Submitted URL: http://syndication.exdynsrv.com/splash.php?idzone=2325397&type=8
Effective URL: https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
Submission: On April 11 via manual from KR

Summary

This website contacted 25 IPs in 5 countries across 16 domains to perform 43 HTTP transactions.
The main IP is 148.253.244.207, located in United States and belongs to CDNETWORKSUS-02 - CDNetworks Inc., US. The main domain is join.casino.com.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on April 10th 2018. Valid for: 3 months.
This is the first time this domain was scanned on urlscan.io!

Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 95.211.229.247 60781 (LEASEWEB-...)
1 2 95.128.201.171 33828 (IPTOX-AS)
3 3 45.60.33.168 19551 (INCAPSULA)
1 148.253.244.207 36408 (CDNETWORK...)
11 148.253.245.144 36408 (CDNETWORK...)
2 23.67.133.228 20940 (AKAMAI-ASN1)
1 172.217.16.200 15169 (GOOGLE)
1 104.16.129.227 13335 (CLOUDFLAR...)
5 148.253.245.17 36408 (CDNETWORK...)
1 213.187.229.56 43937 (PTNET)
2 80.85.64.193 15830 (TELECITY-LON)
1 2 172.217.16.206 15169 (GOOGLE)
1 94.31.29.254 6461 (ZAYO-6461)
1 151.101.112.64 54113 (FASTLY)
1 52.222.149.94 16509 (AMAZON-02)
1 13.32.144.73 16509 (AMAZON-02)
1 146.185.16.178 13213 (UK2NET-AS)
1 74.125.206.155 15169 (GOOGLE)
1 94.31.29.249 6461 (ZAYO-6461)
1 104.24.11.90 13335 (CLOUDFLAR...)
2 52.204.37.93 14618 (AMAZON-AES)
1 54.243.109.242 14618 (AMAZON-AES)
2 52.216.131.147 16509 (AMAZON-02)
1 104.24.10.90 13335 (CLOUDFLAR...)
1 184.73.253.255 14618 (AMAZON-AES)
1 23.21.124.125 14618 (AMAZON-AES)
43 25
Domain
Subdomains
Transfer
18 mansion.com
2 MB
6 dynamicyield.com
242 KB
3 cooladata.com
7 KB
3 casino.com
12 KB
2 amazonaws.com
774 B
2 luckyorange.net
2 KB
2 crazyegg.com
29 KB
2 hotjar.com
74 KB
2 google-analytics.com
15 KB
2 junbi-tracker.com
1 KB
2 exdynsrv.com
2 KB
1 doubleclick.net
102 B
1 d10lpsik1i8c69.cloudfront.net
2 KB
1 playtech.com
23 KB
1 googletagmanager.com
22 KB
1 mansionaffiliates.com
2 KB
43 16
Domain Requested by
16 cache.mansion.com join.casino.com
2 px.dynamicyield.com static.dynamicyield.com
2 gtrk.s3.amazonaws.com join.casino.com
2 api.cooladata.com join.casino.com
2 settings.luckyorange.net d10lpsik1i8c69.cloudfront.net
join.casino.com
2 www.google-analytics.com 1 redirects www.googletagmanager.com
2 mts.mansion.com cache.mansion.com
2 cdn.dynamicyield.com join.casino.com
2 api.casino.com 2 redirects
2 www.junbi-tracker.com 1 redirects
2 syndication.exdynsrv.com 1 redirects
1 sample.crazyegg.com script.crazyegg.com
1 script.hotjar.com static.hotjar.com
1 stats.g.doubleclick.net join.casino.com
1 static.dynamicyield.com st.dynamicyield.com
1 script.crazyegg.com www.googletagmanager.com
1 d10lpsik1i8c69.cloudfront.net syndication.exdynsrv.com
1 cdn.cooladata.com syndication.exdynsrv.com
1 static.hotjar.com syndication.exdynsrv.com
1 tickers.playtech.com cache.mansion.com
1 st.dynamicyield.com syndication.exdynsrv.com
1 www.googletagmanager.com join.casino.com
1 join.casino.com
1 record.mansionaffiliates.com 1 redirects
43 24
Subject / Issuer Validity Valid
www.junbi-tracker.com
COMODO RSA Domain Validation Secure Server CA
2017-05-31 -
2020-08-28
3 years
support11a.cdnetworks.net
DigiCert SHA2 High Assurance Server CA
2018-04-10 -
2018-07-20
3 months

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Web
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Web
Overall confidence: 100%
Detected patterns
  • env /^CE2$/i

Web
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i

Web
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i

Web
Overall confidence: 100%
Detected patterns
  • env /^SWFObject$/i

Web
Overall confidence: 100%
Detected patterns
  • script /tracker.js/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

43 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Adblocked Cookie set splash.php?idzone=2325397&type=8
syndication.exdynsrv.com
1 KB
927 B
Document
General
Full URL
http://syndication.exdynsrv.com/splash.php?idzone=2325397&type=8
Protocol
HTTP/1.1
Server
95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
27d9b8899e2133a01be6e7c5266dce0f6f4938ecf0d7f1b0f883f35fd004a8f0
Blocked
Source: easylist, Type: ads (This would have been blocked)

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
syndication.exdynsrv.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Wed, 11 Apr 2018 18:37:27 GMT
Content-Encoding
gzip
Server
nginx
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%225ace55e72b0114.164777651521664924%22%3B%7D; expires=Sun, 27-Mar-2078 18:37:27 GMT; Max-Age=1892160000; domain=exdynsrv.com
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Adblocked meta.py?cam=9773737&cat=9773861&subid=k-gjl8f8jlj499a6t.6ge3tutwu1y
www.junbi-tracker.com
Redirect Chain
  • http://syndication.exdynsrv.com/splash.php?idzone=2325397&type=8&p=http%3A%2F%2Fshortenertraffic2.com&tested=1&check=530b0d3f0177bb2826981b06b6386dfe&screen_resolution=1600x1200&container_resolutio...
  • https://www.junbi-tracker.com/nref.py?cam=9773737&cat=9773861&subid=shortenertraffic2.com-2325397
  • https://www.junbi-tracker.com/meta.py?cam=9773737&cat=9773861&subid=k-gjl8f8jlj499a6t.6ge3tutwu1y
569 B
711 B
Document
General
Full URL
https://www.junbi-tracker.com/meta.py?cam=9773737&cat=9773861&subid=k-gjl8f8jlj499a6t.6ge3tutwu1y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.128.201.171 , Germany, ASN33828 (IPTOX-AS, DE),
Reverse DNS
host-95-128-201-171.in-addr.iptox.net
Software
nginx/1.7.6 /
Resource Hash
Blocked
Source: easylist, Type: ads (This would have been blocked)

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.junbi-tracker.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://syndication.exdynsrv.com/splash.php?idzone=2325397&type=8
Cookie
junbi="c3ViaWQ9c2hvcnRlbmVydHJhZmZpYzIuY29tLTIzMjUzOTd8Y2FtPTk3NzM3Mzd8Y2F0PTk3NzM4NjE="
Connection
keep-alive
Cache-Control
no-cache
Referer
http://syndication.exdynsrv.com/splash.php?idzone=2325397&type=8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Wed, 11 Apr 2018 18:37:27 GMT
Server
nginx/1.7.6
Connection
close
Content-Length
569
Content-Type
text/html

Redirect headers

Location
https://www.junbi-tracker.com/meta.py?cam=9773737&cat=9773861&subid=k-gjl8f8jlj499a6t.6ge3tutwu1y
Date
Wed, 11 Apr 2018 18:37:27 GMT
Connection
close
Server
nginx/1.7.6
Set-Cookie
junbi="c3ViaWQ9c2hvcnRlbmVydHJhZmZpYzIuY29tLTIzMjUzOTd8Y2FtPTk3NzM3Mzd8Y2F0PTk3NzM4NjE="; Max-Age=1209600
Content-Length
0
Content-Type
text/html
/
/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt
Redirect Chain
  • https://record.mansionaffiliates.com/_ul3aHdw8Q3v_a-uB2av0QWNd7ZgqdRLk/1/?payload=9773737_9773861_k-gjl8f8jlj499a6t.6ge3tutwu1y
  • https://api.casino.com/map/?token=EO2kYxnPr6I5ZIM7ZhHhTWNd7ZgqdRLk&affiliate=539125&campaign=1&plan=1&media=&object=29585&setup=2549&payload=9773737_9773861_k-gjl8f8jlj499a6t.6ge3tutwu1y&destinatio...
  • https://api.casino.com/map?token=EO2kYxnPr6I5ZIM7ZhHhTWNd7ZgqdRLk&affiliate=539125&campaign=1&plan=1&media=&object=29585&setup=2549&payload=9773737_9773861_k-gjl8f8jlj499a6t.6ge3tutwu1y&destination...
  • https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
28 KB
8 KB
Document
General
Full URL
https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.253.244.207 , United States, ASN36408 (CDNETWORKSUS-02 - CDNetworks Inc., US),
Reverse DNS
Software
PWS/8.3.1.0.11 /
Resource Hash
efc514d50e2925cc4952084a096051ef598cc8cdba6114e049e32368c7db32fe

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
join.casino.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://www.junbi-tracker.com/meta.py?cam=9773737&cat=9773861&subid=k-gjl8f8jlj499a6t.6ge3tutwu1y
Cookie
visid_incap_1298672=8Krd6z7YQYabQjAhIkos4+hVzloAAAAAQUIPAAAAAABvoXmPFsOYbEHOX2G04N5N; incap_ses_340_1298672=p/ZLBLp8VGs3LNDiuey3BOhVzloAAAAAjzO8QMF2f+7KBS7qQDdWkA==; affiliate_id=539125; campaign_id=1; plan_id=1; payload=9773737_9773861_k-gjl8f8jlj499a6t.6ge3tutwu1y; mts_guid=8813b110-a9f8-484c-a49c-a1b229bc32ac; mts_session=%5B%7B%22brand%22%3A%22casino.com%22%2C%22channel%22%3A%7B%22traffic_source%22%3A%22AFFILIATE%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.junbi-tracker.com%2Fmeta.py%3Fcam%3D9773737%5Cu0026cat%3D9773861%5Cu0026subid%3Dk-gjl8f8jlj499a6t.6ge3tutwu1y%22%2C%22custom_data%22%3A%22%257B%2522session%2522%253A%257B%2522token%2522%253A%2522EO2kYxnPr6I5ZIM7ZhHhTWNd7ZgqdRLk%2522%252C%2522affiliate_id%2522%253A539125%252C%2522campaign_id%2522%253A1%252C%2522plan%2522%253A1%252C%2522object_id%2522%253A29585%252C%2522setup%2522%253A2549%252C%2522payload%2522%253A%25229773737_9773861_k-gjl8f8jlj499a6t.6ge3tutwu1y%2522%252C%2522destination%2522%253A%2522https%253A%252F%252Fjoin.casino.com%252Fde%252Flp%252Fsteps%252Faff%252F100to400%252Fcashback%252F5229%252Feur%252Fadv%252Fopt%252F%2522%252C%2522query_string%2522%253A%2522payload%253D9773737_9773861_k-gjl8f8jlj499a6t.6ge3tutwu1y%2522%252C%2522traffic_source%2522%253A%2522AFFILIATE%2522%252C%2522referer%2522%253A%2522https%253A%252F%252Fwww.junbi-tracker.com%252Fmeta.py%253Fcam%253D9773737%255Cu0026cat%253D9773861%255Cu0026subid%253Dk-gjl8f8jlj499a6t.6ge3tutwu1y%2522%257D%257D%22%7D%2C%22timestamp%22%3A1523471848%7D%5D; mts_traffic_source=AFFILIATE; token=EO2kYxnPr6I5ZIM7ZhHhTWNd7ZgqdRLk; object_id=29585; setup_id=2549
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.junbi-tracker.com/meta.py?cam=9773737&cat=9773861&subid=k-gjl8f8jlj499a6t.6ge3tutwu1y
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 11 Apr 2018 18:37:28 GMT
Content-Encoding
gzip
Server
PWS/8.3.1.0.11
Vary
Accept-Encoding
Content-Type
text/html;charset=UTF-8
Cache-Control
max-age=0, no-store
X-Px
ms h0-s4008.p11-fra ( h0-s4003.p11-fra), ms h0-s4003.p11-fra ( origin)
Connection
keep-alive
Content-Length
7506
Expires
Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

