www.mrgreen.com Open in urlscan Pro
13.225.73.77 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://estrella.network/
Effective URL:
https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_s...
Submission: On April 19 via manual (April 19th 2020, 5:13:33 pm UTC) from AT

Summary HTTP 54 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 22 IPs in 7 countries across 19 domains to perform 54 HTTP transactions. The main IP is 13.225.73.77, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is www.mrgreen.com.
TLS certificate: Issued by HydrantID SSL ICA G2 on December 10th 2019. Valid for: a year.

This is the only time www.mrgreen.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	178.62.93.203 178.62.93.203	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	107.154.251.88 107.154.251.88	19551 (INCAPSULA) (INCAPSULA)
1 13	13.225.73.77 13.225.73.77	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1 1	104.96.140.66 104.96.140.66	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:818::200a	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:819::200e	15169 (GOOGLE) (GOOGLE)
10	104.17.167.81 104.17.167.81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6810:84e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.139.128.8 151.139.128.8	20446 (HIGHWINDS3) (HIGHWINDS3)
1	13.224.194.92 13.224.194.92	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:818::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:821::2003	15169 (GOOGLE) (GOOGLE)
1 2	216.58.207.70 216.58.207.70	15169 (GOOGLE) (GOOGLE)
1 2	172.217.18.166 172.217.18.166	15169 (GOOGLE) (GOOGLE)
1	13.225.73.116 13.225.73.116	16509 (AMAZON-02) (AMAZON-02)
5	37.157.4.40 37.157.4.40	198622 (ADFORM) (ADFORM)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	46.228.164.11 46.228.164.11	56396 (TURN) (TURN)
1 2	37.157.6.252 37.157.6.252	198622 (ADFORM) (ADFORM)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:81b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81b::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	185.10.228.82 185.10.228.82	36351 (SOFTLAYER) (SOFTLAYER)
54	22

1 178.62.93.203 (London, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: estrella.network

estrella.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.154.251.88 (United States) 1 redirects

ASN19551 (INCAPSULA, US)
PTR: 107.154.251.88.ip.incapdns.net

ads.mrgreen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 13.225.73.77 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-77.fra2.r.cloudfront.net

www.mrgreen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.96.140.66 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-140-66.deploy.static.akamaitechnologies.com

cloud.typography.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:819::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.17.167.81 (United States)

ASN13335 (CLOUDFLARENET, US)

static.mrgcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:84e5 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.8 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)

use.fortawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.92 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-92.fra2.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.207.70 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s25-in-f6.1e100.net

8605628.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f6.1e100.net

4707643.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.73.116 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-116.fra2.r.cloudfront.net

cdn.nanigans.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.4.40 (Denmark)

ASN198622 (ADFORM, DK)

a1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.11 (United Kingdom)

ASN56396 (TURN, GB)

r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.252 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.10.228.82 (Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: 52.e4.0ab9.ip4.static.sl-reverse.com

api.nanigans.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	mrgreen.com 2 redirects ads.mrgreen.com www.mrgreen.com	505 KB
10	mrgcdn.com static.mrgcdn.com	695 KB
7	adform.net 1 redirects a1.adform.net track.adform.net	52 KB
6	google-analytics.com 1 redirects www.google-analytics.com	49 KB
5	doubleclick.net 3 redirects 8605628.fls.doubleclick.net 4707643.fls.doubleclick.net stats.g.doubleclick.net	2 KB
3	cloudflare.com cdnjs.cloudflare.com	36 KB
2	facebook.com www.facebook.com	306 B
2	facebook.net connect.facebook.net	142 KB
2	nanigans.com cdn.nanigans.com api.nanigans.com	3 KB
2	fortawesome.com use.fortawesome.com	31 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	34 KB
1	google.de www.google.de	499 B
1	google.com 1 redirects www.google.com	380 B
1	turn.com r.turn.com	490 B
1	gstatic.com fonts.gstatic.com	14 KB
1	googletagmanager.com www.googletagmanager.com	56 KB
1	trustpilot.com widget.trustpilot.com	7 KB
1	typography.com 1 redirects cloud.typography.com	463 B
1	estrella.network estrella.network	460 B
54	19

	Domain	Requested by
13	www.mrgreen.com	1 redirects www.mrgreen.com
10	static.mrgcdn.com	www.mrgreen.com
6	www.google-analytics.com	1 redirects www.mrgreen.com www.google-analytics.com
5	a1.adform.net	estrella.network a1.adform.net
3	cdnjs.cloudflare.com	www.mrgreen.com
2	www.facebook.com	www.mrgreen.com connect.facebook.net
2	track.adform.net	1 redirects www.mrgreen.com
2	connect.facebook.net	estrella.network connect.facebook.net
2	4707643.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	8605628.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	use.fortawesome.com	www.mrgreen.com use.fortawesome.com
1	api.nanigans.com	cdn.nanigans.com
1	www.google.de	www.mrgreen.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	r.turn.com	www.mrgreen.com
1	cdn.nanigans.com	estrella.network
1	fonts.gstatic.com	www.mrgreen.com
1	www.googletagmanager.com	www.mrgreen.com
1	widget.trustpilot.com	www.mrgreen.com
1	ajax.googleapis.com	www.mrgreen.com
1	cloud.typography.com	1 redirects
1	fonts.googleapis.com	www.mrgreen.com
1	ads.mrgreen.com	1 redirects
1	estrella.network
54	25

This site contains links to these domains. Also see Links.

Domain
casino.mrgreen.com
www.authorisation.mga.org.mt

Subject Issuer	Validity	Valid
*.mrgreen.com HydrantID SSL ICA G2	`2019-12-10` - `2020-12-10`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-04-06` - `2020-10-09`	6 months	crt.sh
cloudflare.com CloudFlare Inc ECC CA-2	`2020-01-07` - `2020-10-09`	9 months	crt.sh
use.fonticons.com DigiCert SHA2 Secure Server CA	`2019-10-28` - `2020-12-17`	a year	crt.sh
*.trustpilot.com Amazon	`2019-05-29` - `2020-06-29`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
*.nanigans.com Go Daddy Secure Certificate Authority - G2	`2019-02-28` - `2021-04-29`	2 years	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-03-01` - `2020-05-30`	3 months	crt.sh
*.turn.com DigiCert SHA2 Secure Server CA	`2020-03-18` - `2021-04-19`	a year	crt.sh
www.google.de GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
Frame ID: 3E5BD289425BD52E217F2202A445A56B
Requests: 54 HTTP requests in this frame

Frame: https://8605628.fls.doubleclick.net/activityi;dc_pre=CPfwlqv-9OgCFYTiuwgdTzMPIw;src=8605628;type=lp0;cat=landi0;ord=1;num=4564887116546;gtm=2wg480;auiddc=1286127859.1587316387;u1=DE;u2=storefront;u3=GA1.2.2114150955.1587316387;u4=2020-04-19T19%3A13%3A06.970%2B02%3A00;u5=Prospect;u6=undefined;u7=desktop;u8=1587316386974.5yalxsmt;~oref=https%3A%2F%2Fwww.mrgreen.com%2Fde%2Faff%2Fvegas-adventures%3Fbtag%3D658658_C6374208FB4E48428B2D25312D407A65%26utm_medium%3Daffiliates%26utm_source%3D658658
Frame ID: 0E31E294D3B103BF626E794B47A0CC34
Requests: 1 HTTP requests in this frame

Frame: https://4707643.fls.doubleclick.net/activityi;dc_pre=CIjVl6v-9OgCFcjjGwodx-UC4w;src=4707643;type=mrgre00;cat=prof;ord=1363430165761;gtm=2wg480;auiddc=1286127859.1587316387;~oref=https%3A%2F%2Fwww.mrgreen.com%2Fde%2Faff%2Fvegas-adventures%3Fbtag%3D658658_C6374208FB4E48428B2D25312D407A65%26utm_medium%3Daffiliates%26utm_source%3D658658
Frame ID: 887DC899F610067ABFB348B8084D1AE6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://estrella.network/ Page URL
https://ads.mrgreen.com/redirect.aspx?pid=4031950&bid=22685 HTTP 301
http://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_med... HTTP 301
https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_med... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /optimizely\.com.*\.js/i

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /tracker\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

54
Requests

98 %
HTTPS

44 %
IPv6

19
Domains

25
Subdomains

22
IPs

7
Countries

1647 kB
Transfer

4518 kB
Size

20
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://casino.mrgreen.com/de-DE/register
Title: Kostenlos registrieren

Search URL Search Domain Scan URL

URL: https://casino.mrgreen.com/de-DE/login
Title: Einloggen

Search URL Search Domain Scan URL

URL: https://casino.mrgreen.com/de-DE/game/info/book-of-dead
Title: Book Of Dead

Search URL Search Domain Scan URL

URL: https://casino.mrgreen.com/de-DE/game/info/starburst
Title: Starburst

Search URL Search Domain Scan URL

URL: https://casino.mrgreen.com/de-DE/game/info/vegas-adventure-with-mrgreen
Title: Vegas Adventures with Mr Green

Search URL Search Domain Scan URL

URL: https://casino.mrgreen.com/de-DE/game/info/vault-of-anubis
Title: Vault of Anubis

Search URL Search Domain Scan URL

URL: https://casino.mrgreen.com/de-DE/game/info/lucky-mr-green
Title: Lucky Mr Green

Search URL Search Domain Scan URL

URL: https://casino.mrgreen.com/de-DE/game/info/legacy-of-dead
Title: Legacy of Dead

Search URL Search Domain Scan URL

URL: https://casino.mrgreen.com/de-DE/game/info/dedicated-roulette-live
Title: Dedicated Roulette Live

Search URL Search Domain Scan URL

URL: https://casino.mrgreen.com/de-DE/game/info/neros-fortune
Title: Neros Fortune

Search URL Search Domain Scan URL

URL: https://www.authorisation.mga.org.mt/verification.aspx?lang=en&company=0fd8240e-ac3d-423d-af63-1b1dec8d608a
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://estrella.network/ Page URL
https://ads.mrgreen.com/redirect.aspx?pid=4031950&bid=22685 HTTP 301
http://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658 HTTP 301
https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://cloud.typography.com/7155672/712248/css/fonts.css HTTP 302
https://www.mrgreen.com/app/themes/storefront/assets/fonts/553158/C9B824A3E9336530F.css

