aa710002568

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register/welcome-offer?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 07:32:55 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: *
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 194
expires: -1

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ 122 B
701 B 33ms
32ms Script
text/javascript 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?pm=933591&ADFPageName=Visits%20Mr%20Green%20Global&ADFdivider=%7C&ord=960735217044&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fcasino.mrgreen.com%2Ffi-FI%2Fpay-n-play%2Fregister%2Fwelcome-offer%3Fbtag%3D3405726_E3E5F3435BE54261B46

Requested by

Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

eeff5a60635d1fd4da4d25fe88138d4988bc7adde2d4e506f1b47aa710002568

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register/welcome-offer?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 07:32:55 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: *
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 194
expires: -1

GET
H2 200 mga.png
static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,f_webp/https://casino.mrgreen.com/assets/images/licenses/ 2 KB
3 KB 29ms
28ms Image
image/webp 104.17.171.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,f_webp/https://casino.mrgreen.com/assets/images/licenses/mga.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.171.81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5aa5452f64f48b48aa7976a469db5cf1b0ba7b03e4803f8eccf623bcf757cac9

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register/welcome-offer?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 07:32:55 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 690873
cf-ray: 56559738ea057263-AMS
edge-cache-tag: 444264407543385828543294677028836846868,534551232734901397148432381138845641352,1725d64c98e9ae463aadd0291f222d6c
status: 200
x-cache: HIT
content-length: 2388
x-served-by: cache-hhn1535-HHN
expires: Wed, 19 Aug 2020 07:32:55 GMT
last-modified: Thu, 23 Aug 2018 13:51:24 GMT
server: cloudflare
x-timer: S1549610640.942170,VS0,VE1
etag: "b3d32d34c3b37d17f17a093cc6a590e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
content-disposition: inline; filename="mga.webp"
cache-control: public, max-age=16070400
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1

GET
H2 200 18plus.png
static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,f_webp/https://casino.mrgreen.com/assets/images/dashboard/ 1 KB
1 KB 30ms
30ms Image
image/webp 104.17.171.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,f_webp/https://casino.mrgreen.com/assets/images/dashboard/18plus.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.171.81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7957d9ac1057ea4baf4df5cff4d3a2e1efc0fa83df3156c2443f00ac1314187

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register/welcome-offer?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 07:32:55 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 261869
cf-ray: 56559738ea077263-AMS
edge-cache-tag: 1725d64c98e9ae463aadd0291f222d6c
status: 200
x-cache: HIT
content-length: 1230
x-served-by: cache-mxp19832-MXP
last-modified: Wed, 16 Mar 2016 16:32:32 GMT
server: cloudflare
x-timer: S1569393546.335879,VS0,VE1
etag: "20d69f4e7b8ffea5720962284e3301e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 19 Aug 2020 07:32:55 GMT
cache-control: public, max-age=16070400
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Range,User-Agent
x-cache-hits: 1

GET
H2 200 logo-bank-transfert.png
static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,f_webp,h_25,e_grayscale/https://casino.mrgreen.com/globalassets/payment/ 326 B
505 B 22ms
22ms Image
image/webp 104.17.171.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,f_webp,h_25,e_grayscale/https://casino.mrgreen.com/globalassets/payment/logo-bank-transfert.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.171.81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 101472cbf89aa10f4f7f5cec0c78d24ab49f9a56295c19bd772023d717744dde

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register/welcome-offer?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 07:32:55 GMT
cf-cache-status: HIT
age: 1131788
cf-ray: 565597390a267263-AMS
status: 200
server-timing: fastly;dur=0;total=1;start=2019-11-10T03:50:20.770Z;desc=HIT,rtt;dur=38
content-length: 326
last-modified: Thu, 03 Mar 2016 11:03:03 GMT
server: cloudflare
etag: "11540458598bbb79d29f208208f80e8d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Server-Timing
cache-control: public, max-age=16070400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Aug 2020 07:32:55 GMT

