urlscan.io logo urlscan.io
SecurityTrails logo

www.prontocasino.com Open in urlscan Pro
2606:4700:10::6814:2015  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.mg-mail1.com/mailget/email_tracker/link_click?link_id=tytUji3&temp_id=Ijg2ODU3Ig_3D_3D&email_id=walke...
Effective URL: https://www.prontocasino.com/de/
Submission: On December 21 via manual from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 7 countries across 18 domains to perform 71 HTTP transactions. The main IP is 2606:4700:10::6814:2015, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.prontocasino.com.
TLS certificate: Issued by SSL.com DV CA on September 30th 2018. Valid for: a year.
This is the only time www.prontocasino.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 35.155.142.191 16509 (AMAZON-02)
4 4 18.232.237.176 14618 (AMAZON-AES)
1 11 206.214.78.131 62904 (EONIX-COM...)
4 54.148.224.92 16509 (AMAZON-02)
2 6 35.164.26.27 16509 (AMAZON-02)
1 1 52.58.150.193 16509 (AMAZON-02)
1 1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2 185.181.10.57 47447 (TTM)
2 2 91.92.196.190 49882 (SKRILL)
1 25 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 104.18.71.113 13335 (CLOUDFLAR...)
1 147.75.205.43 54825 (PACKET)
1 147.75.205.49 54825 (PACKET)
1 147.75.80.178 54825 (PACKET)
4 37.157.2.234 198622 (ADFORM)
2 2600:9000:204... 16509 (AMAZON-02)
3 104.16.54.111 13335 (CLOUDFLAR...)
1 4 104.16.83.55 13335 (CLOUDFLAR...)
71 16
1    35.155.142.191 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-155-142-191.us-west-2.compute.amazonaws.com
www.mg-mail1.com
4    18.232.237.176 (Cambridge, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-18-232-237-176.compute-1.amazonaws.com
rebrand.ly
11    206.214.78.131 (Henderson, United States)

ASN62904 (EONIX-COMMUNICATIONS-ASBLOCK-62904 - Eonix Corporation, US)
shinelift.com
4    54.148.224.92 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-148-224-92.us-west-2.compute.amazonaws.com
p.cpaoa.org
6    35.164.26.27 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-164-26-27.us-west-2.compute.amazonaws.com
exchange.bdex.com
1    52.58.150.193 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-58-150-193.eu-central-1.compute.amazonaws.com
rapid-cdn.com
1    2606:4700:30::681f:4135 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
maniacfunnel.com
2    185.181.10.57 (Netherlands)

ASN47447 (TTM, DE)
go.peavyyola.com
2    91.92.196.190 (Bulgaria)