Request Chain 37

https://8605628.fls.doubleclick.net/activityi;src=8605628;type=lp0;cat=landi0;ord=1;num=4564887116546;gtm=2wg480;auiddc=1286127859.1587316387;u1=DE;u2=storefront;u3=GA1.2.2114150955.1587316387;u4=2020-04-19T19%3A13%3A06.970%2B02%3A00;u5=Prospect;u6=undefined;u7=desktop;u8=1587316386974.5yalxsmt;~oref=https%3A%2F%2Fwww.mrgreen.com%2Fde%2Faff%2Fvegas-adventures%3Fbtag%3D658658_C6374208FB4E48428B2D25312D407A65%26utm_medium%3Daffiliates%26utm_source%3D658658 HTTP 302
https://8605628.fls.doubleclick.net/activityi;dc_pre=CPfwlqv-9OgCFYTiuwgdTzMPIw;src=8605628;type=lp0;cat=landi0;ord=1;num=4564887116546;gtm=2wg480;auiddc=1286127859.1587316387;u1=DE;u2=storefront;u3=GA1.2.2114150955.1587316387;u4=2020-04-19T19%3A13%3A06.970%2B02%3A00;u5=Prospect;u6=undefined;u7=desktop;u8=1587316386974.5yalxsmt;~oref=https%3A%2F%2Fwww.mrgreen.com%2Fde%2Faff%2Fvegas-adventures%3Fbtag%3D658658_C6374208FB4E48428B2D25312D407A65%26utm_medium%3Daffiliates%26utm_source%3D658658

Request Chain 38

https://4707643.fls.doubleclick.net/activityi;src=4707643;type=mrgre00;cat=prof;ord=1363430165761;gtm=2wg480;auiddc=1286127859.1587316387;~oref=https%3A%2F%2Fwww.mrgreen.com%2Fde%2Faff%2Fvegas-adventures%3Fbtag%3D658658_C6374208FB4E48428B2D25312D407A65%26utm_medium%3Daffiliates%26utm_source%3D658658 HTTP 302
https://4707643.fls.doubleclick.net/activityi;dc_pre=CIjVl6v-9OgCFcjjGwodx-UC4w;src=4707643;type=mrgre00;cat=prof;ord=1363430165761;gtm=2wg480;auiddc=1286127859.1587316387;~oref=https%3A%2F%2Fwww.mrgreen.com%2Fde%2Faff%2Fvegas-adventures%3Fbtag%3D658658_C6374208FB4E48428B2D25312D407A65%26utm_medium%3Daffiliates%26utm_source%3D658658

Request Chain 43

https://track.adform.net/Serving/TrackPoint/?pm=257142&ADFPageName=AdliciousAdformStorefront&ADFdivider=| HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=257142&ADFPageName=AdliciousAdformStorefront&ADFdivider=|

Request Chain 44

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=721731287&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mrgreen.com%2Fde%2Faff%2Fvegas-adventures%3Fbtag%3D658658_C6374208FB4E48428B2D25312D407A65%26utm_medium%3Daffiliates%26utm_source%3D658658&dr=http%3A%2F%2Festrella.network%2F&dp=%2Fde%2Faff%2Fvegas-adventures&ul=en-us&de=UTF-8&dt=Vegas%20Adventures%20with%20Mr%20Green%20%7C%20Holen%20Sie%20sich%20bis%20zu%20%E2%82%AC%20100%2C-%20%2B%20200%20Freispiele&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDAAEALQ~&jid=648171665&gjid=1282572840&cid=2114150955.1587316387&tid=UA-63985451-3&_gid=1051428685.1587316387&_r=1&gtm=2wg480TWJJ8L&cd2=GA1.2.2114150955.1587316387&cd5=DE&cd7=2020-04-19T19%3A13%3A06.959%2B02%3A00&cd10=0&cd11=1587316386959.yeg30c9&cd16=GA1.2.2114150955.1587316387&cd19=storefront&cd23=1&cd34=GA1.2.2114150955.1587316387&cd42=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&cd46=undefined&cm6=2725&z=2043288572 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-63985451-3&cid=2114150955.1587316387&jid=648171665&_gid=1051428685.1587316387&gjid=1282572840&_v=j81&z=2043288572 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63985451-3&cid=2114150955.1587316387&jid=648171665&_v=j81&z=2043288572 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63985451-3&cid=2114150955.1587316387&jid=648171665&_v=j81&z=2043288572&slf_rd=1&random=2003505893

54 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
estrella.network/ 255 B
460 B 157ms
34ms Document
text/html 178.62.93.203
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://estrella.network/
Protocol: HTTP/1.1
Server: 178.62.93.203 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: estrella.network
Software: nginx / PHP/7.4.4
Resource Hash: 1463f550945a65105bf29c91aaf39dcda69cf8a9640dd3e82848fdf2fc10c8c7

Request headers

Host: estrella.network
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Sun, 19 Apr 2020 17:13:04 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 255
Connection: keep-alive
Keep-Alive: timeout=60
X-Powered-By: PHP/7.4.4

GET
H2

200

Primary Request vegas-adventures Show response
www.mrgreen.com/de/aff/
Redirect Chain

https://ads.mrgreen.com/redirect.aspx?pid=4031950&bid=22685
http://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658

2 MB
264 KB

1840ms
1795ms

Document
text/html

13.225.73.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.225.73.77 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-73-77.fra2.r.cloudfront.net

Software

nginx / PHP/5.5.9-1ubuntu4.20

Resource Hash

361da9269c760998405cbfdb649bdc5bbc81020e508287b211bbcf1d0582d799

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.mrgreen.com
:scheme: https
:path: /de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://estrella.network/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a4031950%2c%22BID%22%3a22685%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1587316384365)%5c%2f%22%2c%22CookieTag%22%3a%2222685403195021171712581C20204191813%22%7d%5d; visid_incap_2104320=9gHz00tSQgmS8xccXuXhIKCGnF4AAAAAQUIPAAAAAAD7qy0A6lKZa9+T8PYQPECu; incap_ses_730_2104320=ZE4GXns5UlzGEiyPZXwhCqCGnF4AAAAAq48bYLc0ldl6UV0dkVSPUg==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://estrella.network/

Response headers

status: 200
content-type: text/html; charset=UTF-8
server: nginx
date: Sun, 19 Apr 2020 17:13:06 GMT
x-powered-by: PHP/5.5.9-1ubuntu4.20
link: <https://www.mrgreen.com/de/wp-json/>; rel="https://api.w.org/" <https://www.mrgreen.com/de/?p=211702/>; rel=shortlink
content-encoding: gzip
cache-tag: sf
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-cache: Miss from cloudfront
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: Q9ePuCTOiRS2OSSL9ipg6i1MUoZbtLWBAz5cDbJ5n9vRH6p1q7WUOg==

Redirect headers

Server: CloudFront
Date: Sun, 19 Apr 2020 17:13:04 GMT
Content-Type: text/html
Content-Length: 183
Connection: keep-alive
Location: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
X-Cache: Redirect from cloudfront
Via: 1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2
X-Amz-Cf-Id: PByzHOXv2twoI_aHnlPdRSsmD-eKlMqs1tsf-cDA5qPZrL5TunXTRQ==

GET
H2 200 css
fonts.googleapis.com/ 2 KB
653 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat&display=swap

Requested by

Host: www.mrgreen.com
URL: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

87eb7663270ab92e205a026860434401ccf302a11626069dcc463ca9a8931208

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 19 Apr 2020 17:13:06 GMT
server: ESF
date: Sun, 19 Apr 2020 17:13:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 19 Apr 2020 17:13:06 GMT

GET
H2

200

C9B824A3E9336530F.css
www.mrgreen.com/app/themes/storefront/assets/fonts/553158/
Redirect Chain

https://cloud.typography.com/7155672/712248/css/fonts.css
https://www.mrgreen.com/app/themes/storefront/assets/fonts/553158/C9B824A3E9336530F.css

225 KB
170 KB

28ms
28ms

Stylesheet
text/css

13.225.73.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrgreen.com/app/themes/storefront/assets/fonts/553158/C9B824A3E9336530F.css

Requested by

Host: www.mrgreen.com
URL: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.225.73.77 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-73-77.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

0351f3d79d99270c9c47135ae6eb7d93f37a0836a86d757b9db917d88810ab77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 16 Apr 2020 12:01:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 277904
x-cache: Hit from cloudfront
cache-tag: sf
status: 200
x-xss-protection: 1; mode=block
pragma: public
last-modified: Thu, 16 Apr 2020 08:48:44 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront)
cache-control: max-age=10368000, public
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: Ujy6rvs-CpcsjoB_Hp5e87qgL-13UTfflF4uKv6VyC-d67uJHfet2A==
expires: Fri, 14 Aug 2020 12:01:22 GMT

Redirect headers

Date: Sun, 19 Apr 2020 17:13:06 GMT
Last-Modified: Thu, 09 Mar 2017 09:56:55 GMT
Server: AkamaiNetStorage
ETag: "eb1b1e257b91824475ffe8abfbfbb34b:1536738569"
Content-Type: text/html
Location: https://www.mrgreen.com/app/themes/storefront/assets/fonts/553158/C9B824A3E9336530F.css
Cache-Control: must-revalidate, private
Connection: keep-alive
X-HCo-pid: 14
Content-Length: 154
Expires: Sun, 19 April 2020 17:13:06 GMT

GET
H2 200 template-ppc-3-538c2a2c.css
www.mrgreen.com/app/themes/storefront/dist/styles/ 160 KB
23 KB 29ms
27ms Stylesheet
text/css 13.225.73.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrgreen.com/app/themes/storefront/dist/styles/template-ppc-3-538c2a2c.css

Requested by

Host: www.mrgreen.com
URL: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.225.73.77 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-73-77.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

bdfd3e44bdef5791d72af11e1b024a3a52dbb187dad6310699598fdd213a0df6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 16 Apr 2020 12:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 277903
x-cache: Hit from cloudfront
cache-tag: sf
status: 200
x-xss-protection: 1; mode=block
pragma: public
last-modified: Thu, 16 Apr 2020 08:50:45 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront)
cache-control: max-age=10368000, public
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: RvmbWJ2jrHSH0uC9uoUsm9SJlyXpVLbxMWjhJWyW8Y39kkVhNQU6KQ==
expires: Fri, 14 Aug 2020 12:01:23 GMT

GET
H2 200 frontend.css
www.mrgreen.com/app/plugins/wp-job-manager-applications/assets/css/ 13 KB
2 KB 360ms
359ms Stylesheet
text/css 13.225.73.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrgreen.com/app/plugins/wp-job-manager-applications/assets/css/frontend.css?ver=4.9.8

Requested by

Host: www.mrgreen.com
URL: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.225.73.77 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-73-77.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