GET
H2 200 inpay_gray_payment_icon_1.png
static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,f_webp,h_25,e_grayscale/https://casino.mrgreen.com/globalassets/ 422 B
709 B 23ms
23ms Image
image/webp 104.17.171.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,f_webp,h_25,e_grayscale/https://casino.mrgreen.com/globalassets/inpay_gray_payment_icon_1.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.171.81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 700dd460d1368a640caa0c6b4f1c34c1965dbc196283bfb5efec1aadc56755a2

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register/welcome-offer?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 07:32:55 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 871125
cf-ray: 565597390a287263-AMS
edge-cache-tag: 455019242999562206576456806665076192703,385808596128448640769712527985388411741,1725d64c98e9ae463aadd0291f222d6c
status: 200
x-cache: HIT
content-length: 422
x-served-by: cache-mxp19846-MXP
expires: Wed, 19 Aug 2020 07:32:55 GMT
last-modified: Fri, 24 Feb 2017 10:06:07 GMT
server: cloudflare
x-timer: S1559106705.240240,VS0,VE1
etag: "07295dfc65b576a06617a745a68262dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
content-disposition: inline; filename="inpay_gray_payment_icon_1.webp"
cache-control: public, max-age=16070400
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Range,User-Agent
x-cache-hits: 1

GET
H2 200 logo_skrill.png
static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,f_webp,h_25,e_grayscale/https://casino.mrgreen.com/globalassets/payment/ 844 B
1 KB 24ms
24ms Image
image/webp 104.17.171.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,f_webp,h_25,e_grayscale/https://casino.mrgreen.com/globalassets/payment/logo_skrill.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.171.81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c18e664561928556f22747f52fed398f5020d0ed5f2bb4a435a8b5b0b30d1ec8

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register/welcome-offer?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 07:32:55 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 2169724
cf-ray: 565597390a297263-AMS
edge-cache-tag: 1725d64c98e9ae463aadd0291f222d6c
status: 200
x-cache: HIT
content-length: 844
x-served-by: cache-hhn1540-HHN
last-modified: Thu, 03 Mar 2016 11:03:04 GMT
server: cloudflare
x-timer: S1550549320.096525,VS0,VE1
etag: "51f07972f3c3efb7c205996b806ebbb5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 19 Aug 2020 07:32:55 GMT
cache-control: public, max-age=16070400
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1

GET
H/1.1 200
OK .lp
s-usc1c-nss-225.firebaseio.com/ Frame 3400 0
0 436ms
117ms Document
text/html 2600:1901:0:94b6::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s-usc1c-nss-225.firebaseio.com/.lp?dframe=t&id=689274&pw=ES1tUKhT8P&ns=mth-mrgreen

Requested by

Host: casino.mrgreen.com
URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2600:1901:0:94b6:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Host: s-usc1c-nss-225.firebaseio.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register/welcome-offer?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register/welcome-offer?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726

Response headers

Server: nginx
Date: Sat, 15 Feb 2020 07:32:56 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 419
Connection: keep-alive
Strict-Transport-Security: max-age=31556926; includeSubDomains; preload

GET
H/1.1 200
OK .lp Show response
s-usc1c-nss-225.firebaseio.com/ Frame 0005 15 B
256 B 440ms
120ms Script
application/javascript 2600:1901:0:94b6::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s-usc1c-nss-225.firebaseio.com/.lp?id=689274&pw=ES1tUKhT8P&ser=90341724&ns=mth-mrgreen

Requested by

Host: casino.mrgreen.com
URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2600:1901:0:94b6:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

3d14e96bd08692f39b357173c908dcb0b21ee11d0bdb29b963ce7fcc836eb4fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register/welcome-offer?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sat, 15 Feb 2020 07:32:56 GMT
Server: nginx
Connection: keep-alive
Content-Length: 15
Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
Content-Type: application/javascript; charset=utf-8

GET
H/1.1 200
OK .lp Show response
s-usc1c-nss-225.firebaseio.com/ Frame 0005 58 B
299 B 440ms
118ms Script
application/javascript 2600:1901:0:94b6::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s-usc1c-nss-225.firebaseio.com/.lp?id=689274&pw=ES1tUKhT8P&ser=90341725&ns=mth-mrgreen&seg0=0&ts0=1&d0=eyJ0IjoiZCIsImQiOnsiciI6MSwiYSI6InMiLCJiIjp7ImMiOnsic2RrLmpzLjUtMTEtMCI6MX19fX0.