Date
Wed, 11 Apr 2018 18:37:28 GMT
X-CDN
Incapsula
Location
https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
X-Iinfo
8-6600695-6600717 SNNN RT(1523471848149 117) q(0 0 0 -1) r(1 1) U5
Set-Cookie
affiliate_id=539125; Path=/; Domain=casino.com; Expires=Sat, 14 Apr 2018 18:37:28 GMT campaign_id=1; Path=/; Domain=casino.com; Expires=Sat, 14 Apr 2018 18:37:28 GMT plan_id=1; Path=/; Domain=casino.com; Expires=Sat, 14 Apr 2018 18:37:28 GMT payload=9773737_9773861_k-gjl8f8jlj499a6t.6ge3tutwu1y; Path=/; Domain=casino.com; Expires=Sat, 14 Apr 2018 18:37:28 GMT mts_guid=8813b110-a9f8-484c-a49c-a1b229bc32ac; Path=/; Domain=casino.com; Expires=Thu, 11 Apr 2019 18:37:28 GMT mts_session=%5B%7B%22brand%22%3A%22casino.com%22%2C%22channel%22%3A%7B%22traffic_source%22%3A%22AFFILIATE%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.junbi-tracker.com%2Fmeta.py%3Fcam%3D9773737%5Cu0026cat%3D9773861%5Cu0026subid%3Dk-gjl8f8jlj499a6t.6ge3tutwu1y%22%2C%22custom_data%22%3A%22%257B%2522session%2522%253A%257B%2522token%2522%253A%2522EO2kYxnPr6I5ZIM7ZhHhTWNd7ZgqdRLk%2522%252C%2522affiliate_id%2522%253A539125%252C%2522campaign_id%2522%253A1%252C%2522plan%2522%253A1%252C%2522object_id%2522%253A29585%252C%2522setup%2522%253A2549%252C%2522payload%2522%253A%25229773737_9773861_k-gjl8f8jlj499a6t.6ge3tutwu1y%2522%252C%2522destination%2522%253A%2522https%253A%252F%252Fjoin.casino.com%252Fde%252Flp%252Fsteps%252Faff%252F100to400%252Fcashback%252F5229%252Feur%252Fadv%252Fopt%252F%2522%252C%2522query_string%2522%253A%2522payload%253D9773737_9773861_k-gjl8f8jlj499a6t.6ge3tutwu1y%2522%252C%2522traffic_source%2522%253A%2522AFFILIATE%2522%252C%2522referer%2522%253A%2522https%253A%252F%252Fwww.junbi-tracker.com%252Fmeta.py%253Fcam%253D9773737%255Cu0026cat%253D9773861%255Cu0026subid%253Dk-gjl8f8jlj499a6t.6ge3tutwu1y%2522%257D%257D%22%7D%2C%22timestamp%22%3A1523471848%7D%5D; Path=/; Domain=casino.com; Expires=Sat, 14 Apr 2018 18:37:28 GMT mts_traffic_source=AFFILIATE; Path=/; Domain=casino.com; Expires=Sat, 14 Apr 2018 18:37:28 GMT token=EO2kYxnPr6I5ZIM7ZhHhTWNd7ZgqdRLk; Path=/; Domain=casino.com; Expires=Sat, 14 Apr 2018 18:37:28 GMT object_id=29585; Path=/; Domain=casino.com; Expires=Sat, 14 Apr 2018 18:37:28 GMT setup_id=2549; Path=/; Domain=casino.com; Expires=Sat, 14 Apr 2018 18:37:28 GMT visid_incap_1298672=8Krd6z7YQYabQjAhIkos4+hVzloAAAAAQUIPAAAAAABvoXmPFsOYbEHOX2G04N5N; expires=Thu, 11 Apr 2019 13:25:52 GMT; path=/; Domain=.casino.com incap_ses_340_1298672=p/ZLBLp8VGs3LNDiuey3BOhVzloAAAAAjzO8QMF2f+7KBS7qQDdWkA==; path=/; Domain=.casino.com ___utmvbKPuoViVB=a; Max-Age=0; path=/; expires=Tue, 10 Apr 2018 13:23:41 GMT ___utmvmKPuoViVB=a; Max-Age=0; path=/; expires=Tue, 10 Apr 2018 13:23:41 GMT
Content-Length
111
steps.css?v=1523366074870
cache.mansion.com/system/cc/css
18 KB
4 KB
Stylesheet
General
Full URL
https://cache.mansion.com/system/cc/css/steps.css?v=1523366074870
Requested by
Host: join.casino.com
URL: https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
Protocol
HTTP/1.1
Server
148.253.245.144 , United States, ASN36408 (CDNETWORKSUS-02 - CDNetworks Inc., US),
Reverse DNS
Software
PWS/8.3.1.0.11 /
Resource Hash
edc821ccabf1f8c1d3ebd83643326aec1bd72a33637b0ca0a64ff54cbe4d787c

Request headers

Referer
https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Wed, 11 Apr 2018 18:37:29 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Apr 2018 07:03:59 GMT
Server
PWS/8.3.1.0.11
Age
41570
ETag
"5acdb35f-472a"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
X-Px
ht h0-s4011.p11-fra.cdngp.net
Connection
keep-alive
Content-Length
3984
Px-Uncompress-Origin
18218
Expires
Wed, 18 Apr 2018 07:04:39 GMT
api_dynamic.js
cdn.dynamicyield.com/api/8766445
646 KB
92 KB
Script
General
Full URL
https://cdn.dynamicyield.com/api/8766445/api_dynamic.js
Requested by
Host: join.casino.com
URL: https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
Protocol
HTTP/1.1
Server
23.67.133.228 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-67-133-228.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f61938706957edfdaf3a5ff72012aa0fc9254e9ddca1dd59f08a72e9b1f88d97

Request headers

Referer
https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Wed, 11 Apr 2018 18:37:28 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Apr 2018 14:18:05 GMT
Server
AmazonS3
ETag
"4ca94dcc944fd325ba444ab6e6233a6f"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=300
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
93642
Expires
Wed, 11 Apr 2018 18:42:28 GMT
api_static.js
cdn.dynamicyield.com/api/8766445
225 KB
63 KB
Script
General
Full URL
https://cdn.dynamicyield.com/api/8766445/api_static.js
Requested by
Host: join.casino.com
URL: https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
Protocol
HTTP/1.1
Server
23.67.133.228 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-67-133-228.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
66159eaffa72cc13b12af20c2cb9c4346abe71bf53a0049f1a32d960772c8eef

Request headers

Referer
https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Wed, 11 Apr 2018 18:37:28 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Apr 2018 14:18:05 GMT
Server
AmazonS3
ETag
"abd18d1e22233da9bd853c3a9571ae83"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
64519
Expires
Wed, 11 Apr 2018 19:37:28 GMT
steps-logo.png?v=1523366074870
cache.mansion.com/system/cc/img/templates
5 KB
6 KB
Image
General
Full URL
https://cache.mansion.com/system/cc/img/templates/steps-logo.png?v=1523366074870
Requested by
Host: join.casino.com
URL: https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
Protocol
HTTP/1.1
Server
148.253.245.144 , United States, ASN36408 (CDNETWORKSUS-02 - CDNetworks Inc., US),
Reverse DNS
Software
PWS/8.3.1.0.11 /
Resource Hash
4a9d62c22af1c7176061593b7823ad1b21806c565e60814891dbb9d6f9894e1d

Request headers

Referer
https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Wed, 11 Apr 2018 18:37:29 GMT
Last-Modified
Wed, 08 Mar 2017 07:02:17 GMT
Server
PWS/8.3.1.0.11
Age
375888
ETag
"58bfac79-15da"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
X-Px
ht h0-s4011.p11-fra.cdngp.net
Connection
keep-alive
Content-Length
5594
Expires
Sat, 14 Apr 2018 10:12:41 GMT
trust-icons_de.png
cache.mansion.com/cc/www/img/lp/trust
5 KB
6 KB
Image
General
Full URL
https://cache.mansion.com/cc/www/img/lp/trust/trust-icons_de.png
Requested by
Host: join.casino.com
URL: https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
Protocol
HTTP/1.1
Server
148.253.245.144 , United States, ASN36408 (CDNETWORKSUS-02 - CDNetworks Inc., US),
Reverse DNS
Software
PWS/8.3.1.0.11 /
Resource Hash
5ec154de365262d830480b3563ccdf8b40f51f30aafa6572a6c640ecfa0f1337

Request headers

Referer
https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Wed, 11 Apr 2018 18:37:29 GMT
Last-Modified
Thu, 20 Oct 2016 10:44:41 GMT
Server
PWS/8.3.1.0.11
Age
68423
ETag
"5808a019-1560"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
X-Px
ht h0-s4011.p11-fra.cdngp.net
Connection
keep-alive
Content-Length
5472
Expires
Tue, 17 Apr 2018 23:37:06 GMT
jackpot.js?v=1523366074870
cache.mansion.com/system/cc/js
10 KB
4 KB
Script
General
Full URL
https://cache.mansion.com/system/cc/js/jackpot.js?v=1523366074870
Requested by
Host: join.casino.com
URL: https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
Protocol
HTTP/1.1
Server
148.253.245.144 , United States, ASN36408 (CDNETWORKSUS-02 - CDNetworks Inc., US),
Reverse DNS
Software
PWS/8.3.1.0.11 /
Resource Hash
70fe5fecafc20b81e33d8d83d97c0e2b676b31639795d416436dd49dbfa2ff0e