55138686144d0f04d70faa92ac3c1568af9090d97ce02c74d4c2863864b4b02d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 19 Apr 2020 17:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
cache-tag: sf
status: 200
x-xss-protection: 1; mode=block
pragma: public
last-modified: Fri, 17 Apr 2020 08:16:52 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront)
cache-control: max-age=10368000, public
x-amz-cf-id: 5OQCOOwl3wPpyXR8y0-cKcB9aOw9LQd_eMST0P7-xOwgXXnwSkA_eQ==
expires: Mon, 17 Aug 2020 17:13:06 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 19ms
7ms Script
text/javascript 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: www.mrgreen.com
URL: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 13 Apr 2020 11:22:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 539427
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Apr 2021 11:22:39 GMT

GET
H2 200 lazy-prerender.js Show response
www.mrgreen.com/app/themes/storefront/assets/scripts/ 240 B
756 B 31ms
30ms Script
application/x-javascript 13.225.73.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrgreen.com/app/themes/storefront/assets/scripts/lazy-prerender.js?ver=1.1

Requested by

Host: www.mrgreen.com
URL: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.225.73.77 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-73-77.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

8e267f0aa2eba56c8be97a3c468a480a0cb4527e0409d29715f16365c21a8015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 16 Apr 2020 12:01:15 GMT
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 277911
x-cache: Hit from cloudfront
cache-tag: sf
status: 200
content-length: 240
x-xss-protection: 1; mode=block
pragma: public
last-modified: Thu, 16 Apr 2020 08:48:45 GMT
server: nginx
etag: "5e981bed-f0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
cache-control: max-age=10368000, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: xqZJ3UDt5wZKFgQEKNVfzwkQoeMBhk1wugvw42vehth2pmyOhTmASQ==
expires: Fri, 14 Aug 2020 12:01:15 GMT

GET
H2 200 lookup-e88a2794.js Show response
www.mrgreen.com/app/themes/storefront/dist/scripts/ 4 KB
2 KB 24ms
23ms Script
application/x-javascript 13.225.73.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrgreen.com/app/themes/storefront/dist/scripts/lookup-e88a2794.js

Requested by

Host: www.mrgreen.com
URL: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.225.73.77 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-73-77.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

4a28937b0e6cfcee7a7aac0766213d2acd221aae8ea6d159bbc706a18b52bd45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 16 Apr 2020 12:01:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 277911
x-cache: Hit from cloudfront
cache-tag: sf
status: 200
x-xss-protection: 1; mode=block
pragma: public
last-modified: Thu, 16 Apr 2020 08:50:51 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront)
cache-control: max-age=10368000, public
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: j5SXwvNaOY7Lio_rdzDiToVieaE6mHeH4otxWKnz3WSFYlKASzHg7Q==
expires: Fri, 14 Aug 2020 12:01:15 GMT

GET
H2 200 cookie_write.js Show response
www.mrgreen.com/app/themes/storefront/assets/scripts/ 3 KB
2 KB 26ms
26ms Script
application/x-javascript 13.225.73.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrgreen.com/app/themes/storefront/assets/scripts/cookie_write.js

Requested by

Host: www.mrgreen.com
URL: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.225.73.77 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-73-77.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

310849a5f945cbe402c9ee331d5a02b99b133a53b16e5d8291ff9adf5df27363

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 16 Apr 2020 12:01:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 277911
x-cache: Hit from cloudfront
cache-tag: sf
status: 200
x-xss-protection: 1; mode=block
pragma: public
last-modified: Thu, 16 Apr 2020 08:48:45 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront)
cache-control: max-age=10368000, public
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: bwJnR3kBrZ-7E3fN3BXxwC6GufhxRY3vsRPBUQLzgDAwBFAzDnnoQg==
expires: Fri, 14 Aug 2020 12:01:15 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:819::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.mrgreen.com
URL: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 5672
date: Sun, 19 Apr 2020 15:38:34 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Sun, 19 Apr 2020 17:38:34 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 89 KB
30 KB 43ms
43ms Script
application/javascript 2a00:1450:4001:819::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-KTH7SWG&cid=2114150955.1587316387

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1be5e53e95b6d8e1f4d90b8ced70e6faa9a449e71704a1f5e807a717111f1ade

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 19 Apr 2020 17:13:06 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 30029
x-xss-protection: 0
expires: Sun, 19 Apr 2020 17:13:06 GMT

GET
H2 200 mga.png
static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,q_auto/https://www.mrgreen.com/app/uploads/ 1 KB
2 KB 101ms
48ms Image
image/png 104.17.167.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,q_auto/https://www.mrgreen.com/app/uploads/mga.png
Requested by: Host: www.mrgreen.com
URL: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.167.81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d7959a33800baede38622d168b8d555eab6b61e20406674998d5ccb437045b0

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 19 Apr 2020 17:13:06 GMT
cf-cache-status: HIT
cf-polished: status=not_needed
status: 200
server-timing: fastly;dur=0;total=1;start=2020-04-19T08:57:36.533Z;desc=hit,rtt;dur=38
content-length: 1510
cf-request-id: 02350703b70000d49cc2045200000001
timing-allow-origin: *
expires: Thu, 22 Oct 2020 17:13:06 GMT
last-modified: Tue, 24 Apr 2018 10:20:39 GMT
server: cloudflare
etag: "c52073ef51d1417e873465ca7c8cfbda"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Save-Data, Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 5868411928bcd49c-BRU
cf-bgj: imgq:85,h2pri

GET
H2 200 18.png
www.mrgreen.com/app/uploads/ 562 B
1 KB 26ms
24ms Image
image/png 13.225.73.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mrgreen.com/app/uploads/18.png

Requested by

Host: www.mrgreen.com
URL: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.225.73.77 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-73-77.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

2894a019d51d063b6783559f8f9c0ceb03f3128e948496727477514f6c4e4818

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 16 Apr 2020 12:01:24 GMT
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 277902
x-cache: Hit from cloudfront
cache-tag: sf
status: 200
content-length: 562
x-xss-protection: 1; mode=block
pragma: public
last-modified: Thu, 21 Feb 2019 09:39:19 GMT
server: nginx
etag: "5c6e71c7-232"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=10368000, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: FEnn9Xto9eDmQv6H3NTjkekyWA88MBF-J0gdGdUBQ6PONorxlJb9kg==
expires: Fri, 14 Aug 2020 12:01:24 GMT

GET
H2 200 gamcare.png
www.mrgreen.com/app/uploads/ 613 B
1 KB 27ms
25ms Image
image/png 13.225.73.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mrgreen.com/app/uploads/gamcare.png

Requested by

Host: www.mrgreen.com
URL: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.225.73.77 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-73-77.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

d9696ef19610ed80e50bf0b2ad08b9a54fe6d823a73c62f6ce9f8f494467d11a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 16 Apr 2020 12:01:24 GMT
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 277902
x-cache: Hit from cloudfront
cache-tag: sf
status: 200
content-length: 613
x-xss-protection: 1; mode=block
pragma: public
last-modified: Thu, 21 Feb 2019 09:39:19 GMT
server: nginx
etag: "5c6e71c7-265"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=10368000, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: aOvWiAZhfIMPAJgYlgi3NRwOy3dVNrP73LgqqGc3yuDyqyozRbCw5w==
expires: Fri, 14 Aug 2020 12:01:24 GMT

GET
H2 200 modernizr.min.js Show response
cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/ 11 KB
5 KB 39ms
22ms Script
application/javascript 2606:4700::6810:84e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js

Requested by

Host: www.mrgreen.com
URL: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 19 Apr 2020 17:13:06 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 14810612
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 023507034b0000643773944200000001
served-in-seconds: 0.001
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:24:28 GMT
server: cloudflare
etag: W/"5afd4a4c-2b4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 586841187ba16437-FRA
expires: Fri, 09 Apr 2021 17:13:06 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.1.1/ 85 KB
29 KB 27ms
27ms Script
application/javascript 2606:4700::6810:84e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.1/jquery.min.js

Requested by

Host: www.mrgreen.com
URL: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 19 Apr 2020 17:13:06 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1278327
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 02350703620000643773947200000001
served-in-seconds: 0.004
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:20:15 GMT
server: cloudflare
etag: W/"5afd494f-152b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 586841189bcf6437-FRA
expires: Fri, 09 Apr 2021 17:13:06 GMT

GET
H2 200 jquery.gsap.min.js Show response
www.mrgreen.com/app/themes/storefront/bower_components/gsap/src/minified/ 3 KB
2 KB 26ms
26ms Script
application/x-javascript 13.225.73.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrgreen.com/app/themes/storefront/bower_components/gsap/src/minified/jquery.gsap.min.js

Requested by

Host: www.mrgreen.com
URL: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.225.73.77 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-73-77.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

5ca972b4d30bbb380b96651a09652849cb7affbe7012371237ed9452e357c636

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 16 Apr 2020 12:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 277903
x-cache: Hit from cloudfront
cache-tag: sf
status: 200
x-xss-protection: 1; mode=block
pragma: public
last-modified: Mon, 11 Apr 2016 07:50:03 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront)
cache-control: max-age=10368000, public
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 2RIPLUAm826n53PzV0jTddsCNSEicRKQJbXptsgE0NBvUVNzG0PGdA==
expires: Fri, 14 Aug 2020 12:01:23 GMT

GET
H2 200 TweenMax.min.js Show response
www.mrgreen.com/app/themes/storefront/bower_components/gsap/src/minified/ 102 KB
35 KB 28ms
25ms Script
application/x-javascript 13.225.73.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrgreen.com/app/themes/storefront/bower_components/gsap/src/minified/TweenMax.min.js

Requested by

Host: www.mrgreen.com
URL: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.225.73.77 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-73-77.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

1a324ffab8426503c882cf1903c87537fb3fd0ba84482d24798a795e3927b6ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 16 Apr 2020 12:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 277903
x-cache: Hit from cloudfront
cache-tag: sf
status: 200
x-xss-protection: 1; mode=block
pragma: public
last-modified: Mon, 11 Apr 2016 07:50:03 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront)
cache-control: max-age=10368000, public
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: gsSWRHjyasW91GBbUIKhb5Oc_SObRIbWz3sezjzLp9_0k0-4DnAPRA==
expires: Fri, 14 Aug 2020 12:01:23 GMT

GET
H2 200 jquery.countdown.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.countdown/2.2.0/ 5 KB
2 KB 20ms
16ms Script
application/javascript 2606:4700::6810:84e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.countdown/2.2.0/jquery.countdown.min.js

Requested by

Host: www.mrgreen.com
URL: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 19 Apr 2020 17:13:06 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 29343103
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 023507037a0000643773948200000001
served-in-seconds: 0.001
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:20:59 GMT
server: cloudflare
etag: W/"5afd497b-14db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 58684118cbe86437-FRA
expires: Fri, 09 Apr 2021 17:13:06 GMT