Requested by

Host: casino.mrgreen.com
URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2600:1901:0:94b6:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

ef824052cc54e24358011a6d1f363813e99264883d6a019f5c98f75e43f78dc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register/welcome-offer?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sat, 15 Feb 2020 07:32:56 GMT
Server: nginx
Connection: keep-alive
Content-Length: 58
Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
Content-Type: application/javascript; charset=utf-8

GET
H/1.1 200
OK .lp Show response
s-usc1c-nss-225.firebaseio.com/ Frame 0005 30 KB
30 KB 231ms
231ms Script
application/javascript 2600:1901:0:94b6::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s-usc1c-nss-225.firebaseio.com/.lp?id=689274&pw=ES1tUKhT8P&ser=90341726&ns=mth-mrgreen&seg0=1&ts0=1&d0=eyJ0IjoiZCIsImQiOnsiciI6MiwiYSI6InEiLCJiIjp7InAiOiIvZ2FtZXRlay9jb21tb24vbXJncmVlbiIsImgiOiIifX19

Requested by

Host: casino.mrgreen.com
URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2600:1901:0:94b6:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

a9c7bd55b329fb9d4d88d884a5f44923de67085de125e813eaf8a2bf6a0e96fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register/welcome-offer?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sat, 15 Feb 2020 07:32:56 GMT
Server: nginx
Connection: keep-alive
Content-Length: 30525
Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
Content-Type: application/javascript; charset=utf-8

GET
H2 200 promo-bg-reg-4.jpg
static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy/https://casino.mrgreen.com/assets/images/promo/ 378 KB
378 KB 34ms
32ms Image
image/webp 104.17.171.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy/https://casino.mrgreen.com/assets/images/promo/promo-bg-reg-4.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.171.81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f26528b6f6bd08a3c0ed972dd1f7dceb6ee882ffe58a6e9163ec7bd5ed6b57a

Request headers

Referer: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 07:32:56 GMT
cf-cache-status: HIT
age: 500487
cf-polished: qual=85, origFmt=jpeg, origSize=406052
cf-ray: 5655973dce1d7263-AMS
status: 200
content-disposition: inline; filename="promo-bg-reg-4.webp"
server-timing: cloudinary;dur=130;start=2020-01-26T20:09:33.692Z,fastly;dur=0;total=1;start=2020-02-09T12:31:29.593Z;desc=HIT,rtt;dur=44
content-length: 386628
last-modified: Wed, 23 Mar 2016 21:44:24 GMT
server: cloudflare
etag: "465689a5f20eb23c3234f802a9aecc18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cf-bgj: imgq:85
access-control-expose-headers: Content-Length,Content-Disposition,Server-Timing
cache-control: public, max-age=16070400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Aug 2020 07:32:56 GMT

GET
H/1.1 200
OK .lp Show response
s-usc1c-nss-225.firebaseio.com/ Frame 0005 58 B
299 B 120ms
119ms Script
application/javascript 2600:1901:0:94b6::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s-usc1c-nss-225.firebaseio.com/.lp?id=689274&pw=ES1tUKhT8P&ser=90341727&ns=mth-mrgreen

Requested by

Host: casino.mrgreen.com
URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2600:1901:0:94b6:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

44315d87a802f73e3f145bca9968b085c0ac3f7c66ad494e38bad0111c3c8c36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register/welcome-offer?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sat, 15 Feb 2020 07:32:56 GMT
Server: nginx
Connection: keep-alive
Content-Length: 58
Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
Content-Type: application/javascript; charset=utf-8

GET
H/1.1 200
OK .lp Show response
s-usc1c-nss-225.firebaseio.com/ Frame 0005 70 B
311 B 117ms
117ms Script
application/javascript 2600:1901:0:94b6::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s-usc1c-nss-225.firebaseio.com/.lp?id=689274&pw=ES1tUKhT8P&ser=90341728&ns=mth-mrgreen&seg0=2&ts0=1&d0=eyJ0IjoiYyIsImQiOnsidCI6Im4iLCJkIjp7fX19