Request headers

Referer
https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Wed, 11 Apr 2018 18:37:29 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Mar 2017 07:02:17 GMT
Server
PWS/8.3.1.0.11
Age
120119
ETag
"58bfac79-2938"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
X-Px
ht h0-s4011.p11-fra.cdngp.net
Connection
keep-alive
Content-Length
3397
Px-Uncompress-Origin
10552
Expires
Tue, 17 Apr 2018 09:15:30 GMT
steps.js?v=1523366074870
cache.mansion.com/system/cc/js
9 KB
4 KB
Script
General
Full URL
https://cache.mansion.com/system/cc/js/steps.js?v=1523366074870
Requested by
Host: join.casino.com
URL: https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
Protocol
HTTP/1.1
Server
148.253.245.144 , United States, ASN36408 (CDNETWORKSUS-02 - CDNetworks Inc., US),
Reverse DNS
Software
PWS/8.3.1.0.11 /
Resource Hash
526b8874c47f6899c0ad65c4483d1f3a2e2e51ed0f102edea7dc0d3c4df716c2

Request headers

Referer
https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Wed, 11 Apr 2018 18:37:29 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Aug 2017 07:31:07 GMT
Server
PWS/8.3.1.0.11
Age
208958
ETag
"599bddbb-251d"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
X-Px
ht h0-s4011.p11-fra.cdngp.net
Connection
keep-alive
Content-Length
3353
Px-Uncompress-Origin
9501
Expires
Mon, 16 Apr 2018 08:34:51 GMT
Adblocked gtm.js?id=GTM-M3F6JR
www.googletagmanager.com
64 KB
22 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M3F6JR
Requested by
Host: join.casino.com
URL: https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
Protocol
SPDY
Server
172.217.16.200 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s08-in-f200.1e100.net
Software
Google Tag Manager (scaffolding) /
Resource Hash
2f630e79515e7e8e08d163aa39e0ab288ef23aa73c33f28ec5f00158cf7b1a71
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Wed, 11 Apr 2018 18:37:29 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
content-length
22715
x-xss-protection
1; mode=block
expires
Wed, 11 Apr 2018 18:37:29 GMT
mts.tracker.js
cache.mansion.com/common/js
39 KB
15 KB
Script
General
Full URL
https://cache.mansion.com/common/js/mts.tracker.js
Requested by
Host: join.casino.com
URL: https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
Protocol
HTTP/1.1
Server
148.253.245.144 , United States, ASN36408 (CDNETWORKSUS-02 - CDNetworks Inc., US),
Reverse DNS
Software
PWS/8.3.1.0.11 /
Resource Hash
05a5afb3903c8fa1f859ff8e3470471a539761907262283dca0e0a5c4b319059

Request headers

Referer
https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Wed, 11 Apr 2018 18:37:29 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Apr 2018 08:05:33 GMT
Server
PWS/8.3.1.0.11
Age
476043
ETag
"5ac1e44d-9d7c"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
X-Px
ht h0-s4011.p11-fra.cdngp.net
Connection
keep-alive
Content-Length
14673
Px-Uncompress-Origin
40316
Expires
Fri, 13 Apr 2018 06:23:26 GMT
st?sec=8766445&inHead=true&id=0&ref=https%3A%2F%2Fwww.junbi-tracker.com%2Fmeta.py%3Fcam%3D9773737%26cat%3D9773861%26subid%3Dk-gjl8f8jlj499a6t.6ge3tutwu1y&sr=1600x1200&altip=
st.dynamicyield.com
13 KB
3 KB
Script
General
Full URL
https://st.dynamicyield.com/st?sec=8766445&inHead=true&id=0&ref=https%3A%2F%2Fwww.junbi-tracker.com%2Fmeta.py%3Fcam%3D9773737%26cat%3D9773861%26subid%3Dk-gjl8f8jlj499a6t.6ge3tutwu1y&sr=1600x1200&altip=
Requested by
Host: syndication.exdynsrv.com
URL: http://syndication.exdynsrv.com/splash.php?idzone=2325397&type=8
Protocol
SPDY
Server
104.16.129.227 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a150605ac548fc729783ccd0faa3a056292f2eb10e5e016de8677dabe4406da

Request headers

Referer
https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Wed, 11 Apr 2018 18:37:29 GMT
content-encoding
gzip
content-type
text/javascript; charset=utf-8
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-railgun
394f61ef3c stream 0.000000 0210 e6be
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
status
200
cache-control
no-cache
cf-ray
409f9091e982232a-FRA
expires
Wed, 11 Apr 2018 18:37:28 GMT
bg-web-4479.jpg
cache.mansion.com/cc/www/img/lp/plenty-of-fortune-generic
238 KB
239 KB
Image
General
Full URL
https://cache.mansion.com/cc/www/img/lp/plenty-of-fortune-generic/bg-web-4479.jpg
Requested by
Host: join.casino.com
URL: https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
Protocol
HTTP/1.1
Server
148.253.245.144 , United States, ASN36408 (CDNETWORKSUS-02 - CDNetworks Inc., US),
Reverse DNS
Software
PWS/8.3.1.0.11 /
Resource Hash
e44280dfdc205543de89edba88b15aebb1b06bbce9d0d3f98caa043fd94efd12

Request headers

Referer
https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Wed, 11 Apr 2018 18:37:29 GMT
Last-Modified
Tue, 21 Mar 2017 00:11:28 GMT
Server
PWS/8.3.1.0.11
Age
224407
ETag
"58d06fb0-3b9f1"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
X-Px
ht h0-s4011.p11-fra.cdngp.net
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
244209
Expires
Mon, 16 Apr 2018 04:17:22 GMT
footer-sprite_v2.png
cache.mansion.com/system/cc/img
28 KB
28 KB
Image
General
Full URL
https://cache.mansion.com/system/cc/img/footer-sprite_v2.png
Requested by
Host: join.casino.com
URL: https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
Protocol
HTTP/1.1
Server
148.253.245.144 , United States, ASN36408 (CDNETWORKSUS-02 - CDNetworks Inc., US),
Reverse DNS
Software
PWS/8.3.1.0.11 /
Resource Hash
c9231702f1baa01fa4216c9ca075650c5f18f63dfa6861b88a1b2e20fc20209a

Request headers

Referer
https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Wed, 11 Apr 2018 18:37:29 GMT
Last-Modified
Wed, 15 Mar 2017 13:59:04 GMT
Server
PWS/8.3.1.0.11
Age
214618
ETag
"58c948a8-6f85"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
X-Px
ht h0-s4011.p11-fra.cdngp.net
Connection
keep-alive
Content-Length
28549
Expires
Mon, 16 Apr 2018 07:00:31 GMT
web-4479-3.png
cache.mansion.com/cc/www/img/lp/plenty-of-fortune-generic
349 KB
349 KB
Image
General
Full URL
https://cache.mansion.com/cc/www/img/lp/plenty-of-fortune-generic/web-4479-3.png
Requested by
Host: join.casino.com
URL: https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
Protocol
HTTP/1.1
Server
148.253.245.144 , United States, ASN36408 (CDNETWORKSUS-02 - CDNetworks Inc., US),
Reverse DNS
Software
PWS/8.3.1.0.11 /
Resource Hash
20bac87f4ee8fbefa4d0a8c67773c0850ee10d5857c8ee860996995ebba75c60

Request headers

Referer
https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Wed, 11 Apr 2018 18:37:29 GMT
Last-Modified
Tue, 21 Mar 2017 00:11:28 GMT
Server
PWS/8.3.1.0.11
Age
214176
ETag
"58d06fb0-572c2"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
X-Px
ht h0-s4011.p11-fra.cdngp.net
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
357058
Expires
Mon, 16 Apr 2018 07:07:53 GMT
web-4479-2.png
cache.mansion.com/cc/www/img/lp/plenty-of-fortune-generic
554 KB
554 KB
Image
General
Full URL
https://cache.mansion.com/cc/www/img/lp/plenty-of-fortune-generic/web-4479-2.png
Requested by
Host: join.casino.com
URL: https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
Protocol
HTTP/1.1
Server
148.253.245.144 , United States, ASN36408 (CDNETWORKSUS-02 - CDNetworks Inc., US),
Reverse DNS
Software
PWS/8.3.1.0.11 /
Resource Hash
b3856f4e7d9c01f5279f835dfb7b2e9e4205c10e895217ba2a1ff3876b3a112a

Request headers

Referer
https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Wed, 11 Apr 2018 18:37:29 GMT
Last-Modified
Wed, 22 Mar 2017 09:44:52 GMT
Server
PWS/8.3.1.0.11
Age
422043
ETag
"58d24794-8a7c1"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
X-Px
ht h0-s4011.p11-fra.cdngp.net
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
567233
Expires
Fri, 13 Apr 2018 21:23:26 GMT
web-4479-1.png
cache.mansion.com/cc/www/img/lp/plenty-of-fortune-generic
632 KB
632 KB
Image
General
Full URL
https://cache.mansion.com/cc/www/img/lp/plenty-of-fortune-generic/web-4479-1.png
Requested by
Host: join.casino.com
URL: https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
Protocol
HTTP/1.1
Server
148.253.245.17 , United States, ASN36408 (CDNETWORKSUS-02 - CDNetworks Inc., US),
Reverse DNS
Software
PWS/8.3.1.0.11 /
Resource Hash
92b0a6842a06210db1405133f973f349ce0e5c656850f04e1f4da96d7f01f34a

Request headers

Referer
https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Wed, 11 Apr 2018 18:37:29 GMT
Last-Modified
Tue, 21 Mar 2017 00:11:24 GMT
Server
PWS/8.3.1.0.11
Age
388975
ETag
"58d06fac-9e011"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
X-Px
ht h0-s4009.p11-fra.cdngp.net
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
647185
Expires
Sat, 14 Apr 2018 06:34:34 GMT
Gotham-book.woff2?v=2018-04-10
cache.mansion.com/system/cc/fonts
11 KB
12 KB
Font
General
Full URL
https://cache.mansion.com/system/cc/fonts/Gotham-book.woff2?v=2018-04-10
Requested by
Host: join.casino.com
URL: https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
Protocol
HTTP/1.1
Server
148.253.245.17 , United States, ASN36408 (CDNETWORKSUS-02 - CDNetworks Inc., US),
Reverse DNS
Software
PWS/8.3.1.0.11 /
Resource Hash
fc6575cbbf14ecac28a8eeac1d71c5d5bf0797c536a323f3d070c0ebb4780534

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Referer
https://cache.mansion.com/system/cc/css/steps.css?v=1523366074870
Origin
https://join.casino.com