ASN49882 (SKRILL, GB)
wlpremierlivecasino.adsrv.eacdn.com
25    2606:4700:10::6814:2015 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.prontocasino.com
1    2a00:1450:4001:815::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
2    2a00:1450:4001:81c::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
6    104.18.71.113 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
static.zdassets.com
1    147.75.205.43 (Amsterdam, Netherlands)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-31
static.hotjar.com
1    147.75.205.49 (Amsterdam, Netherlands)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-26
script.hotjar.com
1    147.75.80.178 (Switzerland)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-25
vars.hotjar.com
4    37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
2    2600:9000:2047:ba00:14:e8dc:9940:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
ekr.zdassets.com
3    104.16.54.111 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
deltaservices.zendesk.com
4    104.16.83.55 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
v2.zopim.com
Domain Requested by
25 www.prontocasino.com 1 redirects go.peavyyola.com
www.prontocasino.com
11 shinelift.com 1 redirects shinelift.com
6 static.zdassets.com www.googletagmanager.com
static.zdassets.com
6 exchange.bdex.com 2 redirects p.cpaoa.org
shinelift.com
4 v2.zopim.com 1 redirects v2.zopim.com
www.prontocasino.com
4 track.adform.net shinelift.com
track.adform.net
4 p.cpaoa.org shinelift.com
4 rebrand.ly 4 redirects
3 deltaservices.zendesk.com static.zdassets.com
2 ekr.zdassets.com static.zdassets.com
2 www.google-analytics.com www.googletagmanager.com
2 wlpremierlivecasino.adsrv.eacdn.com 2 redirects
2 go.peavyyola.com 1 redirects shinelift.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com shinelift.com
1 www.googletagmanager.com www.prontocasino.com
1 maniacfunnel.com 1 redirects
1 rapid-cdn.com 1 redirects
1 www.mg-mail1.com 1 redirects
0 api.traversedlp.com Failed shinelift.com
71 21
Subject Issuer Validity Valid
*.bdex.com
Go Daddy Secure Certificate Authority - G2		 2018-03-17 -
2019-05-16		 a year crt.sh
www.prontocasino.com
SSL.com DV CA		 2018-09-30 -
2019-12-29		 a year crt.sh
*.google-analytics.com
Google Internet Authority G3		 2018-12-04 -
2019-02-26		 3 months crt.sh
*.zdassets.com
COMODO RSA Domain Validation Secure Server CA		 2017-09-14 -
2020-09-13		 3 years crt.sh
static.hotjar.com
Let's Encrypt Authority X3		 2018-12-10 -
2019-03-10		 3 months crt.sh
script.hotjar.com
Let's Encrypt Authority X3		 2018-12-10 -
2019-03-10		 3 months crt.sh
vars.hotjar.com
Let's Encrypt Authority X3		 2018-12-10 -
2019-03-10		 3 months crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2018-02-02 -
2019-10-02		 2 years crt.sh
deltaservices.zendesk.com
CloudFlare Inc ECC CA-2		 2018-11-22 -
2019-11-22		 a year crt.sh
*.zopim.com
COMODO RSA Domain Validation Secure Server CA		 2017-12-06 -
2020-12-29		 3 years crt.sh

This page contains 8 frames:

Primary Page: https://www.prontocasino.com/de/
Frame ID: 2A138FC904D3768DBA7A81B5E6AAD30E
Requests: 40 HTTP requests in this frame

Frame: http://shinelift.com/clicks/click.php?ip=82.102.16.228&referer_url=&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=shinelift.com&cid=15533&pub=201138&sid1=&sid2=&sid3=&sid4=
Frame ID: C68C7ECB968B4A08981C079858E4E675
Requests: 7 HTTP requests in this frame

Frame: http://shinelift.com/clicks/click.php?ip=82.102.16.228&referer_url=http%3A%2F%2Fshinelift.com%2Fclicks%2Fclick.php%3Fip%3D82.102.16.228%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Dshinelift.com%26cid%3D15533%26pub%3D201138%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=shinelift.com&cid=14635&pub=201138&prevcid=15533&sid1=&sid2=&sid3=&sid4=
Frame ID: DBBE5C59A9D20C2ED7E8348E75643182
Requests: 13 HTTP requests in this frame

Frame: https://vars.hotjar.com/rcj-da10bd4908deb9e19dfde013ec3fe4ff.html
Frame ID: 816D6794C31C041EF400329BC52736DF
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/serving/container/?pm=1481840&lid=43194283&ctype=0&media=0&PageName=prontocasino.com%2fde%2f&rnd=1099330958&cpref=http%3a%2f%2fgo.peavyyola.com%2fts464-internationalemail-general%3fflux_txid%3d475075720557923304%26flux_hid%3d483473789741435045&loc=https%3a%2f%2fwww.prontocasino.com%2fde%2f
Frame ID: C67EF4EA18D5AE4603C5086F7DC92E95
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/runtime.21a26ad46e6a06a0f779.js
Frame ID: 040892B147F6496F424D0A9970BD02D0
Requests: 7 HTTP requests in this frame

Frame: https://v2.zopim.com/lib/20181212.052263/__$$__stringtable_lang_de.js
Frame ID: EADBA879411518AC202212C9936BF565
Requests: 1 HTTP requests in this frame