Requested by

Host: casino.mrgreen.com
URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2600:1901:0:94b6:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

efb03fd285c04565fb592bea3f05d43eb45da9f03af6f94e01d3c10ba14f288e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register/welcome-offer?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sat, 15 Feb 2020 07:32:56 GMT
Server: nginx
Connection: keep-alive
Content-Length: 70
Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
Content-Type: application/javascript; charset=utf-8

GET
H2 200 track Show response
casino.mrgreen.com/api/v2/log/ 0
545 B 225ms
224ms XHR
text/plain 104.16.173.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://casino.mrgreen.com/api/v2/log/track?data=%7B%22e%22%3A%22UCPM%22%2C%22t%22%3A%222020-02-15T07%3A33%3A01.251Z%22%2C%22kv%22%3A%7B%22category%22%3A%22TTI%22%2C%22value%22%3A2597%2C%22client_version%22%3A%221.6.0-0.0.0-6275%22%2C%22client_type%22%3A%22web%22%2C%22origin%22%3A%22https%3A%2F%2Fcasino.mrgreen.com%2Ffi-FI%2Fpay-n-play%2Fregister%2Fwelcome-offer%3Fbtag%3D3405726_E3E5F3435BE54261B46276CEC24EF8FD%26subid%3D18833-477439555%26var1%3D9811%26utm_medium%3Daffiliates%26utm_source%3D3405726%22%2C%22country%22%3A%22UNDEF%22%2C%22id%22%3A%22e05cfcd4-7171-451b-bb25-e3ead437a25b%22%7D%7D
Requested by: Host: casino.mrgreen.com
URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.173.213 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://casino.mrgreen.com/fi-FI/pay-n-play/register/welcome-offer?btag=3405726_E3E5F3435BE54261B46276CEC24EF8FD&subid=18833-477439555&var1=9811&utm_medium=affiliates&utm_source=3405726
Sec-Fetch-Dest: empty
X-Distil-Ajax: cffcssybwdwvdvbcsacxtw

Response headers

date: Sat, 15 Feb 2020 07:33:01 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-origin: *
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
response-time: 1
access-control-expose-headers: Api-Version, Request-Id, Response-Time
cf-work: 1
request-id: 4c516966-9dd5-4279-82b3-77fb83946fae
cf-ray: 5655975aeda6bdf5-AMS
access-control-allow-headers: Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, Api-Version, Response-Time