Response headers

Date
Wed, 11 Apr 2018 18:37:29 GMT
Last-Modified
Wed, 08 Mar 2017 07:02:18 GMT
Server
PWS/8.3.1.0.11
Age
575738
ETag
"58bfac7a-2d80"
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
X-Px
ht h0-s4009.p11-fra.cdngp.net
Connection
keep-alive
Content-Length
11648
Expires
Thu, 12 Apr 2018 02:41:51 GMT
Gotham-medium.woff2?v=2018-04-10
cache.mansion.com/system/cc/fonts
23 KB
23 KB
Font
General
Full URL
https://cache.mansion.com/system/cc/fonts/Gotham-medium.woff2?v=2018-04-10
Requested by
Host: join.casino.com
URL: https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
Protocol
HTTP/1.1
Server
148.253.245.17 , United States, ASN36408 (CDNETWORKSUS-02 - CDNetworks Inc., US),
Reverse DNS
Software
PWS/8.3.1.0.11 /
Resource Hash
d360575e6e1830e82a27d6e2356d63e0e65c7e39eedf6955f650fb16217acb1c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Referer
https://cache.mansion.com/system/cc/css/steps.css?v=1523366074870
Origin
https://join.casino.com

Response headers

Date
Wed, 11 Apr 2018 18:37:29 GMT
Last-Modified
Wed, 08 Mar 2017 07:02:17 GMT
Server
PWS/8.3.1.0.11
Age
575738
ETag
"58bfac79-5a7c"
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
X-Px
ht h0-s4009.p11-fra.cdngp.net
Connection
keep-alive
Content-Length
23164
Expires
Thu, 12 Apr 2018 02:41:51 GMT
steps.png
cache.mansion.com/system/cc/img/templates
5 KB
5 KB
Image
General
Full URL
https://cache.mansion.com/system/cc/img/templates/steps.png
Requested by
Host: join.casino.com
URL: https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
Protocol
HTTP/1.1
Server
148.253.245.144 , United States, ASN36408 (CDNETWORKSUS-02 - CDNetworks Inc., US),
Reverse DNS
Software
PWS/8.3.1.0.11 /
Resource Hash
ed0acc977927f4f26ebd61878ddac8837f43c972a2f238f84265a7ede0a03943

Request headers

Referer
https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Wed, 11 Apr 2018 18:37:29 GMT
Last-Modified
Tue, 11 Oct 2016 10:49:39 GMT
Server
PWS/8.3.1.0.11
Age
18581
ETag
"57fcc3c3-133f"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
X-Px
ht h0-s4011.p11-fra.cdngp.net
Connection
keep-alive
Content-Length
4927
Expires
Wed, 18 Apr 2018 13:27:48 GMT
Gotham-light.woff2?v=2018-04-10
cache.mansion.com/system/cc/fonts
22 KB
23 KB
Font
General
Full URL
https://cache.mansion.com/system/cc/fonts/Gotham-light.woff2?v=2018-04-10
Requested by
Host: join.casino.com
URL: https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
Protocol
HTTP/1.1
Server
148.253.245.17 , United States, ASN36408 (CDNETWORKSUS-02 - CDNetworks Inc., US),
Reverse DNS
Software
PWS/8.3.1.0.11 /
Resource Hash
ddd034852946028eee5a515f924ca47c7ffcc8fa60527018edaa20c7dd53a59a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Referer
https://cache.mansion.com/system/cc/css/steps.css?v=1523366074870
Origin
https://join.casino.com

Response headers

Date
Wed, 11 Apr 2018 18:37:29 GMT
Last-Modified
Wed, 08 Mar 2017 07:02:18 GMT
Server
PWS/8.3.1.0.11
Age
200741
ETag
"58bfac7a-59fc"
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
X-Px
ht h0-s4009.p11-fra.cdngp.net
Connection
keep-alive
Content-Length
23036
Expires
Mon, 16 Apr 2018 10:51:48 GMT
Gotham-bold.woff2?v=2018-04-10
cache.mansion.com/system/cc/fonts
22 KB
23 KB
Font
General
Full URL
https://cache.mansion.com/system/cc/fonts/Gotham-bold.woff2?v=2018-04-10
Requested by
Host: join.casino.com
URL: https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
Protocol
HTTP/1.1
Server
148.253.245.17 , United States, ASN36408 (CDNETWORKSUS-02 - CDNetworks Inc., US),
Reverse DNS
Software
PWS/8.3.1.0.11 /
Resource Hash
ec9514bd44e64be6b2579030d31ae5f335057a704fd4ad0c8c393357252f3bc9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Referer
https://cache.mansion.com/system/cc/css/steps.css?v=1523366074870
Origin
https://join.casino.com

Response headers

Date
Wed, 11 Apr 2018 18:37:29 GMT
Last-Modified
Wed, 08 Mar 2017 07:02:18 GMT
Server
PWS/8.3.1.0.11
Age
306487
ETag
"58bfac7a-590c"
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
X-Px
ht h0-s4009.p11-fra.cdngp.net
Connection
keep-alive
Content-Length
22796
Expires
Sun, 15 Apr 2018 05:29:22 GMT
casino.com2.xml.js
tickers.playtech.com/jpdata/datalink
22 KB
23 KB
Script
General
Full URL
https://tickers.playtech.com/jpdata/datalink/casino.com2.xml.js
Requested by
Host: cache.mansion.com
URL: https://cache.mansion.com/system/cc/js/jackpot.js?v=1523366074870
Protocol
HTTP/1.1
Server
213.187.229.56 Novosibirsk, Russian Federation, ASN43937 (PTNET, EE),
Reverse DNS
Software
Apache /
Resource Hash
905abb131fe883c0f9cf57b513f62b1ee5db0bd151aba8cb6003ea351a1deb36

Request headers

Referer
https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Wed, 11 Apr 2018 18:37:29 GMT
Last-Modified
Wed, 11 Apr 2018 18:26:59 GMT
Server
Apache
ETag
"5949-56996c8dad4f4"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=1000
Content-Length
22857
Adblocked collect.js?json=%7B%22GUID%22%3A%228813b110-a9f8-484c-a49c-a1b229bc32ac%22%2C%22property_bag%22%3A%7B%22user_id%22%3A%22none%22%2C%22custom_data%22%3A%7B%7D%7D%2C%22brand%22%3A%22casino.com%22%2C%2...
mts.mansion.com
190 B
504 B
Script
General
Full URL
https://mts.mansion.com/collect.js?json=%7B%22GUID%22%3A%228813b110-a9f8-484c-a49c-a1b229bc32ac%22%2C%22property_bag%22%3A%7B%22user_id%22%3A%22none%22%2C%22custom_data%22%3A%7B%7D%7D%2C%22brand%22%3A%22casino.com%22%2C%22local_timestamp%22%3A1523471849%2C%22page%22%3A%7B%22cookies%22%3A%22visid_incap_1298672%3D8Krd6z7YQYabQjAhIkos4%2BhVzloAAAAAQUIPAAAAAABvoXmPFsOYbEHOX2G04N5N%3B%20incap_ses_340_1298672%3Dp%2FZLBLp8VGs3LNDiuey3BOhVzloAAAAAjzO8QMF2f%2B7KBS7qQDdWkA%3D%3D%3B%20affiliate_id%3D539125%3B%20campaign_id%3D1%3B%20plan_id%3D1%3B%20payload%3D9773737_9773861_k-gjl8f8jlj499a6t.6ge3tutwu1y%3B%20mts_guid%3D8813b110-a9f8-484c-a49c-a1b229bc32ac%3B%20mts_session%3D%255B%257B%2522brand%2522%253A%2522casino.com%2522%252C%2522channel%2522%253A%257B%2522traffic_source%2522%253A%2522AFFILIATE%2522%252C%2522referrer%2522%253A%2522https%253A%252F%252Fwww.junbi-tracker.com%252Fmeta.py%253Fcam%253D9773737%255Cu0026cat%253D9773861%255Cu0026subid%253Dk-gjl8f8jlj499a6t.6ge3tutwu1y%2522%252C%2522custom_data%2522%253A%2522%25257B%252522session%252522%25253A%25257B%252522token%252522%25253A%252522EO2kYxnPr6I5ZIM7ZhHhTWNd7ZgqdRLk%252522%25252C%252522affiliate_id%252522%25253A539125%25252C%252522campaign_id%252522%25253A1%25252C%252522plan%252522%25253A1%25252C%252522object_id%252522%25253A29585%25252C%252522setup%252522%25253A2549%25252C%252522payload%252522%25253A%2525229773737_9773861_k-gjl8f8jlj499a6t.6ge3tutwu1y%252522%25252C%252522destination%252522%25253A%252522https%25253A%25252F%25252Fjoin.casino.com%25252Fde%25252Flp%25252Fsteps%25252Faff%25252F100to400%25252Fcashback%25252F5229%25252Feur%25252Fadv%25252Fopt%25252F%252522%25252C%252522query_string%252522%25253A%252522payload%25253D9773737_9773861_k-gjl8f8jlj499a6t.6ge3tutwu1y%252522%25252C%252522traffic_source%252522%25253A%252522AFFILIATE%252522%25252C%252522referer%252522%25253A%252522https%25253A%25252F%25252Fwww.junbi-tracker.com%25252Fmeta.py%25253Fcam%25253D9773737%25255Cu0026cat%25253D9773861%25255Cu0026subid%25253Dk-gjl8f8jlj499a6t.6ge3tutwu1y%252522%25257D%25257D%2522%257D%252C%2522timestamp%2522%253A1523471848%257D%255D%3B%20mts_traffic_source%3DAFFILIATE%3B%20token%3DEO2kYxnPr6I5ZIM7ZhHhTWNd7ZgqdRLk%3B%20object_id%3D29585%3B%20setup_id%3D2549%3B%20_dy_csc_ses%3Dt%3B%20_dy_ses_load_seq%3D63106%253A1523471849211%3B%20_dyexps%3D34193%257C369856%253A%253A0%253A1523471849236%253A63106%253A63106%253A2%253A3%253A0%257C1203335%253A461680%257C1%257C63106%253A1523471849238%3B%20_dy_c_exps%3D%3B%20_dy_soct%3D25941.30602.1523471849%3B%20referrer%3Dhttps%253A%2F%2Fwww.junbi-tracker.com%2Fmeta.py%253Fcam%253D9773737%2526cat%253D9773861%2526subid%253Dk-gjl8f8jlj499a6t.6ge3tutwu1y%3B%20banner_click%3D539125%252C%252C1%252C*%252Ctoken%253AEO2kYxnPr6I5ZIM7ZhHhTWNd7ZgqdRLk%22%2C%22request_url%22%3A%22https%3A%2F%2Fjoin.casino.com%2Fde%2Flp%2Fsteps%2Faff%2F100to400%2Fcashback%2F5229%2Feur%2Fadv%2Fopt%2F%22%2C%22title%22%3A%22casino.com%22%7D%2C%22browser%22%3A%7B%22resolution%22%3A%221600x1200%22%2C%22lang%22%3A%22en-US%22%2C%22cookie%22%3A%221%22%2C%22pdf%22%3A%220%22%2C%22quicktime%22%3A%220%22%2C%22realplayer%22%3A%220%22%2C%22windowsmedia%22%3A%220%22%2C%22director%22%3A%220%22%2C%22flash%22%3A%220%22%2C%22java%22%3A%220%22%2C%22gears%22%3A%220%22%2C%22silverlight%22%3A%220%22%2C%22html5%22%3A%220%22%2C%22is_mobile%22%3A%220%22%7D%2C%22force_last_session%22%3Afalse%2C%22force_session_id%22%3Anull%2C%22session%22%3A%7B%22channel%22%3A%7B%22traffic_source%22%3A%22AFFILIATE%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.junbi-tracker.com%2Fmeta.py%3Fcam%3D9773737%26cat%3D9773861%26subid%3Dk-gjl8f8jlj499a6t.6ge3tutwu1y%22%2C%22custom_data%22%3A%22%257B%2522session%2522%253A%257B%2522token%2522%253A%2522EO2kYxnPr6I5ZIM7ZhHhTWNd7ZgqdRLk%2522%252C%2522affiliate_id%2522%253A539125%252C%2522campaign_id%2522%253A1%252C%2522plan%2522%253A1%252C%2522object_id%2522%253A29585%252C%2522setup%2522%253A2549%252C%2522payload%2522%253A%25229773737_9773861_k-gjl8f8jlj499a6t.6ge3tutwu1y%2522%252C%2522destination%2522%253A%2522https%253A%252F%252Fjoin.casino.com%252Fde%252Flp%252Fsteps%252Faff%252F100to400%252Fcashback%252F5229%252Feur%252Fadv%252Fopt%252F%2522%252C%2522query_string%2522%253A%2522payload%253D9773737_9773861_k-gjl8f8jlj499a6t.6ge3tutwu1y%2522%252C%2522traffic_source%2522%253A%2522AFFILIATE%2522%252C%2522referer%2522%253A%2522https%253A%252F%252Fwww.junbi-tracker.com%252Fmeta.py%253Fcam%253D9773737%255Cu0026cat%253D9773861%255Cu0026subid%253Dk-gjl8f8jlj499a6t.6ge3tutwu1y%2522%257D%257D%22%7D%7D%2C%22events%22%3A%5B%7B%22type%22%3A%22page-view%22%2C%22name%22%3A%22page%22%2C%22local_timestamp%22%3A1523471849%2C%22custom_data%22%3A%7B%7D%7D%5D%2C%22timezone_offset%22%3A0%7D&callback=MTSTracker.INSTANCE.response&onerror=MTSTracker.INSTANCE.onerror
Requested by
Host: cache.mansion.com
URL: https://cache.mansion.com/common/js/mts.tracker.js
Protocol
HTTP/1.1
Server
80.85.64.193 , United Kingdom, ASN15830 (TELECITY-LON, GB),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
db2ab6bfcb3f7410d0c9e32604da70ccf567dd73841097bb951bed35bcf22329
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Wed, 11 Apr 2018 18:37:29 GMT
Server
nginx/1.12.2
Connection
keep-alive
Etag
"fd46291e884aac973f0f8e8daae07ddf0924100e"
Content-Length
190
Content-Type
application/javascript
Adblocked analytics.js
www.google-analytics.com
35 KB
14 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3F6JR
Protocol
SPDY
Server
172.217.16.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s08-in-f206.1e100.net
Software
Golfe2 /
Resource Hash
f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 13 Nov 2017 20:19:12 GMT
server
Golfe2
age
6921
date
Wed, 11 Apr 2018 16:42:08 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
content-length
14597
expires
Wed, 11 Apr 2018 18:42:08 GMT
Adblocked hotjar-379065.js?sv=5
static.hotjar.com/c
6 KB
2 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-379065.js?sv=5
Requested by
Host: syndication.exdynsrv.com
URL: http://syndication.exdynsrv.com/splash.php?idzone=2325397&type=8
Protocol
SPDY
Server
94.31.29.254 , United Kingdom, ASN6461 (ZAYO-6461 - Zayo Bandwidth, US),
Reverse DNS
94.31.29.254.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
1f07316b68905085a7cd9d800968987bb17729f4725761eba65095f5c5168f50
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