GET
H2 200 0b3514d0.js Show response
use.fortawesome.com/ 10 KB
4 KB 178ms
16ms Script
application/javascript 151.139.128.8
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fortawesome.com/0b3514d0.js
Requested by: Host: www.mrgreen.com
URL: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.8 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 659189b43e6491644521a058e17142ec1cfcbbf1f61b854d45fe818984c60ef5

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 19 Apr 2020 17:13:06 GMT
content-encoding: gzip
last-modified: Fri, 20 Mar 2020 10:57:17 GMT
status: 200
etag: "72f32c6f0caa15c67966429048249cbb"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-hw: 1587316386.cds072.am5.hn,1587316386.cds150.am5.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=60, private, must-revalidate
accept-ranges: bytes
content-length: 3987

GET
H2 200 external-links.js Show response
www.mrgreen.com/app/themes/storefront/assets/scripts/ 753 B
839 B 28ms
26ms Script
application/x-javascript 13.225.73.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrgreen.com/app/themes/storefront/assets/scripts/external-links.js

Requested by

Host: www.mrgreen.com
URL: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.225.73.77 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-73-77.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

59eb8a181387982f19964cca4b5eed6aecd5aa649febff7fbaa8e0d0c2bb1e2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 16 Apr 2020 12:01:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 277911
x-cache: Hit from cloudfront
cache-tag: sf
status: 200
x-xss-protection: 1; mode=block
pragma: public
last-modified: Thu, 16 Apr 2020 08:48:45 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront)
cache-control: max-age=10368000, public
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: TC6c911X2Rj4DUDTVkKTq9DTjD-71DgbDnmNje-qRvio6jan81nqoQ==
expires: Fri, 14 Aug 2020 12:01:15 GMT

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 20 KB
7 KB 66ms
21ms Script
application/x-javascript 13.224.194.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Requested by: Host: www.mrgreen.com
URL: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.194.92 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-92.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5d9371e0c41f5f47e50429fdb0aeecca88b5f31c047093468614211ce03e5d90

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 19 Apr 2020 07:09:43 GMT
content-encoding: gzip
age: 59979
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 6493
last-modified: Wed, 22 Jan 2020 10:29:21 GMT
server: AmazonS3
etag: "cc8c66d103e872eaaae4c3628bf0ac0c"
content-type: application/x-javascript
via: 1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: aezZZ5Y311j4BGg6SZGK6fRhGAlnW9E_SnwhifOxeL_eEcyC24-0sw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 400 KB
56 KB 17ms
15ms Script
application/javascript 2a00:1450:4001:818::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TWJJ8L

Requested by

Host: www.mrgreen.com
URL: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f909140eec3390a38868c1335f7e9014d528111a175b16dec73e63543be80865

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 19 Apr 2020 17:13:06 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 57587
x-xss-protection: 0
last-modified: Sun, 19 Apr 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 19 Apr 2020 17:13:06 GMT

GET
H2 200 Marcom-3361-Acq.-Aff.-Landing-page-Desktop-1872x1050.jpg
static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,c_limit,q_auto/https://www.mrgreen.com/app/uploads/ 227 KB
228 KB 315ms
264ms Image
image/jpeg 104.17.167.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,c_limit,q_auto/https://www.mrgreen.com/app/uploads/Marcom-3361-Acq.-Aff.-Landing-page-Desktop-1872x1050.jpg
Requested by: Host: www.mrgreen.com
URL: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.167.81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7cbb8f058189241f3216ee549aa6061233d33fd3ea5f4eb1e6db4ef2514146b

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 19 Apr 2020 17:13:06 GMT
cf-cache-status: REVALIDATED
cf-polished: status=not_needed
status: 200
server-timing: fastly;dur=1;total=6;start=2020-04-14T20:34:55.674Z;desc=hit,rtt;dur=36
content-length: 232749
cf-request-id: 02350703b70000d49cc2044200000001
timing-allow-origin: *
expires: Thu, 22 Oct 2020 17:13:06 GMT
last-modified: Mon, 13 Jan 2020 12:43:12 GMT
server: cloudflare
etag: "2e5dc50db3976bf14487e607d84d886a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Save-Data, Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 5868411928bbd49c-BRU
cf-bgj: imgq:85,h2pri

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: www.mrgreen.com
URL: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat&display=swap
Origin: https://www.mrgreen.com

Response headers

date: Mon, 13 Apr 2020 09:02:53 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:48 GMT
server: sffe
age: 547813
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 13708
x-xss-protection: 0
expires: Tue, 13 Apr 2021 09:02:53 GMT

GET
DATA 200
OK truncated
/ 220 B
220 B Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd724882dc8a94e7d01094c644badf758051ed60099bb88faf936286f214c97c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin: https://www.mrgreen.com

Response headers

Content-Type: application/font-woff2

GET
H2 200 woff2.css
use.fortawesome.com/kits/0b3514d0/publications/102900/ 38 KB
27 KB 17ms
16ms Stylesheet
text/css 151.139.128.8
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fortawesome.com/kits/0b3514d0/publications/102900/woff2.css
Requested by: Host: use.fortawesome.com
URL: https://use.fortawesome.com/0b3514d0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.8 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: ffa30ec57206a103a0cd523ecdcd29028a09177148f534ed7b86ef656060b8fc

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 19 Apr 2020 17:13:06 GMT
content-encoding: gzip
last-modified: Fri, 20 Mar 2020 10:57:18 GMT
status: 200
etag: "c3fa03768e9add8ee8ddb879f07ebf5c"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-hw: 1587316386.cds072.am5.hn,1587316386.cds216.am5.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 27139

GET
H2 200 thumbnail_bookofdead_712x534.jpg
static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,c_limit,q_auto,f_auto,g_auto/https://casino.mrgreen.com/globalassets/games/thumbnails-5/ 86 KB
87 KB 37ms
35ms Image
image/jpeg 104.17.167.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,c_limit,q_auto,f_auto,g_auto/https://casino.mrgreen.com/globalassets/games/thumbnails-5/thumbnail_bookofdead_712x534.jpg
Requested by: Host: www.mrgreen.com
URL: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.167.81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4141c1c9ae579d4a5a1a12b01f949714595b6f425e9e326bdbbeb27abd4ac172

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 19 Apr 2020 17:13:06 GMT
cf-cache-status: HIT
cf-polished: degrade=85, origSize=97667, status=vary_header_present
status: 200
server-timing: fastly;dur=0;total=1;start=2020-04-19T15:00:39.997Z;desc=hit,rtt;dur=36
content-length: 88561
cf-request-id: 02350704680000d49cc2048200000001
timing-allow-origin: *
expires: Thu, 22 Oct 2020 17:13:06 GMT
last-modified: Fri, 22 Mar 2019 11:07:14 GMT
server: cloudflare
etag: "aef10ae2bfffc944ef30c8081cd8d1ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Save-Data, Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 5868411a4b9cd49c-BRU
cf-bgj: imgq:85,h2pri

GET
H2 200 thumbnail_starburst_712x534.jpg
static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,c_limit,q_auto,f_auto,g_auto/https://casino.mrgreen.com/globalassets/games/thumbnails-5/ 44 KB
44 KB 99ms
97ms Image
image/webp 104.17.167.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,c_limit,q_auto,f_auto,g_auto/https://casino.mrgreen.com/globalassets/games/thumbnails-5/thumbnail_starburst_712x534.jpg
Requested by: Host: www.mrgreen.com
URL: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.167.81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9471e175f041ede3a2f0889b1dcb91d7a9c2de32c766616c70878dfb4c07989

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 19 Apr 2020 17:13:06 GMT
cf-cache-status: HIT
status: 200
content-disposition: inline; filename="thumbnail_starburst_712x534.webp"
server-timing: fastly;dur=0;total=1;start=2020-04-19T16:01:47.682Z;desc=hit,rtt;dur=38
content-length: 44788
cf-request-id: 02350704690000d49cc2049200000001
timing-allow-origin: *
last-modified: Fri, 22 Mar 2019 11:44:26 GMT
server: cloudflare
etag: "a9fbfd4487f3e09315efaede0f7cf0ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Save-Data, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 5868411a4b9dd49c-BRU
expires: Thu, 22 Oct 2020 17:13:06 GMT

GET
H2 200 vegasadventure-thumbnail-1.jpg
static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,c_limit,q_auto,f_auto,g_auto/https://casino.mrgreen.com/globalassets/games/thumbnails-8/ 66 KB
67 KB 74ms
72ms Image
image/webp 104.17.167.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,c_limit,q_auto,f_auto,g_auto/https://casino.mrgreen.com/globalassets/games/thumbnails-8/vegasadventure-thumbnail-1.jpg
Requested by: Host: www.mrgreen.com
URL: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.167.81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbbda5117c2580935ef3fb873d16510c6354dcf8eb381dab2a321ba345ee0694

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 19 Apr 2020 17:13:06 GMT
cf-cache-status: HIT
status: 200
content-disposition: inline; filename="vegasadventure-thumbnail-1.webp"
server-timing: fastly;dur=0;total=1;start=2020-04-19T16:01:47.696Z;desc=hit,rtt;dur=47
content-length: 68046
cf-request-id: 02350704690000d49cc204a200000001
timing-allow-origin: *
last-modified: Thu, 25 Jul 2019 06:54:25 GMT
server: cloudflare
etag: "ebe97e28250c6bf18f39f69987093120"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Save-Data, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 5868411a4b9ed49c-BRU
expires: Thu, 22 Oct 2020 17:13:06 GMT

GET
H2 200 vault-of-anubis-thumbnail-712x534.jpg
static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,c_limit,q_auto,f_auto,g_auto/https://casino.mrgreen.com/globalassets/games/thumbnails-10/ 36 KB
36 KB 63ms
61ms Image
image/webp 104.17.167.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,c_limit,q_auto,f_auto,g_auto/https://casino.mrgreen.com/globalassets/games/thumbnails-10/vault-of-anubis-thumbnail-712x534.jpg
Requested by: Host: www.mrgreen.com
URL: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.167.81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24610d5f2b30a453587be9cab5145ca7649aa37ee8353a4582352d26fae0a16e

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 19 Apr 2020 17:13:06 GMT
cf-cache-status: HIT
status: 200
content-disposition: inline; filename="vault-of-anubis-thumbnail-712x534.webp"
server-timing: fastly;dur=1;start=2020-04-19T16:11:25.367Z;desc=hit,rtt;dur=38
content-length: 36478
cf-request-id: 02350704690000d49cc204b200000001
timing-allow-origin: *
last-modified: Thu, 26 Mar 2020 10:01:24 GMT
server: cloudflare
etag: "976876a69026efdd95ffa9f95d994ecd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Save-Data, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 5868411a4b9fd49c-BRU
expires: Thu, 22 Oct 2020 17:13:06 GMT