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mrgreen.com/	1970-01-19 16:08:07	Name: NaN_hash Value: a89b6fd4JZTHABWA1581751974450
.mrgreen.com/	1970-01-19 09:32:07	Name: _gcl_au Value: 1.1.911766261.1581751974
.mrgreen.com/	1970-01-19 16:08:07	Name: _sp Value: %257B%2522id%2522%253A%2522346e9e39-3f5e-4643-8869-ea53a667c70a%2522%257D
.mrgreen.com/	1970-01-19 08:05:43	Name: affiliatevar5 Value: undefined
.mrgreen.com/	1970-01-19 08:05:43	Name: affiliateandclickid Value: 3405726_E3E5F3435BE54261B46276CEC24EF8FD
.mrgreen.com/	1970-01-19 08:05:43	Name: affiliatevar4 Value: undefined
.mrgreen.com/	1970-01-19 08:05:43	Name: affiliatevar3 Value: undefined
.mrgreen.com/	1969-12-31 23:59:59	Name: incap_ses_769_2104320 Value: N9CgPhtc+RDKJ5+zjQqsCqSeR14AAAAAG3F4TDx+kwHRk2VJsKneEA==
.mrgreen.com/	1970-01-19 07:22:33	Name: __cf_bm Value: c52a416767164246c5d51c2c814649fb160284b3-1581751974-1800-ATG+jJaKFv/x1yAp1ApB15hyCNsPAoyvZaEnh9gdapPMgnN6BePdk0eAcaLNAOM5iWqO+vVFiDhhIm9Bj9mZqiA=
.mrgreen.com/	1970-01-19 08:05:43	Name: affiliatevar2 Value: undefined
.mrgreen.com/	1970-01-19 08:05:43	Name: __cfduid Value: d074cb0e6a809c41c2fa7b94848301e041581751973
.mrgreen.com/	1970-01-19 18:53:53	Name: locale Value: fi-fi
.mrgreen.com/	1970-01-19 08:05:43	Name: btag Value: 3405726_E3E5F3435BE54261B46276CEC24EF8FD
.doubleclick.net/	1970-01-19 16:44:07	Name: IDE Value: AHWqTUkG15wWOHJxQ-ax2gTPFkgFtUUn7__MSm-WB1VcpIvbX1rqBvqyusXSy6Er
.mrgreen.com/	1970-01-19 08:05:43	Name: affiliatevar1 Value: 9811
.mrgreen.com/	1970-01-22 07:22:31	Name: netref Value: {"netrefId": "3405726", "btag": "E3E5F3435BE54261B46276CEC24EF8FD"}
.mrgreen.com/	1970-01-19 07:22:35	Name: session Value: 1
.mrgreen.com/	1970-01-19 07:23:58	Name: _gid Value: GA1.2.1544268481.1581751974
.mrgreen.com/	1970-01-19 07:22:32	Name: _gat_UA-63985451-3 Value: 1
.mrgreen.com/	1970-01-20 00:53:43	Name: _ga Value: GA1.2.707240293.1581751974
.mrgreen.com/	1970-01-29 11:44:09	Name: cf_ipcountry Value: be
.mrgreen.com/	1970-01-19 08:05:43	Name: affiliatesubid Value: 18833-477439555
.mrgreen.com/	1970-01-19 16:06:52	Name: visid_incap_2104320 Value: YejWPQm/TZSw6S7kcAneo6SeR14AAAAAQUIPAAAAAADTagdE0JTx6t6u10u+WL2G
casino.mrgreen.com/fi-FI/pay-n-play	1970-01-19 07:22:38	Name: pa-l Value: pa-l=sid%3Di5aqioal%26sst%3D1581751974%26sis%3D1%26rv%3D0