x-cache-hit
1
date
Wed, 11 Apr 2018 18:37:29 GMT
content-encoding
gzip
status
200
server
NetDNA-cache/2.2
x-frame-options
SAMEORIGIN
etag
W/7ad6fbaabd71a3bee888111d4f79792d
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=60
access-control-allow-headers
content-type
Adblocked cooladata-latest.min.js
cdn.cooladata.com/tracking
14 KB
6 KB
Script
General
Full URL
https://cdn.cooladata.com/tracking/cooladata-latest.min.js
Requested by
Host: syndication.exdynsrv.com
URL: http://syndication.exdynsrv.com/splash.php?idzone=2325397&type=8
Protocol
HTTP/1.1
Server
151.101.112.64 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a550fc52eb6f0646df7aaa9a56f61cca73bad435e50e4fdb9e97dc0a3f715e83
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Wed, 11 Apr 2018 18:37:29 GMT
Content-Encoding
gzip
Age
62441
X-Cache
HIT
Connection
keep-alive
Content-Length
5258
x-amz-id-2
/3d47A7f/9vmIBDcM+09520sbpWyyxhkLxaLivBCcuuxeLFD4pezLhlvupGO8g4lXI5SYN2HANY=
X-Served-By
cache-hhn1531-HHN
Last-Modified
Tue, 19 Dec 2017 12:52:40 GMT
Server
AmazonS3
X-Timer
S1523471849.434074,VS0,VE0
ETag
"f466f9157370960ab36f11299681f221"
Vary
Accept-Encoding
x-amz-request-id
61D58BBA9AC559AD
Via
1.1 varnish
Cache-Control
max-age=86400
Accept-Ranges
bytes
Content-Type
application/javascript
X-Cache-Hits
610
Adblocked w.js
d10lpsik1i8c69.cloudfront.net
3 KB
2 KB
Script
General
Full URL
https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by
Host: syndication.exdynsrv.com
URL: http://syndication.exdynsrv.com/splash.php?idzone=2325397&type=8
Protocol
SPDY
Server
52.222.149.94 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-149-94.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e29e32ae1d1351d4b64d7cd1d156b1a1eae3bd26ed823f84f06696d59a9ac4bd
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Mon, 09 Apr 2018 18:39:23 GMT
content-encoding
gzip
last-modified
Mon, 09 Apr 2018 18:39:21 GMT
server
AmazonS3
age
3487
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=3600
x-amz-cf-id
Tcp9zWIz9NDRxiM7fj8ykrRgbxyxdm5VWMlepWsLzU7PCrAkPqEy-Q==
via
1.1 9edca61f65102033971d096a9351690a.cloudfront.net (CloudFront)
Adblocked 8967.js
script.crazyegg.com/pages/scripts/0073
86 KB
29 KB
Script
General
Full URL
https://script.crazyegg.com/pages/scripts/0073/8967.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3F6JR
Protocol
HTTP/1.1
Server
13.32.144.73 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-144-73.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c61d8cfecb76bddb4f44836e19f939ef416cab62bc739e50d0fe21ab2489c089
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Wed, 11 Apr 2018 02:29:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Apr 2018 02:29:02 GMT
Server
AmazonS3
Age
230
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 170fdbe261f5e85186a08817806feba2.cloudfront.net (CloudFront)
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
X-Amz-Cf-Id
YkxfM8oBEW46m0Q4LDkMSBYwGQx-THDAgKq0nG4y7wzMznQdiecN2w==
dy-coll-min.js
static.dynamicyield.com/scripts/12299
266 KB
84 KB
Script
General
Full URL
https://static.dynamicyield.com/scripts/12299/dy-coll-min.js
Requested by
Host: st.dynamicyield.com
URL: https://st.dynamicyield.com/st?sec=8766445&inHead=true&id=0&ref=https%3A%2F%2Fwww.junbi-tracker.com%2Fmeta.py%3Fcam%3D9773737%26cat%3D9773861%26subid%3Dk-gjl8f8jlj499a6t.6ge3tutwu1y&sr=1600x1200&altip=
Protocol
HTTP/1.1
Server
146.185.16.178 , United Kingdom, ASN13213 (UK2NET-AS, GB),
Reverse DNS
92b910b2.rdns.100tb.com
Software
nginx/1.8.0 /
Resource Hash
c98cce4d508443e3640d3e0c2ebbba0e5cb4d53e3556c5c2bddea01d617b10b4

Request headers

Referer
https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Wed, 11 Apr 2018 18:37:29 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Mar 2018 08:54:39 GMT
Server
nginx/1.8.0
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
85217
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Adblocked collect?v=1&aip=1&t=dc&_r=3&tid=UA-11490806-1&cid=1914816336.1523471850&jid=1491158091&_gid=1651894937.1523471850&gjid=1474039579&_v=j66&z=53403200
stats.g.doubleclick.net/r
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j66&a=1867624959&t=pageview&_s=1&dl=https%3A%2F%2Fjoin.casino.com%2Fde%2Flp%2Fsteps%2Faff%2F100to400%2Fcashback%2F5229%2Feur%2Fadv%2Fopt%2F&dr=http...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-11490806-1&cid=1914816336.1523471850&jid=1491158091&_gid=1651894937.1523471850&gjid=1474039579&_v=j66&z=53403200
35 B
102 B
Image
General
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-11490806-1&cid=1914816336.1523471850&jid=1491158091&_gid=1651894937.1523471850&gjid=1474039579&_v=j66&z=53403200
Requested by
Host: join.casino.com
URL: https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
Protocol
SPDY
Server
74.125.206.155 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
wk-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 11 Apr 2018 18:37:29 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 11 Apr 2018 18:37:29 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-11490806-1&cid=1914816336.1523471850&jid=1491158091&_gid=1651894937.1523471850&gjid=1474039579&_v=j66&z=53403200
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
content-length
418
expires
Fri, 01 Jan 1990 00:00:00 GMT
Adblocked modules-6790f3a9851d3ea1a2a8ed8c2225d8c7.js
script.hotjar.com
359 KB
73 KB
Script
General
Full URL
https://script.hotjar.com/modules-6790f3a9851d3ea1a2a8ed8c2225d8c7.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-379065.js?sv=5
Protocol
SPDY
Server
94.31.29.249 , United Kingdom, ASN6461 (ZAYO-6461 - Zayo Bandwidth, US),
Reverse DNS
94.31.29.249.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
92f7c4f82f0027e53d4f004bb38ed25df8e22985b6be500513d29acff078f0c6
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Wed, 11 Apr 2018 18:37:29 GMT
content-encoding
gzip
last-modified
Mon, 09 Apr 2018 18:53:17 GMT
server
NetDNA-cache/2.2
x-amz-request-id
BB3B4D894573E6B4
etag
W/"6790f3a9851d3ea1a2a8ed8c2225d8c7"
x-cache
HIT
content-type
application/javascript
status
200
cache-control
max-age=31536000
x-amz-id-2
jxs0reOMMNQuIBvra2REM8rAleNaInAIbCtHZaFLVbyqhPUnh7L4hkqhJz5rC6VuZKqlH+4Mx7M=
Adblocked ?u=https%3A%2F%2Fjoin.casino.com%2Fde%2Flp%2Fsteps%2Faff%2F100to400%2Fcashback%2F5229%2Feur%2Fadv%2Fopt%2F&s=102430
settings.luckyorange.net
0
777 B
XHR
General
Full URL
https://settings.luckyorange.net/?u=https%3A%2F%2Fjoin.casino.com%2Fde%2Flp%2Fsteps%2Faff%2F100to400%2Fcashback%2F5229%2Feur%2Fadv%2Fopt%2F&s=102430
Requested by
Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Protocol
SPDY
Server
104.24.11.90 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Access-Control-Request-Method
GET
Origin
https://join.casino.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Access-Control-Request-Headers
x-requested-with