GET
H2 200 luckymrg-thumbnail-1-1.jpg
static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,c_limit,q_auto,f_auto,g_auto/https://casino.mrgreen.com/globalassets/games/thumbnails-3/ 49 KB
49 KB 102ms
100ms Image
image/webp 104.17.167.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,c_limit,q_auto,f_auto,g_auto/https://casino.mrgreen.com/globalassets/games/thumbnails-3/luckymrg-thumbnail-1-1.jpg
Requested by: Host: www.mrgreen.com
URL: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.167.81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a1a82efc4e8f347ea0e4b7e55ea01f911b88c0c805209d30a0bf3224abd7de8

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 19 Apr 2020 17:13:06 GMT
cf-cache-status: HIT
status: 200
content-disposition: inline; filename="luckymrg-thumbnail-1-1.webp"
server-timing: fastly;dur=1;total=3;start=2020-04-19T16:01:47.662Z;desc=hit,rtt;dur=36
content-length: 49766
cf-request-id: 02350704690000d49cc204c200000001
timing-allow-origin: *
last-modified: Tue, 05 Mar 2019 11:56:02 GMT
server: cloudflare
etag: "661d4ef0e9cb550848273de721efed13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Save-Data, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 5868411a4ba2d49c-BRU
expires: Thu, 22 Oct 2020 17:13:06 GMT

GET
H2 200 legacyofdead-thumbnail.jpg
static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,c_limit,q_auto,f_auto,g_auto/https://casino.mrgreen.com/globalassets/games/thumbnails-9/ 75 KB
75 KB 80ms
79ms Image
image/webp 104.17.167.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,c_limit,q_auto,f_auto,g_auto/https://casino.mrgreen.com/globalassets/games/thumbnails-9/legacyofdead-thumbnail.jpg
Requested by: Host: www.mrgreen.com
URL: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.167.81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bffc65969f9a03f73a1da087bf1e822860a8a2599c20c08f7a4afb72a2934605

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 19 Apr 2020 17:13:06 GMT
cf-cache-status: HIT
status: 200
content-disposition: inline; filename="legacyofdead-thumbnail.webp"
server-timing: fastly;dur=1;start=2020-04-19T16:01:47.691Z;desc=hit,rtt;dur=38
content-length: 76470
cf-request-id: 02350704690000d49cc204d200000001
timing-allow-origin: *
last-modified: Wed, 08 Jan 2020 11:00:36 GMT
server: cloudflare
etag: "50da565163456c49b3685a5688896d09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Save-Data, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 5868411a4ba5d49c-BRU
expires: Thu, 22 Oct 2020 17:13:06 GMT

GET
H2 200 wh-roulette-th.jpg
static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,c_limit,q_auto,f_auto,g_auto/https://casino.mrgreen.com/globalassets/games/evolution-thumbnails/ 52 KB
53 KB 96ms
95ms Image
image/webp 104.17.167.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,c_limit,q_auto,f_auto,g_auto/https://casino.mrgreen.com/globalassets/games/evolution-thumbnails/wh-roulette-th.jpg
Requested by: Host: www.mrgreen.com
URL: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.167.81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 380f77bcb2673ffbfcf2b22a63b98afd78dfab35cc7a88144154669fb0b72bba

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 19 Apr 2020 17:13:06 GMT
cf-cache-status: HIT
status: 200
content-disposition: inline; filename="wh-roulette-th.webp"
server-timing: fastly;dur=0;total=1;start=2020-04-19T16:11:25.327Z;desc=hit,rtt;dur=36
content-length: 53442
cf-request-id: 02350704690000d49cc204e200000001
timing-allow-origin: *
last-modified: Mon, 30 Mar 2020 14:45:39 GMT
server: cloudflare
etag: "57ed8793dba0da950ef00f9ec536d7ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Save-Data, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 5868411a4ba7d49c-BRU
expires: Thu, 22 Oct 2020 17:13:06 GMT

GET
H2 200 neros-fortune-thumbnail-712x534.jpg
static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,c_limit,q_auto,f_auto,g_auto/https://casino.mrgreen.com/globalassets/games/thumbnails-10/ 55 KB
55 KB 99ms
98ms Image
image/webp 104.17.167.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mrgcdn.com/mrgreen/image/fetch/fl_progressive,fl_lossy,c_limit,q_auto,f_auto,g_auto/https://casino.mrgreen.com/globalassets/games/thumbnails-10/neros-fortune-thumbnail-712x534.jpg
Requested by: Host: www.mrgreen.com
URL: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.167.81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7b7952bae051d15945e875b443b686f81877f77969d4174e219871188971031

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 19 Apr 2020 17:13:06 GMT
cf-cache-status: HIT
status: 200
content-disposition: inline; filename="neros-fortune-thumbnail-712x534.webp"
server-timing: fastly;dur=1;start=2020-04-19T17:10:47.517Z;desc=hit,rtt;dur=36
content-length: 56132
cf-request-id: 02350704690000d49cc204f200000001
timing-allow-origin: *
last-modified: Tue, 24 Mar 2020 08:16:58 GMT
server: cloudflare
etag: "5a466e1e84935719f3b8aa499449f4f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Save-Data, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 5868411a4ba8d49c-BRU
expires: Thu, 22 Oct 2020 17:13:06 GMT

GET
DATA 200
OK truncated
/ 25 KB
25 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b9b620c2fe5f2ea1710cbe67b9e6db570894d4a426c468007a2b530e1131f95

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin: https://www.mrgreen.com

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:819::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 19 Apr 2020 16:33:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2371
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1306
x-xss-protection: 0
expires: Sun, 19 Apr 2020 17:33:35 GMT

GET
H2

200

activityi;dc_pre=CPfwlqv-9OgCFYTiuwgdTzMPIw;src=8605628;type=lp0;cat=landi0;ord=1;num=4564887116546;gtm=2wg480;auiddc=1286127859.1587316387;u1=DE;u2=storefront;u3=GA1.2.2114150955.1587316387;u4=202...
8605628.fls.doubleclick.net/ Frame 0E31
Redirect Chain

https://8605628.fls.doubleclick.net/activityi;src=8605628;type=lp0;cat=landi0;ord=1;num=4564887116546;gtm=2wg480;auiddc=1286127859.1587316387;u1=DE;u2=storefront;u3=GA1.2.2114150955.1587316387;u4=2...
https://8605628.fls.doubleclick.net/activityi;dc_pre=CPfwlqv-9OgCFYTiuwgdTzMPIw;src=8605628;type=lp0;cat=landi0;ord=1;num=4564887116546;gtm=2wg480;auiddc=1286127859.1587316387;u1=DE;u2=storefront;u...

0
0

61ms
61ms

Document
text/html

216.58.207.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8605628.fls.doubleclick.net/activityi;dc_pre=CPfwlqv-9OgCFYTiuwgdTzMPIw;src=8605628;type=lp0;cat=landi0;ord=1;num=4564887116546;gtm=2wg480;auiddc=1286127859.1587316387;u1=DE;u2=storefront;u3=GA1.2.2114150955.1587316387;u4=2020-04-19T19%3A13%3A06.970%2B02%3A00;u5=Prospect;u6=undefined;u7=desktop;u8=1587316386974.5yalxsmt;~oref=https%3A%2F%2Fwww.mrgreen.com%2Fde%2Faff%2Fvegas-adventures%3Fbtag%3D658658_C6374208FB4E48428B2D25312D407A65%26utm_medium%3Daffiliates%26utm_source%3D658658?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWJJ8L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.70 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8605628.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CPfwlqv-9OgCFYTiuwgdTzMPIw;src=8605628;type=lp0;cat=landi0;ord=1;num=4564887116546;gtm=2wg480;auiddc=1286127859.1587316387;u1=DE;u2=storefront;u3=GA1.2.2114150955.1587316387;u4=2020-04-19T19%3A13%3A06.970%2B02%3A00;u5=Prospect;u6=undefined;u7=desktop;u8=1587316386974.5yalxsmt;~oref=https%3A%2F%2Fwww.mrgreen.com%2Fde%2Faff%2Fvegas-adventures%3Fbtag%3D658658_C6374208FB4E48428B2D25312D407A65%26utm_medium%3Daffiliates%26utm_source%3D658658?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: about:blank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Sun, 19 Apr 2020 17:13:07 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 564
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 19-Apr-2020 17:28:07 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Sun, 19 Apr 2020 17:13:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8605628.fls.doubleclick.net/activityi;dc_pre=CPfwlqv-9OgCFYTiuwgdTzMPIw;src=8605628;type=lp0;cat=landi0;ord=1;num=4564887116546;gtm=2wg480;auiddc=1286127859.1587316387;u1=DE;u2=storefront;u3=GA1.2.2114150955.1587316387;u4=2020-04-19T19%3A13%3A06.970%2B02%3A00;u5=Prospect;u6=undefined;u7=desktop;u8=1587316386974.5yalxsmt;~oref=https%3A%2F%2Fwww.mrgreen.com%2Fde%2Faff%2Fvegas-adventures%3Fbtag%3D658658_C6374208FB4E48428B2D25312D407A65%26utm_medium%3Daffiliates%26utm_source%3D658658?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2

200

activityi;dc_pre=CIjVl6v-9OgCFcjjGwodx-UC4w;src=4707643;type=mrgre00;cat=prof;ord=1363430165761;gtm=2wg480;auiddc=1286127859.1587316387;~oref=https%3A%2F%2Fwww.mrgreen.com%2Fde%2Faff%2Fvegas-advent...
4707643.fls.doubleclick.net/ Frame 887D
Redirect Chain

https://4707643.fls.doubleclick.net/activityi;src=4707643;type=mrgre00;cat=prof;ord=1363430165761;gtm=2wg480;auiddc=1286127859.1587316387;~oref=https%3A%2F%2Fwww.mrgreen.com%2Fde%2Faff%2Fvegas-adve...
https://4707643.fls.doubleclick.net/activityi;dc_pre=CIjVl6v-9OgCFcjjGwodx-UC4w;src=4707643;type=mrgre00;cat=prof;ord=1363430165761;gtm=2wg480;auiddc=1286127859.1587316387;~oref=https%3A%2F%2Fwww.m...