59 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: /_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.C-Iey81J3mA.es5.O/am=BA/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP48pPutu91UJexjOZHa6UdkwhPlAQ/m=_b,_tp(Line 464) Message: %c%s color: red; background: yellow; font-size: 24px; WARNING!
console-api	log	URL: /_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.C-Iey81J3mA.es5.O/am=BA/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP48pPutu91UJexjOZHa6UdkwhPlAQ/m=_b,_tp(Line 464) Message: %c%s color: black; font-size: 18px; Using this console may allow attackers to impersonate you and steal your information using an attack called Self-XSS. Do not enter or paste code that you do not understand.
console-api	log	(Line 3) Message: findMarket initialised
console-api	log	(Line 3) Message: market FI returned
console-api	warning	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: PLATFORM_CAPABILITIES service is deprecated, please use the MobileDetection
console-api	warning	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: This function eventTrack in service-analytics is deprecated. In the next major it will no longer track to GTM. Migrate to use service-gtm instead.
console-api	log	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 26) Message: undefined
console-api	log	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: cannot find key "general.jackpots", defaulting to "Jackpots"
console-api	log	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: cannot find key "Tervetuliaistarjous", defaulting to "Tervetuliaistarjous"
console-api	log	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: cannot find key "Talleta", defaulting to "Talleta"
console-api	log	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: cannot find key "Henkilötiedot", defaulting to "Henkilötiedot"
console-api	log	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: cannot find key "general.jackpots", defaulting to "Jackpots"
console-api	log	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: cannot find key "greengaming.link.menu", defaulting to "Green Gaming"
console-api	log	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: cannot find key "applicationBar.unifiedLobby", defaulting to "Unified lobby"
console-api	log	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: cannot find key "applicationBar.unifiedLobbyLive", defaulting to "Unified lobby live"
console-api	log	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: cannot find key "applicationBar.campaigns", defaulting to "campaigns"
console-api	log	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: cannot find key "sessionSummary.blackjack.title", defaulting to "Resumen de su sesion de Blackjack"
console-api	log	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: cannot find key "sessionSummary.blackjack.message", defaulting to "Detalle de su ultima sesion de blackjack"
console-api	log	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: cannot find key "sessionSummary.blackjack.time", defaulting to "Comienzo de sesion: "
console-api	log	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: cannot find key "sessionSummary.blackjack.balance", defaulting to "Resumen de su sesion: "
console-api	log	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: cannot find key "sessionSummary.blackjack.currentMoney", defaulting to "Dinero actual en su cuenta: "
console-api	log	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: cannot find key "sessionSummary.blackjack.close", defaulting to "Cerrar"
console-api	log	(Line 3) Message: findMarket initialised
console-api	log	(Line 3) Message: market FI returned
console-api	log	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: cannot find key "general.cookiePolicyNotice", defaulting to "Mr Green uses cookies to improve your site experience and by continuing to use the website, you accept such use."
console-api	warning	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: This function eventTrack in service-analytics is deprecated. In the next major it will no longer track to GTM. Migrate to use service-gtm instead.
console-api	log	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: cannot find key "Tervetuliaistarjous", defaulting to "Tervetuliaistarjous"
console-api	log	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: cannot find key "Talleta", defaulting to "Talleta"
console-api	log	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: cannot find key "Henkilötiedot", defaulting to "Henkilötiedot"
console-api	log	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: cannot find key "Tervetuliaistarjous", defaulting to "Tervetuliaistarjous"
console-api	log	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: cannot find key "Talleta", defaulting to "Talleta"
console-api	log	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: cannot find key "Henkilötiedot", defaulting to "Henkilötiedot"
console-api	log	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: cannot find key "Tervetuliaistarjous", defaulting to "Tervetuliaistarjous"
console-api	log	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: cannot find key "Talleta", defaulting to "Talleta"
console-api	log	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: cannot find key "Henkilötiedot", defaulting to "Henkilötiedot"
console-api	log	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: cannot find key "Tervetuliaistarjous", defaulting to "Tervetuliaistarjous"
console-api	log	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: cannot find key "Talleta", defaulting to "Talleta"
console-api	log	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: cannot find key "Henkilötiedot", defaulting to "Henkilötiedot"
console-api	log	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: cannot find key "Tervetuliaistarjous", defaulting to "Tervetuliaistarjous"
console-api	log	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: cannot find key "Talleta", defaulting to "Talleta"
console-api	log	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: cannot find key "Henkilötiedot", defaulting to "Henkilötiedot"
console-api	log	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: cannot find key "Tervetuliaistarjous", defaulting to "Tervetuliaistarjous"
console-api	log	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: cannot find key "Talleta", defaulting to "Talleta"
console-api	log	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: cannot find key "Henkilötiedot", defaulting to "Henkilötiedot"
console-api	log	(Line 3) Message: findMarket initialised
console-api	log	(Line 3) Message: market FI returned
console-api	log	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: cannot find key "general.jackpots", defaulting to "Jackpots"
console-api	log	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: cannot find key "general.jackpots", defaulting to "Jackpots"
console-api	log	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: cannot find key "general.jackpots", defaulting to "Jackpots"
console-api	log	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: cannot find key "general.jackpots", defaulting to "Jackpots"
console-api	log	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: cannot find key "applicationBar.BETA", defaulting to "BETA"
console-api	log	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: cannot find key "applicationBar.HOT", defaulting to "HOT"
console-api	log	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: cannot find key "applicationBar.BETA", defaulting to "BETA"
console-api	log	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: cannot find key "applicationBar.HOT", defaulting to "HOT"
console-api	log	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: cannot find key "applicationBar.BETA", defaulting to "BETA"
console-api	log	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: cannot find key "applicationBar.HOT", defaulting to "HOT"
console-api	log	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: cannot find key "applicationBar.BETA", defaulting to "BETA"
console-api	log	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 1) Message: cannot find key "applicationBar.HOT", defaulting to "HOT"
console-api	warning	URL: https://casino.mrgreen.com/mrgreen-5774b0a6cb57b8e9b8e3.js(Line 31) Message: singleSpa.start() has not been called, 5000ms after single-spa was loaded. Before start() is called, apps can be declared and loaded, but not bootstrapped or mounted. See https://github.com/CanopyTax/single-spa/blob/master/docs/single-spa-api.md#start