Response headers

date
Wed, 11 Apr 2018 18:37:29 GMT
content-encoding
gzip
server
cloudflare
access-control-allow-origin
https://join.casino.com
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
status
200
cache-control
no-cache="set-cookie"
access-control-allow-credentials
true
cf-ray
409f9093dc6c2318-FRA
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
content-length
20
Adblocked __cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY...
api.cooladata.com/egw/5/hq6287vvx1fsnp2n1h1562kbaz14ciew/track
0
470 B
Image
General
Full URL
https://api.cooladata.com/egw/5/hq6287vvx1fsnp2n1h1562kbaz14ciew/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBIZWFkbGVzc0Nocm9tZS82NS4wLjMzMjUuMTgxIFNhZmFyaS81MzcuMzYiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInJlZmVycmluZ191cmwiOiAiaHR0cHM6Ly93d3cuanVuYmktdHJhY2tlci5jb20vbWV0YS5weT9jYW09OTc3MzczNyZjYXQ9OTc3Mzg2MSZzdWJpZD1rLWdqbDhmOGpsajQ5OWE2dC42Z2UzdHV0d3UxeSIsInJlZmVycmluZ19kb21haW4iOiAid3d3Lmp1bmJpLXRyYWNrZXIuY29tIiwicGFnZV90aXRsZSI6ICJjYXNpbm8uY29tIiwicGFnZV91cmwiOiAiaHR0cHM6Ly9qb2luLmNhc2luby5jb20vZGUvbHAvc3RlcHMvYWZmLzEwMHRvNDAwL2Nhc2hiYWNrLzUyMjkvZXVyL2Fkdi9vcHQvIiwidHJhY2tlcl90eXBlIjogImphdmFzY3JpcHQiLCJ0cmFja2VyX3ZlcnNpb24iOiAiMi4xLjE5IiwiZXZlbnRfbmFtZSI6ICJQYWdlIFZpZXciLCJldmVudF90aW1lc3RhbXBfZXBvY2giOiAiMTUyMzQ3MTg0OTU1NyIsImV2ZW50X3RpbWV6b25lX29mZnNldCI6IDAsInVzZXJfaWQiOiAiMTYyYjVmZjk4NTMzMi0wZWJjNGQxZGZmZDFmLTNiNmUxNjdmLTFkNGMwMC0xNjJiNWZmOTg1NDExYzQifQpdfQ==
Requested by
Host: join.casino.com
URL: https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
Protocol
HTTP/1.1
Server
52.204.37.93 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-204-37-93.compute-1.amazonaws.com
Software
Jetty(9.2.11.v20150529) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-ME
ip-10-24-10-216
Date
Wed, 11 Apr 2018 18:37:29 GMT
Server
Jetty(9.2.11.v20150529)
Access-Control-Max-Age
1800
Access-Control-Allow-Methods
GET, POST, PUT, DELETE
Content-Type
image/gif; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Origin, Content-Type, Accept
Content-Length
0
X-Application-Context
application:9090
Adblocked __cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY...
api.cooladata.com/egw/5/hq6287vvx1fsnp2n1h1562kbaz14ciew/track
0
470 B
Image
General
Full URL
https://api.cooladata.com/egw/5/hq6287vvx1fsnp2n1h1562kbaz14ciew/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBIZWFkbGVzc0Nocm9tZS82NS4wLjMzMjUuMTgxIFNhZmFyaS81MzcuMzYiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInJlZmVycmluZ191cmwiOiAiaHR0cHM6Ly93d3cuanVuYmktdHJhY2tlci5jb20vbWV0YS5weT9jYW09OTc3MzczNyZjYXQ9OTc3Mzg2MSZzdWJpZD1rLWdqbDhmOGpsajQ5OWE2dC42Z2UzdHV0d3UxeSIsInJlZmVycmluZ19kb21haW4iOiAid3d3Lmp1bmJpLXRyYWNrZXIuY29tIiwicGFnZV90aXRsZSI6ICJjYXNpbm8uY29tIiwicGFnZV91cmwiOiAiaHR0cHM6Ly9qb2luLmNhc2luby5jb20vZGUvbHAvc3RlcHMvYWZmLzEwMHRvNDAwL2Nhc2hiYWNrLzUyMjkvZXVyL2Fkdi9vcHQvIiwidHJhY2tlcl90eXBlIjogImphdmFzY3JpcHQiLCJ0cmFja2VyX3ZlcnNpb24iOiAiMi4xLjE5IiwiZXZlbnRfbmFtZSI6ICJwYWdlX2xvYWQiLCJldmVudF90aW1lc3RhbXBfZXBvY2giOiAiMTUyMzQ3MTg0OTU1OSIsImV2ZW50X3RpbWV6b25lX29mZnNldCI6IDAsInVzZXJfaWQiOiAiMTYyYjVmZjk4NTMzMi0wZWJjNGQxZGZmZDFmLTNiNmUxNjdmLTFkNGMwMC0xNjJiNWZmOTg1NDExYzQifQpdfQ==
Requested by
Host: join.casino.com
URL: https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
Protocol
HTTP/1.1
Server
52.204.37.93 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-204-37-93.compute-1.amazonaws.com
Software
Jetty(9.2.11.v20150529) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-ME
ip-10-24-10-234
Date
Wed, 11 Apr 2018 18:37:29 GMT
Server
Jetty(9.2.11.v20150529)
Access-Control-Max-Age
1800
Access-Control-Allow-Methods
GET, POST, PUT, DELETE
Content-Type
image/gif; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Origin, Content-Type, Accept
Content-Length
0
X-Application-Context
application:9090
Adblocked 288425?callback=CE2.recording.sampleResult&ts=jfvfsyi3
sample.crazyegg.com/n/738967
31 B
231 B
Script
General
Full URL
https://sample.crazyegg.com/n/738967/288425?callback=CE2.recording.sampleResult&ts=jfvfsyi3
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0073/8967.js
Protocol
HTTP/1.1
Server
54.243.109.242 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-243-109-242.compute-1.amazonaws.com
Software
nginx/1.10.2 /
Resource Hash
6bc85fe9e543e5f498e951d1a9ebb5a92386c31293aa045ed440fc152f98fe2e
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Wed, 11 Apr 2018 18:37:30 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.10.2
Connection
keep-alive
Content-Length
31
Content-Type
text/javascript;charset=utf-8
Adblocked s?u=738967&t=p71aeh
gtrk.s3.amazonaws.com
32 B
387 B
Image
General
Full URL
https://gtrk.s3.amazonaws.com/s?u=738967&t=p71aeh
Requested by
Host: join.casino.com
URL: https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
Protocol
HTTP/1.1
Server
52.216.131.147 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Wed, 11 Apr 2018 18:37:31 GMT
Last-Modified
Tue, 09 Feb 2016 23:57:19 GMT
Server
AmazonS3
x-amz-request-id
C090C44C7F4F1CFE
ETag
"776f5f447e5e03b50f3bc4d4ec78daaa"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
32
x-amz-id-2
9jvpQa9fhPQipBvdja6aOInkvhigGZmeZLjbbaShky89a7qzS4F7YfWkqwv2rdSYzyi0Xqn4zGo=
Adblocked u?u=738967&t=p71aeh
gtrk.s3.amazonaws.com
32 B
387 B
Image
General
Full URL
https://gtrk.s3.amazonaws.com/u?u=738967&t=p71aeh
Requested by
Host: join.casino.com
URL: https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
Protocol
HTTP/1.1
Server
52.216.131.147 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Wed, 11 Apr 2018 18:37:31 GMT
Last-Modified
Tue, 09 Feb 2016 23:57:32 GMT
Server
AmazonS3
x-amz-request-id
131D6562FF2A9561
ETag
"776f5f447e5e03b50f3bc4d4ec78daaa"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
32
x-amz-id-2
jItvJ6Oqjwm3DpYncyO4fs2apYpdOSBRPpIJC3skku1x8kxq5HxQT6LviOfQk1mRrXJI3vEJ34w=
Adblocked ?u=https%3A%2F%2Fjoin.casino.com%2Fde%2Flp%2Fsteps%2Faff%2F100to400%2Fcashback%2F5229%2Feur%2Fadv%2Fopt%2F&s=102430
settings.luckyorange.net
74 B
835 B
XHR
General
Full URL
https://settings.luckyorange.net/?u=https%3A%2F%2Fjoin.casino.com%2Fde%2Flp%2Fsteps%2Faff%2F100to400%2Fcashback%2F5229%2Feur%2Fadv%2Fopt%2F&s=102430
Requested by
Host: join.casino.com
URL: https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
Protocol
SPDY
Server
104.24.10.90 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5db3cf536dc26c1d8214684f7208c447b52664b2e639b9ea59bcae2181520e7c
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
Origin
https://join.casino.com
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Wed, 11 Apr 2018 18:37:29 GMT
content-encoding
gzip
vary
Accept-Encoding
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://join.casino.com
cache-control
no-cache="set-cookie"
access-control-allow-credentials
true
cf-ray
409f90954c0b2378-FRA
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
content-length
84
Adblocked uia
px.dynamicyield.com
3 B
525 B
XHR
General
Full URL
https://px.dynamicyield.com/uia
Requested by
Host: static.dynamicyield.com
URL: https://static.dynamicyield.com/scripts/12299/dy-coll-min.js
Protocol
HTTP/1.1
Server
184.73.253.255 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-184-73-253-255.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6a3cf5192354f71615ac51034b3e97c20eda99643fcaf5bbe6d41ad59bd12167
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Accept
*/*
Referer
https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
Origin
https://join.casino.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Wed, 11 Apr 2018 18:37:30 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
23
Expires
Wed, 11 Apr 2018 18:37:29 GMT
Adblocked batch?_=1523471849998_573556
px.dynamicyield.com
0
415 B
XHR
General
Full URL
https://px.dynamicyield.com/batch?_=1523471849998_573556
Requested by
Host: static.dynamicyield.com
URL: https://static.dynamicyield.com/scripts/12299/dy-coll-min.js
Protocol
HTTP/1.1
Server
23.21.124.125 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-23-21-124-125.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
Origin
https://join.casino.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 11 Apr 2018 18:37:30 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
20
Expires
Wed, 11 Apr 2018 18:37:29 GMT
Adblocked collect.js?json=%7B%22GUID%22%3A%228813b110-a9f8-484c-a49c-a1b229bc32ac%22%2C%22property_bag%22%3A%7B%22user_id%22%3A%22none%22%2C%22custom_data%22%3A%7B%7D%7D%2C%22brand%22%3A%22casino.com%22%2C%2...
mts.mansion.com
190 B
401 B
Script
General
Full URL
https://mts.mansion.com/collect.js?json=%7B%22GUID%22%3A%228813b110-a9f8-484c-a49c-a1b229bc32ac%22%2C%22property_bag%22%3A%7B%22user_id%22%3A%22none%22%2C%22custom_data%22%3A%7B%7D%7D%2C%22brand%22%3A%22casino.com%22%2C%22local_timestamp%22%3A1523471850%2C%22page%22%3A%7B%22cookies%22%3A%22visid_incap_1298672%3D8Krd6z7YQYabQjAhIkos4%2BhVzloAAAAAQUIPAAAAAABvoXmPFsOYbEHOX2G04N5N%3B%20incap_ses_340_1298672%3Dp%2FZLBLp8VGs3LNDiuey3BOhVzloAAAAAjzO8QMF2f%2B7KBS7qQDdWkA%3D%3D%3B%20affiliate_id%3D539125%3B%20campaign_id%3D1%3B%20plan_id%3D1%3B%20payload%3D9773737_9773861_k-gjl8f8jlj499a6t.6ge3tutwu1y%3B%20mts_guid%3D8813b110-a9f8-484c-a49c-a1b229bc32ac%3B%20mts_session%3D%255B%257B%2522brand%2522%253A%2522casino.com%2522%252C%2522channel%2522%253A%257B%2522traffic_source%2522%253A%2522AFFILIATE%2522%252C%2522referrer%2522%253A%2522https%253A%252F%252Fwww.junbi-tracker.com%252Fmeta.py%253Fcam%253D9773737%255Cu0026cat%253D9773861%255Cu0026subid%253Dk-gjl8f8jlj499a6t.6ge3tutwu1y%2522%252C%2522custom_data%2522%253A%2522%25257B%252522session%252522%25253A%25257B%252522token%252522%25253A%252522EO2kYxnPr6I5ZIM7ZhHhTWNd7ZgqdRLk%252522%25252C%252522affiliate_id%252522%25253A539125%25252C%252522campaign_id%252522%25253A1%25252C%252522plan%252522%25253A1%25252C%252522object_id%252522%25253A29585%25252C%252522setup%252522%25253A2549%25252C%252522payload%252522%25253A%2525229773737_9773861_k-gjl8f8jlj499a6t.6ge3tutwu1y%252522%25252C%252522destination%252522%25253A%252522https%25253A%25252F%25252Fjoin.casino.com%25252Fde%25252Flp%25252Fsteps%25252Faff%25252F100to400%25252Fcashback%25252F5229%25252Feur%25252Fadv%25252Fopt%25252F%252522%25252C%252522query_string%252522%25253A%252522payload%25253D9773737_9773861_k-gjl8f8jlj499a6t.6ge3tutwu1y%252522%25252C%252522traffic_source%252522%25253A%252522AFFILIATE%252522%25252C%252522referer%252522%25253A%252522https%25253A%25252F%25252Fwww.junbi-tracker.com%25252Fmeta.py%25253Fcam%25253D9773737%25255Cu0026cat%25253D9773861%25255Cu0026subid%25253Dk-gjl8f8jlj499a6t.6ge3tutwu1y%252522%25257D%25257D%2522%257D%252C%2522timestamp%2522%253A1523471848%257D%255D%3B%20mts_traffic_source%3DAFFILIATE%3B%20token%3DEO2kYxnPr6I5ZIM7ZhHhTWNd7ZgqdRLk%3B%20object_id%3D29585%3B%20setup_id%3D2549%3B%20_dy_csc_ses%3Dt%3B%20_dy_ses_load_seq%3D63106%253A1523471849211%3B%20_dyexps%3D34193%257C369856%253A%253A0%253A1523471849236%253A63106%253A63106%253A2%253A3%253A0%257C1203335%253A461680%257C1%257C63106%253A1523471849238%3B%20_dy_c_exps%3D%3B%20_dy_soct%3D25941.30602.1523471849%3B%20referrer%3Dhttps%253A%2F%2Fwww.junbi-tracker.com%2Fmeta.py%253Fcam%253D9773737%2526cat%253D9773861%2526subid%253Dk-gjl8f8jlj499a6t.6ge3tutwu1y%3B%20banner_click%3D539125%252C%252C1%252C*%252Ctoken%253AEO2kYxnPr6I5ZIM7ZhHhTWNd7ZgqdRLk%22%2C%22request_url%22%3A%22https%3A%2F%2Fjoin.casino.com%2Fde%2Flp%2Fsteps%2Faff%2F100to400%2Fcashback%2F5229%2Feur%2Fadv%2Fopt%2F%22%2C%22title%22%3A%22casino.com%22%7D%2C%22browser%22%3A%7B%22id%22%3A%225eb8f0bcc36a277f46591dee92b31a95%22%7D%2C%22force_last_session%22%3Afalse%2C%22force_session_id%22%3Anull%2C%22session%22%3A%7B%22channel%22%3A%7B%22traffic_source%22%3A%22AFFILIATE%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.junbi-tracker.com%2Fmeta.py%3Fcam%3D9773737%26cat%3D9773861%26subid%3Dk-gjl8f8jlj499a6t.6ge3tutwu1y%22%2C%22custom_data%22%3A%22%257B%2522session%2522%253A%257B%2522token%2522%253A%2522EO2kYxnPr6I5ZIM7ZhHhTWNd7ZgqdRLk%2522%252C%2522affiliate_id%2522%253A539125%252C%2522campaign_id%2522%253A1%252C%2522plan%2522%253A1%252C%2522object_id%2522%253A29585%252C%2522setup%2522%253A2549%252C%2522payload%2522%253A%25229773737_9773861_k-gjl8f8jlj499a6t.6ge3tutwu1y%2522%252C%2522destination%2522%253A%2522https%253A%252F%252Fjoin.casino.com%252Fde%252Flp%252Fsteps%252Faff%252F100to400%252Fcashback%252F5229%252Feur%252Fadv%252Fopt%252F%2522%252C%2522query_string%2522%253A%2522payload%253D9773737_9773861_k-gjl8f8jlj499a6t.6ge3tutwu1y%2522%252C%2522traffic_source%2522%253A%2522AFFILIATE%2522%252C%2522referer%2522%253A%2522https%253A%252F%252Fwww.junbi-tracker.com%252Fmeta.py%253Fcam%253D9773737%255Cu0026cat%253D9773861%255Cu0026subid%253Dk-gjl8f8jlj499a6t.6ge3tutwu1y%2522%257D%257D%22%7D%7D%2C%22events%22%3A%5B%7B%22type%22%3A%22page-view%22%2C%22name%22%3A%22load%22%2C%22local_timestamp%22%3A1523471850%2C%22custom_data%22%3A%7B%7D%7D%5D%2C%22timezone_offset%22%3A0%7D&callback=MTSTracker.INSTANCE.response&onerror=MTSTracker.INSTANCE.onerror
Requested by
Host: cache.mansion.com
URL: https://cache.mansion.com/common/js/mts.tracker.js
Protocol
HTTP/1.1
Server
80.85.64.193 , United Kingdom, ASN15830 (TELECITY-LON, GB),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
db2ab6bfcb3f7410d0c9e32604da70ccf567dd73841097bb951bed35bcf22329
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Wed, 11 Apr 2018 18:37:30 GMT
Server
nginx/1.12.2
Connection
keep-alive
Etag
"fd46291e884aac973f0f8e8daae07ddf0924100e"
Content-Length
190
Content-Type
application/javascript