0
0

48ms
48ms

Document
text/html

172.217.18.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4707643.fls.doubleclick.net/activityi;dc_pre=CIjVl6v-9OgCFcjjGwodx-UC4w;src=4707643;type=mrgre00;cat=prof;ord=1363430165761;gtm=2wg480;auiddc=1286127859.1587316387;~oref=https%3A%2F%2Fwww.mrgreen.com%2Fde%2Faff%2Fvegas-adventures%3Fbtag%3D658658_C6374208FB4E48428B2D25312D407A65%26utm_medium%3Daffiliates%26utm_source%3D658658?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWJJ8L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4707643.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CIjVl6v-9OgCFcjjGwodx-UC4w;src=4707643;type=mrgre00;cat=prof;ord=1363430165761;gtm=2wg480;auiddc=1286127859.1587316387;~oref=https%3A%2F%2Fwww.mrgreen.com%2Fde%2Faff%2Fvegas-adventures%3Fbtag%3D658658_C6374208FB4E48428B2D25312D407A65%26utm_medium%3Daffiliates%26utm_source%3D658658?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: about:blank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Sun, 19 Apr 2020 17:13:07 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 462
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 19-Apr-2020 17:28:07 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Sun, 19 Apr 2020 17:13:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://4707643.fls.doubleclick.net/activityi;dc_pre=CIjVl6v-9OgCFcjjGwodx-UC4w;src=4707643;type=mrgre00;cat=prof;ord=1363430165761;gtm=2wg480;auiddc=1286127859.1587316387;~oref=https%3A%2F%2Fwww.mrgreen.com%2Fde%2Faff%2Fvegas-adventures%3Fbtag%3D658658_C6374208FB4E48428B2D25312D407A65%26utm_medium%3Daffiliates%26utm_source%3D658658?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 NaN_tracker.js Show response
cdn.nanigans.com/ 3 KB
2 KB 97ms
26ms Script
text/javascript 13.225.73.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.nanigans.com/NaN_tracker.js
Requested by: Host: estrella.network
URL: http://estrella.network/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.116 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-116.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: 4eeef187d488fbf4e55ccf729e43357ab481854fec6b5e0b1650cb64b7bf200d

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 19 Apr 2020 17:10:37 GMT
content-encoding: gzip
age: 161
x-cache: Hit from cloudfront
status: 200
content-length: 1588
last-modified: Tue, 04 Feb 2020 16:45:26 GMT
server: Apache
etag: "c51-59dc2c44ab580"
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
cache-control: max-age=3600, must-revalidate
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: aef_L-QUrwRqqHIH7RCXltFFFZWX2FUIHZ6NSB-V9rqZdvg-luVgNg==

GET
H2 200 / Show response
a1.adform.net/serving/scripts/trackpoint/async/ 76 KB
30 KB 117ms
47ms Script
text/javascript 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.adform.net/serving/scripts/trackpoint/async/

Requested by

Host: estrella.network
URL: http://estrella.network/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

f71949eb5abb767c30181fee3c683cf75a45e2a6f9573c0f6bccea82927a46b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 19 Apr 2020 17:13:07 GMT
content-encoding: gzip
server: nginx
status: 200
vary: Host,Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 30712
expires: Sun, 26 Apr 2020 17:13:07 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: estrella.network
URL: http://estrella.network/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: RU9Lz5KuG6FAUyKr8m9ALiE8HhniH1E387I6NdQxlz+bABR+LatC7mPGIEwQr6dsUmNFV/pVUQ5MnmHA8Udbuw==
x-fb-trip-id: 420120009
x-frame-options: DENY
date: Sun, 19 Apr 2020 17:13:06 GMT, Sun, 19 Apr 2020 17:13:06 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK beacon
r.turn.com/r/ 43 B
490 B 92ms
31ms Image
image/gif 46.228.164.11
TURN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/beacon?b2=42PVUGz_iNg11xW56s_wASWH4d-aPzhMo9mpYkJWk36UtPewEmNts9t_Xv-Xl3NIOb23HQiV5gGHjcYcV6nVCg&cid=
Requested by: Host: www.mrgreen.com
URL: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.228.164.11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 19 Apr 2020 17:13:06 GMT
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Server: Apache-Coyote/1.1
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Content-Length: 43
Content-Type: image/gif

GET
H2

200

/
track.adform.net/Serving/TrackPoint/
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=257142&ADFPageName=AdliciousAdformStorefront&ADFdivider=|
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=257142&ADFPageName=AdliciousAdformStorefront&ADFdivider=|

35 B
496 B

32ms
32ms

Image
image/gif

37.157.6.252
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=257142&ADFPageName=AdliciousAdformStorefront&ADFdivider=|

Requested by

Host: www.mrgreen.com
URL: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Apr 2020 17:13:07 GMT
server: nginx
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

Redirect headers

pragma: no-cache
date: Sun, 19 Apr 2020 17:13:07 GMT
server: nginx
status: 302
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=257142&ADFPageName=AdliciousAdformStorefront&ADFdivider=|
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html; charset=utf-8
expires: -1

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=721731287&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mrgreen.com%2Fde%2Faff%2Fvegas-adventures%3Fbtag%3D658658_C6374208FB4E48428B2D25312D407A65%26u...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-63985451-3&cid=2114150955.1587316387&jid=648171665&_gid=1051428685.1587316387&gjid=1282572840&_v=j81&z=2043288572
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63985451-3&cid=2114150955.1587316387&jid=648171665&_v=j81&z=2043288572
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63985451-3&cid=2114150955.1587316387&jid=648171665&_v=j81&z=2043288572&slf_rd=1&random=2003505893

42 B
499 B

65ms
18ms

Image
image/gif

2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63985451-3&cid=2114150955.1587316387&jid=648171665&_v=j81&z=2043288572&slf_rd=1&random=2003505893

Requested by

Host: www.mrgreen.com
URL: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Apr 2020 17:13:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 19 Apr 2020 17:13:07 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63985451-3&cid=2114150955.1587316387&jid=648171665&_v=j81&z=2043288572&slf_rd=1&random=2003505893
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
122 B 6ms
6ms Image
image/gif 2a00:1450:4001:819::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=721731287&t=timing&_s=1&dl=https%3A%2F%2Fwww.mrgreen.com%2Fde%2Faff%2Fvegas-adventures%3Fbtag%3D658658_C6374208FB4E48428B2D25312D407A65%26utm_medium%3Daffiliates%26utm_source%3D658658&dr=http%3A%2F%2Festrella.network%2F&dp=%2Fde%2Faff%2Fvegas-adventures&ul=en-us&de=UTF-8&dt=Vegas%20Adventures%20with%20Mr%20Green%20%7C%20Holen%20Sie%20sich%20bis%20zu%20%E2%82%AC%20100%2C-%20%2B%20200%20Freispiele&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&utc=Content%20view&utv=Content%20View&utt=2739&_u=aGDACEALR~&jid=&gjid=&cid=2114150955.1587316387&tid=UA-63985451-3&_gid=1051428685.1587316387&gtm=2wg480TWJJ8L&cd2=GA1.2.2114150955.1587316387&cd5=DE&cd7=2020-04-19T19%3A13%3A06.968%2B02%3A00&cd16=GA1.2.2114150955.1587316387&cd34=GA1.2.2114150955.1587316387&cd42=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&cd46=undefined&z=1224659642

Requested by

Host: www.mrgreen.com
URL: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Apr 2020 08:23:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 550196
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 500699753395600 Show response
connect.facebook.net/signals/config/ 447 KB
113 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/500699753395600?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ec840ebae4ee24661af9ec7105343e6b9e93b58745d0127ef6830756d564a774

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 115008
x-xss-protection: 0
pragma: public
x-fb-debug: qjuG5GCWbV87t1uX/Q2GbBfggF9L+AsynkOtbgqvOcHoeIYvtfYUNeZJBdWlkYCkcwio4vmgudqWatDVAB/mOQ==
x-fb-trip-id: 420120009
x-frame-options: DENY
date: Sun, 19 Apr 2020 17:13:07 GMT, Sun, 19 Apr 2020 17:13:07 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
254 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=500699753395600&ev=PageView&dl=https%3A%2F%2Fwww.mrgreen.com%2Fde%2Faff%2Fvegas-adventures%3Fbtag%3D658658_C6374208FB4E48428B2D25312D407A65%26utm_medium%3Daffiliates%26utm_source%3D658658&rl=http%3A%2F%2Festrella.network%2F&if=false&ts=1587316387103&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1587316387102.1409858081&it=1587316387061&coo=false&tm=1&rqm=GET

Requested by

Host: www.mrgreen.com
URL: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 19 Apr 2020 17:13:07 GMT, Sun, 19 Apr 2020 17:13:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 19 Apr 2020 17:13:07 GMT

GET
H/1.1 200
OK event.php Show response
api.nanigans.com/ 0
658 B 98ms
21ms Script
text/javascript 185.10.228.82
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://api.nanigans.com/event.php?app_id=82356&user_id=GA1.2.2114150955.1587316387&type=visit&name=site_visit&nan_hash=a23557c8ENPDKDNZ1587316387106&nan_fp=a43fcc857db6e1f5568094fc6d3cee40&nan_dom=estrella.network&nan_fmt=js

Requested by

Host: cdn.nanigans.com
URL: https://cdn.nanigans.com/NaN_tracker.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.10.228.82 , Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

52.e4.0ab9.ip4.static.sl-reverse.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 19 Apr 2020 17:13:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, must-revalidate, no-store, post-check=0, pre-check=0
Content-Type: text/javascript;charset=UTF-8
Content-Length: 20
X-XSS-Protection: 1; mode=block
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
a1.adform.net/Serving/TrackPoint/ 19 KB
10 KB 32ms
32ms Script
text/javascript 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.adform.net/Serving/TrackPoint/?pm=1397512&ADFPageName=MrGreen%20-%20Lobby%20-%20storefront&ADFdivider=%7C&ord=642160874796&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=http%3A%2F%2Festrella.network%2F&ADFtpmode=2&itm=eyJzbCI6InNhbGVzIiwiYWdlIjoiPGluc2VydCBBZ2UgR3JvdXAgdmFsdWUgaGVyZT4iLCJnZW4iOiJudWxsIiwiY3VyIjoiPGluc2VydCBDdXJyZW5jeSB2YWx1ZSBoZXJlPiIsInN2MSI6Ik1yR3JlZW4iLCJzdjIiOiJzdG9yZWZyb250Iiwic3YzIjoidW5kZWZpbmVkIiwic3Y0IjoiREUiLCJzdjUiOiJ1bmRlZmluZWQiLCJzdjYiOiJzcG9ydCIsInN2NyI6Imh0dHBzOi8vd3d3Lm1yZ3JlZW4uY29tL2RlL2FmZi92ZWdhcy1hZHZlbnR1cmVzP2J0YWc9NjU4NjU4X0M2Mzc0MjA4RkI0RTQ4NDI4QjJEMjUzMTJENDA3QTY1JnV0bV9tZWRpdW09YWZmaWxpYXRlcyZ1dG1fc291cmNlPTY1ODY1OCIsInN2OCI6Ind3dy5tcmdyZWVuLmNvbSIsInN2OSI6Imh0dHA6Ly9lc3RyZWxsYS5uZXR3b3JrLyIsInN2MTAiOiJkZXNrdG9wIiwic3YxMSI6IjE1ODczMTYzODY5ODguOWFpcWJva2IiLCJzdjEyIjoidW5kZWZpbmVkIiwic3YxMyI6InVuZGVmaW5lZCIsInN2MTQiOiIyMDIwLTA0LTE5VDE5OjEzOjA2Ljk4OCswMjowMCIsInN2MTUiOiJ1bmRlZmluZWQifQ&loc=https%3A%2F%2Fwww.mrgreen.com%2Fde%2Faff%2Fvegas-adventures%3Fbtag%3D658658_C6374208FB4E48428B2D25312D407A65%26utm_me