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cFboeZV5KrisrsfHoVUOzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' script-src 'nonce-cFboeZV5KrisrsfHoVUOzg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8460430.fls.doubleclick.net
ads.mrgreen.com
api.ipify.org
api.nanigans.com
casino.mrgreen.com
cdn.nanigans.com
cdnjs.cloudflare.com
d21ey8j28ejz92.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
ghanteau.com
iaimia.com
mth-mrgreen.firebaseio.com
rum-collector-2.pingdom.net
rum-static.pingdom.net
s-usc1c-nss-225.firebaseio.com
static.mrgcdn.com
stats.g.doubleclick.net
track.adform.net
track.clickstootrack.com
track.tracknclicks.com
tracklings.page.link
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.mrgreen.com
104.16.171.213
104.16.173.213
104.17.171.81
107.154.251.88
13.224.193.220
143.204.98.159
159.203.10.221
172.217.16.134
185.10.228.82
2600:1901:0:94b6::
2606:4700:10::6814:14ef
2606:4700::6811:4104
2a00:1450:4001:806::2008
2a00:1450:4001:806::200e
2a00:1450:4001:808::2003
2a00:1450:4001:809::200a
2a00:1450:4001:814::2004
2a00:1450:4001:815::2003
2a00:1450:4001:81a::200e
2a00:1450:4001:81d::2003
2a00:1450:400c:c00::9d
3.217.49.197
35.157.125.133
37.157.6.247
52.215.241.11
54.204.26.223
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
09e13bc501877a8383c2661e6fc80187efadbd82ac4d3b0d1ec8a41d8630756c
0b342d1c193e6af986661b1a4887bac8f97b41fd7ec3305b8a1cd2581dfabedf
0f1098b31d11dd9734b587d44a492795c8420a7806f3a374248db940a8bad527
101472cbf89aa10f4f7f5cec0c78d24ab49f9a56295c19bd772023d717744dde
101bd957a425473143d19c448d9edfd1b57b7b2c8cf8936e60fdc5ab57f4d3ea
12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126
150afb142994b186ecc8c2bc3c54c44b6ce6ddf3c16b5a180d8d4bb7405fbfa9
15110ef72cff2a6e1982b01a951a0a4938e5a7aee59599f965c3b0390058fb25
16772fa219f7b40708b8d5779952505fb263c865d29bf8437c1c457b1bc2f7aa
29da9041677010d26c8ed22919256491814216e0af63978305d6cbd9aae18c67
2c65adb6b2c659031c03bb711caa964af0aded79516535b6840ea6411814610b
2d659b59a4cf40320e19b273395524a19b1a354beceb07e791746aec927465c2
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
3548a67b95f078743b0a379234dd3b0a96ba6036942fe4badf5013163d944f5d
36669fabb7f716a13291c6790e0fb27370f628d452a6314cabc8bb56d4f9b78b
3998accbddf1af0d51b056d6743cd06f05252bf1421ac1ac7038c3dd8f15e809
3ab85d3dbc80718f8b00b96a35d7c35a40569a274c837e64afcd2fe41657611a
3b794f3708960b080c92f863e8936343433d11bcab48cc68a834e970a394c47e
3b8e2c2b6c91e0b06a82a4c051c372d50b58f2d21fc51b2d454fdf1415971351
3d14e96bd08692f39b357173c908dcb0b21ee11d0bdb29b963ce7fcc836eb4fd
421b4483b5b98807777d85643c26b05ec89df824ad66a08eeefc07209fe31cf4
43b5a25350524411ae87d0f2e031fa63bc3f91dfe94548f68a27c1757219536a
44315d87a802f73e3f145bca9968b085c0ac3f7c66ad494e38bad0111c3c8c36
4709a7bd94a993b2cf819e928fed0dd8bf8112bc742c425d1f0e4858f86ff63b
478938c9b7972c0439eb2d5ef89e121f597dc6f552fa1004fadd481676868328