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 1
  • http://syndication.exdynsrv.com/splash.php?idzone=2325397&type=8&p=http%3A%2F%2Fshortenertraffic2.com&tested=1&check=530b0d3f0177bb2826981b06b6386dfe&screen_resolution=1600x1200&container_resolutio...
  • https://www.junbi-tracker.com/nref.py?cam=9773737&cat=9773861&subid=shortenertraffic2.com-2325397
  • https://www.junbi-tracker.com/meta.py?cam=9773737&cat=9773861&subid=k-gjl8f8jlj499a6t.6ge3tutwu1y
Request 2
  • https://record.mansionaffiliates.com/_ul3aHdw8Q3v_a-uB2av0QWNd7ZgqdRLk/1/?payload=9773737_9773861_k-gjl8f8jlj499a6t.6ge3tutwu1y
  • https://api.casino.com/map/?token=EO2kYxnPr6I5ZIM7ZhHhTWNd7ZgqdRLk&affiliate=539125&campaign=1&plan=1&media=&object=29585&setup=2549&payload=9773737_9773861_k-gjl8f8jlj499a6t.6ge3tutwu1y&destinatio...
  • https://api.casino.com/map?token=EO2kYxnPr6I5ZIM7ZhHhTWNd7ZgqdRLk&affiliate=539125&campaign=1&plan=1&media=&object=29585&setup=2549&payload=9773737_9773861_k-gjl8f8jlj499a6t.6ge3tutwu1y&destination...
  • https://join.casino.com/de/lp/steps/aff/100to400/cashback/5229/eur/adv/opt/
Request 31
  • https://www.google-analytics.com/r/collect?v=1&_v=j66&a=1867624959&t=pageview&_s=1&dl=https%3A%2F%2Fjoin.casino.com%2Fde%2Flp%2Fsteps%2Faff%2F100to400%2Fcashback%2F5229%2Feur%2Fadv%2Fopt%2F&dr=http...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-11490806-1&cid=1914816336.1523471850&jid=1491158091&_gid=1651894937.1523471850&gjid=1474039579&_v=j66&z=53403200

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer number| MTSreadyStateCheckInterval object| DYExps object| DY object| DYO object| _dy_memStore object| DYJSON function| format2currency function| $1 object| JackpotManager object| scripts object| myscript object| TickerList function| EmptyFunc object| Class function| HLComm function| Ticker object| jackpotsRun object| d boolean| isTouchDevice object| termsAndConditionsText object| theMain object| figuresImages number| count number| currentImage number| nextImage function| buildOffer number| slideshowInterval function| FontFaceObserver function| getParameterByName function| startStepsJackpot string| deviceType object| swfobject object| xPhp boolean| MTS_DEBUG object| MTSTracker object| MTS_Logger object| MTS_Date object| MTS_Validator object| MTS_GUIDManager object| MTS_BrowserCookie object| MTS_SessionBrowserCookie object| MTS_FlashCookie object| MTS_CookieManager object| MTS_Browser object| MTS_PageData object| MTS_SIDDetector object| MTS_AffiliateCookieDetector object| MTS_TrafficSourceDetector object| MTS_Session object| MTS_EventStack object| MTS_Event object| MTS_PropertyBag undefined| tURL undefined| brand undefined| guid undefined| sendPageViewEvent object| mtsTracker function| initMtsTracker function| DownloadCasinoSetup object| isMobile object| google_tag_manager string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings object| cooladata number| __lo_site_id object| DYWork function| $dy object| gaplugins object| gaGlobal object| gaData object| hjSiteSettings function| hjBootstrap boolean| __lo_cs_added object| CE2 string| __INDIVIDUAL_ONE_VERSION_ev-store_ENFORCE_SINGLETON undefined| __INDIVIDUAL_ONE_VERSION_ev-store function| timer object| $dy171047300217086269325 object| __lo_settings