Requested by

Host: a1.adform.net
URL: https://a1.adform.net/serving/scripts/trackpoint/async/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

1a5f45dfb0933e4bc0b62c68fa8e3c7e77339c53282db0610ae728f0dec94cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Apr 2020 17:13:07 GMT
content-encoding: gzip
server: nginx
status: 200
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 9523
expires: -1

GET
H2 200 / Show response
a1.adform.net/Serving/TrackPoint/ 19 KB
10 KB 40ms
39ms Script
text/javascript 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.adform.net/Serving/TrackPoint/?pm=1694576&ADFPageName=MrGreen%20-%20Lobby%20-%20storefront&ADFdivider=%7C&ord=311838517696&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=http%3A%2F%2Festrella.network%2F&ADFtpmode=2&itm=eyJzbCI6InNhbGVzIiwiYWdlIjoiPGluc2VydCBBZ2UgR3JvdXAgdmFsdWUgaGVyZT4iLCJnZW4iOiJudWxsIiwiY3VyIjoiPGluc2VydCBDdXJyZW5jeSB2YWx1ZSBoZXJlPiIsInN2MSI6Ik1yR3JlZW4iLCJzdjIiOiJzdG9yZWZyb250Iiwic3YzIjoidW5kZWZpbmVkIiwic3Y0IjoiREUiLCJzdjUiOiJ1bmRlZmluZWQiLCJzdjYiOiJzcG9ydCIsInN2NyI6Imh0dHBzOi8vd3d3Lm1yZ3JlZW4uY29tL2RlL2FmZi92ZWdhcy1hZHZlbnR1cmVzP2J0YWc9NjU4NjU4X0M2Mzc0MjA4RkI0RTQ4NDI4QjJEMjUzMTJENDA3QTY1JnV0bV9tZWRpdW09YWZmaWxpYXRlcyZ1dG1fc291cmNlPTY1ODY1OCIsInN2OCI6Ind3dy5tcmdyZWVuLmNvbSIsInN2OSI6Imh0dHA6Ly9lc3RyZWxsYS5uZXR3b3JrLyIsInN2MTAiOiJkZXNrdG9wIiwic3YxMSI6IjE1ODczMTYzODY5ODguOWFpcWJva2IiLCJzdjEyIjoidW5kZWZpbmVkIiwic3YxMyI6InVuZGVmaW5lZCIsInN2MTQiOiIyMDIwLTA0LTE5VDE5OjEzOjA2Ljk4OCswMjowMCIsInN2MTUiOiJ1bmRlZmluZWQifQ&loc=https%3A%2F%2Fwww.mrgreen.com%2Fde%2Faff%2Fvegas-adventures%3Fbtag%3D658658_C6374208FB4E48428B2D25312D407A65%26utm_me

Requested by

Host: a1.adform.net
URL: https://a1.adform.net/serving/scripts/trackpoint/async/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

22bbef2c3f41d0bb1bac2de6537f59af2fd5955fd0a076e355aced5e51df96c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Apr 2020 17:13:07 GMT
content-encoding: gzip
server: nginx
status: 200
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 9525
expires: -1

GET
H2 200 collect
www.google-analytics.com/ 35 B
93 B 41ms
6ms Image
image/gif 2a00:1450:4001:819::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=721731287&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.mrgreen.com%2Fde%2Faff%2Fvegas-adventures%3Fbtag%3D658658_C6374208FB4E48428B2D25312D407A65%26utm_medium%3Daffiliates%26utm_source%3D658658&dp=%2Fde%2Faff%2Fvegas-adventures&ul=en-us&de=UTF-8&dt=Vegas%20Adventures%20with%20Mr%20Green%20%7C%20Holen%20Sie%20sich%20bis%20zu%20%E2%82%AC%20100%2C-%20%2B%20200%20Freispiele&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Customer%20status&ea=Customer%20status&el=Prospect&_u=aGDACEALR~&jid=&gjid=&cid=2114150955.1587316387&tid=UA-63985451-3&_gid=1051428685.1587316387&gtm=2wg480TWJJ8L&cd24=http%3A%2F%2Festrella.network%2F&cd42=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&cd46=undefined&cd41=Prospect&z=2130719330

Requested by

Host: www.mrgreen.com
URL: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Apr 2020 08:23:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 550196
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
a1.adform.net/wpf/v2/kla44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dFqwomevLNDrhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt... 128 B
703 B 36ms
35ms Script
text/javascript 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.adform.net/wpf/v2/kla44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dFqwomevLNDrhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt3Q9cUVlOrXTAxw63UYOKES5jfzmkflFflczl998tp7ppfAaZ6m1CdC5MQjGejuTDRNziCvTDfWocQTPOKSfB6QqgXK_Pmtd0UbUV8afuyPBAhqvnpCuSjbDzDdYejftckuyPBDjaY2ftckkCoq75uQ0ISOJ_.bf9fgPtQVD_DJhCizgzH_y3EjNpmVWN9dPBSpBN.BN1eN1RMgRe4JDvtMtJjsOUTlfe2Rc7L1eWNNW5BNlYie3NlY52DLrV9BNorW6Tv4pA4.L9.gJ0Nc1lF4XVA4.9gJ.c4elF1eLf4.pwoRbA4.pwoRbA4.90PgJ.c4elF1rfs.1yA/serving/trackpoint/?pm=1397512&ADFPageName=MrGreen+-+Lobby+-+storefront&ADFdivider=%7c&ord=642160874796&Set1=en-US%7cen-US%7c1600x1200%7c24&CPref=http%3a%2f%2festrella.network%2f&ADFtpmode=2&itm=eyJzbCI6InNhbGVzIiwiYWdlIjoiPGluc2VydCBBZ2UgR3JvdXAgdmFsdWUgaGVyZT4iLCJnZW4iOiJudWxsIiwiY3VyIjoiPGluc2VydCBDdXJyZW5jeSB2YWx1ZSBoZXJlPiIsInN2MSI6Ik1yR3JlZW4iLCJzdjIiOiJzdG9yZWZyb250Iiwic3YzIjoidW5kZWZpbmVkIiwic3Y0IjoiREUiLCJzdjUiOiJ1bmRlZmluZWQiLCJzdjYiOiJzcG9ydCIsInN2NyI6Imh0dHBzOi8vd3d3Lm1yZ3JlZW4uY29tL2RlL2FmZi92ZWdhcy1hZHZlbnR1cmVzP2J0YWc9NjU4NjU4X0M2Mzc0MjA4RkI0RTQ4NDI4QjJEMjUzMTJENDA3QTY1JnV0bV9tZWRpdW09YWZmaWxpYXRlcyZ1dG1fc291cmNlPTY1ODY1OCIsInN2OCI6Ind3dy5tcmdyZWVuLmNvbSIsInN2OSI6Imh0dHA6Ly9lc3RyZWxsYS5uZXR3b3JrLyIsInN2MTAiOiJkZXNrdG9wIiwic3YxMSI6IjE1ODczMTYzODY5ODguOWFpcWJva2IiLCJzdjEyIjoidW5kZWZpbmVkIiwic3YxMyI6InVuZGVmaW5lZCIsInN2MTQiOiIyMDIwLTA0LTE5VDE5OjEzOjA2Ljk4OCswMjowMCIsInN2MTUiOiJ1bmRlZmluZWQifQ&loc=https%3a%2f%2fwww.mrgreen.com%2fde%2faff%2fvegas-adventures%3fbtag%3d658658_C6374208FB4E48428B2D25312D407A65%26utm_me&catdt=0

Requested by

Host: a1.adform.net
URL: https://a1.adform.net/serving/scripts/trackpoint/async/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

18238c145f1c82ccdab332e8c1af2a280af974121c74079416fe4a30f6476cf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Apr 2020 17:13:07 GMT
content-encoding: gzip
server: nginx
status: 200
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 196
expires: -1

GET
H2 200 / Show response
a1.adform.net/wpf/v2/cla44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dFqwomevLNDrhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt... 128 B
705 B 280ms
279ms Script
text/javascript 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.adform.net/wpf/v2/cla44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dFqwomevLNDrhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt3Q9cUVlOrXTAxw63UYOKES5jfzmkflFflczl998tp7ppfAaZ6m1CdC5MQjGejuTDRNziCvTDfWocQTPOKSfB6QqgXK_Pmtd0UbUV8afuyPBAhqvnpCuSjbDzDdYejftckuyPBDjaY2ftckkCoq75uQ0ISOJ_.bf9ZWRhk6Hb9LarUqUdHz16rgPtFFg4Jh5DsQs.BN1eN1RMgRe4JDvtMtJjsOUTlfe2Rc7L1eWNNW5BNlYie3NlY52DLrV9BNorW6Tv4pA4.L9.gJ0Nc1lF4XVA4.9gJ.c4elF1eLf4.pwoRbA4.pwoRbA4.90PgJ.c4elF1rfs.3Or/serving/trackpoint/?pm=1694576&ADFPageName=MrGreen+-+Lobby+-+storefront&ADFdivider=%7c&ord=311838517696&Set1=en-US%7cen-US%7c1600x1200%7c24&CPref=http%3a%2f%2festrella.network%2f&ADFtpmode=2&itm=eyJzbCI6InNhbGVzIiwiYWdlIjoiPGluc2VydCBBZ2UgR3JvdXAgdmFsdWUgaGVyZT4iLCJnZW4iOiJudWxsIiwiY3VyIjoiPGluc2VydCBDdXJyZW5jeSB2YWx1ZSBoZXJlPiIsInN2MSI6Ik1yR3JlZW4iLCJzdjIiOiJzdG9yZWZyb250Iiwic3YzIjoidW5kZWZpbmVkIiwic3Y0IjoiREUiLCJzdjUiOiJ1bmRlZmluZWQiLCJzdjYiOiJzcG9ydCIsInN2NyI6Imh0dHBzOi8vd3d3Lm1yZ3JlZW4uY29tL2RlL2FmZi92ZWdhcy1hZHZlbnR1cmVzP2J0YWc9NjU4NjU4X0M2Mzc0MjA4RkI0RTQ4NDI4QjJEMjUzMTJENDA3QTY1JnV0bV9tZWRpdW09YWZmaWxpYXRlcyZ1dG1fc291cmNlPTY1ODY1OCIsInN2OCI6Ind3dy5tcmdyZWVuLmNvbSIsInN2OSI6Imh0dHA6Ly9lc3RyZWxsYS5uZXR3b3JrLyIsInN2MTAiOiJkZXNrdG9wIiwic3YxMSI6IjE1ODczMTYzODY5ODguOWFpcWJva2IiLCJzdjEyIjoidW5kZWZpbmVkIiwic3YxMyI6InVuZGVmaW5lZCIsInN2MTQiOiIyMDIwLTA0LTE5VDE5OjEzOjA2Ljk4OCswMjowMCIsInN2MTUiOiJ1bmRlZmluZWQifQ&loc=https%3a%2f%2fwww.mrgreen.com%2fde%2faff%2fvegas-adventures%3fbtag%3d658658_C6374208FB4E48428B2D25312D407A65%26utm_me&catdt=0