49645c801594b32f1a6dd96b0f54df58bf1915dbe099f2ccbab1616f392243a6
4eeef187d488fbf4e55ccf729e43357ab481854fec6b5e0b1650cb64b7bf200d
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
5511f3787e0d32d6f818fe312032d721efee8ef2b6a9240dd4689fe47d85484c
5aa5452f64f48b48aa7976a469db5cf1b0ba7b03e4803f8eccf623bcf757cac9
6f26528b6f6bd08a3c0ed972dd1f7dceb6ee882ffe58a6e9163ec7bd5ed6b57a
700dd460d1368a640caa0c6b4f1c34c1965dbc196283bfb5efec1aadc56755a2
70999698916515deecb4298b055c6e9ed3770f78d1accb441ac7a0d93c6c438e
79be2677d965005ad0c46c91557b8bf8a5ea15df5e33f0c99c243dec8bf9598e
7c6dae2f5b2db6bf032ef382436f26217d6c6ef495df7c65e41da42262531439
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
873238cb7c631e6b3d0b5ee4083669f6338d803ab9d9d1072f47665bfc64b6bd
9238f848b6c6300d72a959c3e39dcf9575c8d91c24d9542b3b03d19a5ffe539a
937d7e36fd286f78955a295bc730360279d85d594795cc4a749329019821c2bc
97adaf26bca43e68354a68b2e77c0e6e164bfa78ab82c140584ed30e0396dd73
98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3
a631e8098179b4b6feaca08bce747cb8b3c53450c3fe30eead2c3f23dd288265
a9c7bd55b329fb9d4d88d884a5f44923de67085de125e813eaf8a2bf6a0e96fd
b7957d9ac1057ea4baf4df5cff4d3a2e1efc0fa83df3156c2443f00ac1314187
b8d0077faee152ea771a45ad69356c67c7d1cffcf0b1d0725acca76b47e3da5f
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
c18e664561928556f22747f52fed398f5020d0ed5f2bb4a435a8b5b0b30d1ec8
c19488ef4223e720f3274b43c3d8cdf782b31de83e8b57457faf71a6232b889b
cef08cd8282c112ae81f6f3f1bbabc748646e79e4e32939074741c27975035f4
d2622f766d11465b3e1618c39a69bbe3177259eb4cbe6aa68305175613ba5ea8
d6f22e7d14746124c49a3c0d3f47b28ab99b799b5df5dffccd862c01775b7db8
e28cafa9b1379ba4223daefca64a00e6e38977efcd7c946f208608f55ddd7391
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
eeff5a60635d1fd4da4d25fe88138d4988bc7adde2d4e506f1b47aa710002568
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef824052cc54e24358011a6d1f363813e99264883d6a019f5c98f75e43f78dc9
efb03fd285c04565fb592bea3f05d43eb45da9f03af6f94e01d3c10ba14f288e
efdb4a742e3e7a34ca0d3f1a05b354c0a24eba9d9bff25b5fdcc48d3307685df
f0370381fdb442e9c30c39f8ed24586688c73b735d72746692ee2c531aca8c96
f609fd574b2094dafab5320518d76c86c11e9f9a79344707151284b63f2a4345
f6c52642e1aa55bc919917d7741475553fab882c058a7d5b42f6bd4dc7ca49ac

casino.mrgreen.com Open in urlscan Pro 104.16.173.213 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

91 Requests

100 %HTTPS

46 %IPv6

21 Domains

28 Subdomains

21 IPs

7 Countries

2105 kBTransfer

6114 kBSize

24 Cookies

9 Outgoing links

Page URL History

Redirected requests

91 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

casino.mrgreen.com Open in urlscan Pro
104.16.173.213 Public Scan

Screenshot
Live screenshot

Full Image

91
Requests

100 %
HTTPS

46 %
IPv6

21
Domains

28
Subdomains

21
IPs

7
Countries

2105 kB
Transfer

6114 kB
Size

24
Cookies

91 HTTP transactions
5 data transactions