40 Cookies

Domain/Path Name / Value
.join.casino.com/ Name: _dyprdobj
Value:
.casino.com/ Name: _dy_toffset
Value: 0
.join.casino.com/ Name: _dy_tsrc
Value: Referral
.join.casino.com/ Name: _dy_device
Value: %7B%22brand%22%3A%22Other%22%2C%22type%22%3A%22desktop%22%7D
.casino.com/ Name: _dy_df_geo
Value: Germany..
.casino.com/ Name: _dy_geo
Value: DE.EU.DE_.DE__
.casino.com/ Name: _dyuss_8766445
Value: 1
.casino.com/ Name: _dyfs
Value: true
.casino.com/ Name: _dyid
Value: 2616591655608669673
.casino.com/ Name: _dyus_8766445
Value: 0%7C0%7C0%7C0%7C0%7C0.0.1523471849887.1523471849887.0.0%7C100%7C15%7C3%7C118%7C1%7C0%7C0%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C0
.join.casino.com/ Name: _ceg.s
Value: p71aeh
.casino.com/ Name: mts_guid
Value: 8813b110-a9f8-484c-a49c-a1b229bc32ac
.casino.com/ Name: cd_user_id
Value: 162b5ff985332-0ebc4d1dffd1f-3b6e167f-1d4c00-162b5ff985411c4
.join.casino.com/ Name: _ceg.u
Value: p71aeh
.casino.com/ Name: referrer
Value: https%3A//www.junbi-tracker.com/meta.py%3Fcam%3D9773737%26cat%3D9773861%26subid%3Dk-gjl8f8jlj499a6t.6ge3tutwu1y
.casino.com/ Name: _dy_soct
Value: 25941.30602.1523471849
.casino.com/ Name: mts_browser_id
Value: 5eb8f0bcc36a277f46591dee92b31a95
.join.casino.com/ Name: _ga
Value: GA1.3.1914816336.1523471850
.casino.com/ Name: setup_id
Value: 2549
.casino.com/ Name: _dy_c_exps
Value:
.join.casino.com/ Name: _dy_weather_8766445
Value: %5B%5D
.casino.com/ Name: payload
Value: 9773737_9773861_k-gjl8f8jlj499a6t.6ge3tutwu1y
.casino.com/ Name: _dy_ses_load_seq
Value: 63106%3A1523471849628
.casino.com/ Name: object_id
Value: 29585
.casino.com/ Name: _dyexps
Value: 34193%7C369856%3A%3A0%3A1523471849236%3A63106%3A63106%3A2%3A3%3A0%7C1203335%3A461680%7C1%7C63106%3A1523471849238
.casino.com/ Name: token
Value: EO2kYxnPr6I5ZIM7ZhHhTWNd7ZgqdRLk
.casino.com/ Name: _dycst
Value: dk.l.c.ws.frv1.frs.
.join.casino.com/ Name: _gat_UA-11490806-1
Value: 1
.join.casino.com/ Name: _dyprd
Value:
.casino.com/ Name: mts_session
Value: %5B%7B%22brand%22%3A%22casino.com%22%2C%22channel%22%3A%7B%22traffic_source%22%3A%22AFFILIATE%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.junbi-tracker.com%2Fmeta.py%3Fcam%3D9773737%5Cu0026cat%3D9773861%5Cu0026subid%3Dk-gjl8f8jlj499a6t.6ge3tutwu1y%22%2C%22custom_data%22%3A%22%257B%2522session%2522%253A%257B%2522token%2522%253A%2522EO2kYxnPr6I5ZIM7ZhHhTWNd7ZgqdRLk%2522%252C%2522affiliate_id%2522%253A539125%252C%2522campaign_id%2522%253A1%252C%2522plan%2522%253A1%252C%2522object_id%2522%253A29585%252C%2522setup%2522%253A2549%252C%2522payload%2522%253A%25229773737_9773861_k-gjl8f8jlj499a6t.6ge3tutwu1y%2522%252C%2522destination%2522%253A%2522https%253A%252F%252Fjoin.casino.com%252Fde%252Flp%252Fsteps%252Faff%252F100to400%252Fcashback%252F5229%252Feur%252Fadv%252Fopt%252F%2522%252C%2522query_string%2522%253A%2522payload%253D9773737_9773861_k-gjl8f8jlj499a6t.6ge3tutwu1y%2522%252C%2522traffic_source%2522%253A%2522AFFILIATE%2522%252C%2522referer%2522%253A%2522https%253A%252F%252Fwww.junbi-tracker.com%252Fmeta.py%253Fcam%253D9773737%255Cu0026cat%253D9773861%255Cu0026subid%253Dk-gjl8f8jlj499a6t.6ge3tutwu1y%2522%257D%257D%22%7D%2C%22timestamp%22%3A1523471848%7D%5D
.join.casino.com/ Name: _gid
Value: GA1.3.1651894937.1523471850
.casino.com/ Name: affiliate_id
Value: 539125
.casino.com/ Name: visid_incap_1298672
Value: 8Krd6z7YQYabQjAhIkos4+hVzloAAAAAQUIPAAAAAABvoXmPFsOYbEHOX2G04N5N
.casino.com/ Name: plan_id
Value: 1
.casino.com/ Name: mts_traffic_source
Value: AFFILIATE
.casino.com/ Name: campaign_id
Value: 1
.casino.com/ Name: banner_click
Value: 539125%2C%2C1%2C*%2Ctoken%3AEO2kYxnPr6I5ZIM7ZhHhTWNd7ZgqdRLk
.join.casino.com/ Name: _dy_cweather_8766445
Value: null
.casino.com/ Name: incap_ses_340_1298672
Value: p/ZLBLp8VGs3LNDiuey3BOhVzloAAAAAjzO8QMF2f+7KBS7qQDdWkA==
.casino.com/ Name: _dy_csc_ses
Value: t

Indicators of compromise (IoCs)

This is a term in the security industry to describe indicators around an attack. This includes IPs, hashes, domains, etc.

api.casino.com
api.cooladata.com
cache.mansion.com
cdn.cooladata.com
cdn.dynamicyield.com
d10lpsik1i8c69.cloudfront.net
gtrk.s3.amazonaws.com
join.casino.com
mts.mansion.com
px.dynamicyield.com
record.mansionaffiliates.com
sample.crazyegg.com
script.crazyegg.com
script.hotjar.com
settings.luckyorange.net
st.dynamicyield.com
static.dynamicyield.com
static.hotjar.com
stats.g.doubleclick.net
syndication.exdynsrv.com
tickers.playtech.com
www.google-analytics.com
www.googletagmanager.com
www.junbi-tracker.com


104.16.129.227
104.24.10.90
104.24.11.90
13.32.144.73
146.185.16.178
148.253.244.207
148.253.245.144
148.253.245.17
151.101.112.64
172.217.16.200
172.217.16.206
184.73.253.255
213.187.229.56
23.21.124.125
23.67.133.228
45.60.33.168
52.204.37.93
52.216.131.147
52.222.149.94
54.243.109.242
74.125.206.155
80.85.64.193
94.31.29.249
94.31.29.254
95.128.201.171
95.211.229.247

05a5afb3903c8fa1f859ff8e3470471a539761907262283dca0e0a5c4b319059
1f07316b68905085a7cd9d800968987bb17729f4725761eba65095f5c5168f50
20bac87f4ee8fbefa4d0a8c67773c0850ee10d5857c8ee860996995ebba75c60
27d9b8899e2133a01be6e7c5266dce0f6f4938ecf0d7f1b0f883f35fd004a8f0
2f630e79515e7e8e08d163aa39e0ab288ef23aa73c33f28ec5f00158cf7b1a71
3a150605ac548fc729783ccd0faa3a056292f2eb10e5e016de8677dabe4406da
4a9d62c22af1c7176061593b7823ad1b21806c565e60814891dbb9d6f9894e1d
526b8874c47f6899c0ad65c4483d1f3a2e2e51ed0f102edea7dc0d3c4df716c2
5db3cf536dc26c1d8214684f7208c447b52664b2e639b9ea59bcae2181520e7c
5ec154de365262d830480b3563ccdf8b40f51f30aafa6572a6c640ecfa0f1337
66159eaffa72cc13b12af20c2cb9c4346abe71bf53a0049f1a32d960772c8eef
6a3cf5192354f71615ac51034b3e97c20eda99643fcaf5bbe6d41ad59bd12167
6bc85fe9e543e5f498e951d1a9ebb5a92386c31293aa045ed440fc152f98fe2e
70fe5fecafc20b81e33d8d83d97c0e2b676b31639795d416436dd49dbfa2ff0e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1
905abb131fe883c0f9cf57b513f62b1ee5db0bd151aba8cb6003ea351a1deb36
92b0a6842a06210db1405133f973f349ce0e5c656850f04e1f4da96d7f01f34a
92f7c4f82f0027e53d4f004bb38ed25df8e22985b6be500513d29acff078f0c6
a550fc52eb6f0646df7aaa9a56f61cca73bad435e50e4fdb9e97dc0a3f715e83
b3856f4e7d9c01f5279f835dfb7b2e9e4205c10e895217ba2a1ff3876b3a112a
c61d8cfecb76bddb4f44836e19f939ef416cab62bc739e50d0fe21ab2489c089
c9231702f1baa01fa4216c9ca075650c5f18f63dfa6861b88a1b2e20fc20209a
c98cce4d508443e3640d3e0c2ebbba0e5cb4d53e3556c5c2bddea01d617b10b4
d360575e6e1830e82a27d6e2356d63e0e65c7e39eedf6955f650fb16217acb1c
db2ab6bfcb3f7410d0c9e32604da70ccf567dd73841097bb951bed35bcf22329
ddd034852946028eee5a515f924ca47c7ffcc8fa60527018edaa20c7dd53a59a
e29e32ae1d1351d4b64d7cd1d156b1a1eae3bd26ed823f84f06696d59a9ac4bd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44280dfdc205543de89edba88b15aebb1b06bbce9d0d3f98caa043fd94efd12
ec9514bd44e64be6b2579030d31ae5f335057a704fd4ad0c8c393357252f3bc9
ed0acc977927f4f26ebd61878ddac8837f43c972a2f238f84265a7ede0a03943
edc821ccabf1f8c1d3ebd83643326aec1bd72a33637b0ca0a64ff54cbe4d787c
efc514d50e2925cc4952084a096051ef598cc8cdba6114e049e32368c7db32fe
f61938706957edfdaf3a5ff72012aa0fc9254e9ddca1dd59f08a72e9b1f88d97
f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7
fc6575cbbf14ecac28a8eeac1d71c5d5bf0797c536a323f3d070c0ebb4780534