Requested by

Host: a1.adform.net
URL: https://a1.adform.net/serving/scripts/trackpoint/async/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

23bebb305ca1f7d4d9924526b3c2051c7a823fcad643d6087c2b121fe5af36cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Apr 2020 17:13:07 GMT
content-encoding: gzip
server: nginx
status: 200
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 198
expires: -1

POST
H2 200 /
www.facebook.com/tr/ 0
52 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.mrgreen.com/de/aff/vegas-adventures?btag=658658_C6374208FB4E48428B2D25312D407A65&utm_medium=affiliates&utm_source=658658
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryE23Cgqmb1UHRbkPt

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Sun, 19 Apr 2020 17:13:07 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.mrgreen.com
access-control-allow-credentials: true
alt-svc: h3-27=":443"; ma=3600
content-length: 0

Verdicts & Comments Add Verdict or Comment

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 08:55:17	Name: test_cookie Value: CheckForPermission
.mrgreen.com/	1970-01-19 17:40:52	Name: NaN_hash Value: a23557c8ENPDKDNZ1587316387106
.mrgreen.com/	1970-01-19 11:04:52	Name: _fbp Value: fb.1.1587316387102.1409858081
.mrgreen.com/	1970-01-19 09:38:28	Name: affiliatevar5 Value: undefined
.mrgreen.com/	1970-01-19 09:38:28	Name: affiliatevar4 Value: undefined
.mrgreen.com/	1970-01-19 17:39:44	Name: visid_incap_2104320 Value: 9gHz00tSQgmS8xccXuXhIKCGnF4AAAAAQUIPAAAAAAD7qy0A6lKZa9+T8PYQPECu
.mrgreen.com/	1970-01-19 09:38:28	Name: affiliatevar1 Value: undefined
.mrgreen.com/	1971-01-19 05:56:42	Name: NetReferSPS Value: %5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%221000677195%7c1%22%7d%5d
.mrgreen.com/	1970-01-19 09:38:28	Name: affiliateandclickid Value: 658658_C6374208FB4E48428B2D25312D407A65
.mrgreen.com/	1970-01-19 08:55:19	Name: session Value: 1
.mrgreen.com/	1970-01-19 09:38:28	Name: affiliatevar3 Value: undefined
.mrgreen.com/	1970-01-19 11:04:52	Name: _gcl_au Value: 1.1.1286127859.1587316387
.mrgreen.com/	1970-01-19 08:56:42	Name: _gid Value: GA1.2.1051428685.1587316387
.mrgreen.com/	1970-01-19 09:38:28	Name: affiliatesubid Value: undefined
.mrgreen.com/	1970-01-19 08:55:16	Name: _gat_UA-63985451-3 Value: 1
.mrgreen.com/	1970-01-20 02:26:28	Name: _ga Value: GA1.2.2114150955.1587316387
.mrgreen.com/	1970-01-19 09:38:28	Name: btag Value: 658658_C6374208FB4E48428B2D25312D407A65
.mrgreen.com/	1969-12-31 23:59:59	Name: incap_ses_730_2104320 Value: ZE4GXns5UlzGEiyPZXwhCqCGnF4AAAAAq48bYLc0ldl6UV0dkVSPUg==
.mrgreen.com/	1970-01-19 09:38:28	Name: affiliatevar2 Value: undefined
.mrgreen.com/	1978-01-11 21:31:40	Name: NetRefer_CookieUniTrack_C Value: %5b%7b%22PID%22%3a4031950%2c%22BID%22%3a22685%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1587316384365)%5c%2f%22%2c%22CookieTag%22%3a%2222685403195021171712581C20204191813%22%7d%5d

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 3) Message: findMarket initialised
console-api	log	(Line 3) Message: market DE returned

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4707643.fls.doubleclick.net
8605628.fls.doubleclick.net
a1.adform.net
ads.mrgreen.com
ajax.googleapis.com
api.nanigans.com
cdn.nanigans.com
cdnjs.cloudflare.com
cloud.typography.com
connect.facebook.net
estrella.network
fonts.googleapis.com
fonts.gstatic.com
r.turn.com
static.mrgcdn.com
stats.g.doubleclick.net
track.adform.net
use.fortawesome.com
widget.trustpilot.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.mrgreen.com
104.17.167.81
104.96.140.66
107.154.251.88
13.224.194.92
13.225.73.116
13.225.73.77
151.139.128.8
172.217.18.166
178.62.93.203
185.10.228.82
216.58.207.70
2606:4700::6810:84e5
2a00:1450:4001:809::200a
2a00:1450:4001:818::2008
2a00:1450:4001:818::200a
2a00:1450:4001:819::200e
2a00:1450:4001:81b::2003
2a00:1450:4001:81b::2004
2a00:1450:4001:821::2003
2a00:1450:400c:c00::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
37.157.4.40
37.157.6.252
46.228.164.11
0351f3d79d99270c9c47135ae6eb7d93f37a0836a86d757b9db917d88810ab77
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1463f550945a65105bf29c91aaf39dcda69cf8a9640dd3e82848fdf2fc10c8c7
18238c145f1c82ccdab332e8c1af2a280af974121c74079416fe4a30f6476cf8
1a324ffab8426503c882cf1903c87537fb3fd0ba84482d24798a795e3927b6ee
1a5f45dfb0933e4bc0b62c68fa8e3c7e77339c53282db0610ae728f0dec94cf7
1be5e53e95b6d8e1f4d90b8ced70e6faa9a449e71704a1f5e807a717111f1ade
2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f
22bbef2c3f41d0bb1bac2de6537f59af2fd5955fd0a076e355aced5e51df96c1
23bebb305ca1f7d4d9924526b3c2051c7a823fcad643d6087c2b121fe5af36cd
24610d5f2b30a453587be9cab5145ca7649aa37ee8353a4582352d26fae0a16e
2894a019d51d063b6783559f8f9c0ceb03f3128e948496727477514f6c4e4818
2d7959a33800baede38622d168b8d555eab6b61e20406674998d5ccb437045b0
310849a5f945cbe402c9ee331d5a02b99b133a53b16e5d8291ff9adf5df27363
361da9269c760998405cbfdb649bdc5bbc81020e508287b211bbcf1d0582d799
380f77bcb2673ffbfcf2b22a63b98afd78dfab35cc7a88144154669fb0b72bba
3a1a82efc4e8f347ea0e4b7e55ea01f911b88c0c805209d30a0bf3224abd7de8
4141c1c9ae579d4a5a1a12b01f949714595b6f425e9e326bdbbeb27abd4ac172
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a28937b0e6cfcee7a7aac0766213d2acd221aae8ea6d159bbc706a18b52bd45
4eeef187d488fbf4e55ccf729e43357ab481854fec6b5e0b1650cb64b7bf200d
55138686144d0f04d70faa92ac3c1568af9090d97ce02c74d4c2863864b4b02d
59eb8a181387982f19964cca4b5eed6aecd5aa649febff7fbaa8e0d0c2bb1e2d
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5ca972b4d30bbb380b96651a09652849cb7affbe7012371237ed9452e357c636
5d9371e0c41f5f47e50429fdb0aeecca88b5f31c047093468614211ce03e5d90
659189b43e6491644521a058e17142ec1cfcbbf1f61b854d45fe818984c60ef5
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
87eb7663270ab92e205a026860434401ccf302a11626069dcc463ca9a8931208
8e267f0aa2eba56c8be97a3c468a480a0cb4527e0409d29715f16365c21a8015
9b9b620c2fe5f2ea1710cbe67b9e6db570894d4a426c468007a2b530e1131f95
a7cbb8f058189241f3216ee549aa6061233d33fd3ea5f4eb1e6db4ef2514146b
b7b7952bae051d15945e875b443b686f81877f77969d4174e219871188971031
bdfd3e44bdef5791d72af11e1b024a3a52dbb187dad6310699598fdd213a0df6
bffc65969f9a03f73a1da087bf1e822860a8a2599c20c08f7a4afb72a2934605
cbbda5117c2580935ef3fb873d16510c6354dcf8eb381dab2a321ba345ee0694
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
d9471e175f041ede3a2f0889b1dcb91d7a9c2de32c766616c70878dfb4c07989
d9696ef19610ed80e50bf0b2ad08b9a54fe6d823a73c62f6ce9f8f494467d11a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ec840ebae4ee24661af9ec7105343e6b9e93b58745d0127ef6830756d564a774
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f71949eb5abb767c30181fee3c683cf75a45e2a6f9573c0f6bccea82927a46b4
f909140eec3390a38868c1335f7e9014d528111a175b16dec73e63543be80865
fd724882dc8a94e7d01094c644badf758051ed60099bb88faf936286f214c97c
ffa30ec57206a103a0cd523ecdcd29028a09177148f534ed7b86ef656060b8fc

www.mrgreen.com Open in urlscan Pro 13.225.73.77 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

54 Requests

98 %HTTPS

44 %IPv6

19 Domains

25 Subdomains

22 IPs

7 Countries

1647 kBTransfer

4518 kBSize

20 Cookies

11 Outgoing links

Page URL History

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.mrgreen.com Open in urlscan Pro
13.225.73.77 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

98 %
HTTPS

44 %
IPv6

19
Domains

25
Subdomains

22
IPs

7
Countries

1647 kB
Transfer

4518 kB
Size

20
Cookies

54 HTTP transactions
2 data transactions