Frame: https://v2.zopim.com/widget/images/avatar_simple_visitor.png
Frame ID: 85EC005817DDCAC900F9746ECFD3FB7E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.mg-mail1.com/mailget/email_tracker/link_click?link_id=tytUji3&temp_id=Ijg2ODU3Ig_3D_3... HTTP 302
    https://rebrand.ly/click680a3 HTTP 301
    https://rebrand.ly/clickf7425 HTTP 301
    https://rebrand.ly/click19dcf HTTP 301
    https://rebrand.ly/clickc8051 HTTP 301
    http://shinelift.com/clicks?cid=15533&pub=201138&sid1=&sid2=&sid3=&sid4= HTTP 301
    http://shinelift.com/clicks/?cid=15533&pub=201138&sid1=&sid2=&sid3=&sid4= Page URL
  2. http://shinelift.com/clicks/?cid=14635&pub=201138&prevcid=15533&sid1=&sid2=&sid3=&sid4= Page URL
  3. http://rapid-cdn.com/path/lp.php?trvid=10085&trvx=8636ccc4&vert=VERT&pubid=201138&cid=14635&syste... HTTP 302
    http://maniacfunnel.com/?flux_fts=ioxtixzzcotllizozxeiclzclcqzllcaqxxzi74b5b&flux_cost=0.00&pubid=pu... HTTP 307
    http://go.peavyyola.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=48347... Page URL
  4. http://go.peavyyola.com/match-4625/25949/109977769/1545351571/mf_f86f16f6-4dc9-4496-aecd-b77ca5a1e6f... HTTP 302
    https://wlpremierlivecasino.adsrv.eacdn.com/C.ashx?btag=a_1343b_16c_&affid=359&siteid=1343&adid=16&c= HTTP 302
    https://wlpremierlivecasino.adsrv.eacdn.com/C.ashx?btag=a_1343b_16c_&affid=359&siteid=1343&adid=16&c=&AutoR=1 HTTP 302
    https://www.prontocasino.com/de/?btag=a_1343b_16 HTTP 302
    https://www.prontocasino.com/de/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
  • script /\/wp-includes\//i
  • meta generator /WordPress( [\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
  • script /\/wp-includes\//i
  • meta generator /WordPress( [\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • headers server /CentOS/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /vue.*\.js/i
  • env /^Vue$/i
Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast/i
Overall confidence: 100%
Detected patterns
  • script /v2\.zopim\.com/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i

Page Statistics

71
Requests

72 %
HTTPS

25 %
IPv6

18
Domains

21
Subdomains

16
IPs

7
Countries

1954 kB
Transfer

6023 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.mg-mail1.com/mailget/email_tracker/link_click?link_id=tytUji3&amp;temp_id=Ijg2ODU3Ig_3D_3D&amp;email_id=walker.anne%40aaamissouri.com&amp;s_id=k5XthN&amp;server=6324&amp;type=replace_drip_type HTTP 302
    https://rebrand.ly/click680a3 HTTP 301
    https://rebrand.ly/clickf7425 HTTP 301
    https://rebrand.ly/click19dcf HTTP 301
    https://rebrand.ly/clickc8051 HTTP 301
    http://shinelift.com/clicks?cid=15533&pub=201138&sid1=&sid2=&sid3=&sid4= HTTP 301
    http://shinelift.com/clicks/?cid=15533&pub=201138&sid1=&sid2=&sid3=&sid4= Page URL
  2. http://shinelift.com/clicks/?cid=14635&pub=201138&prevcid=15533&sid1=&sid2=&sid3=&sid4= Page URL
  3. http://rapid-cdn.com/path/lp.php?trvid=10085&trvx=8636ccc4&vert=VERT&pubid=201138&cid=14635&system=NS HTTP 302
    http://maniacfunnel.com/?flux_fts=ioxtixzzcotllizozxeiclzclcqzllcaqxxzi74b5b&flux_cost=0.00&pubid=pubid&vert=vert&cid=cid&sxid=cyxkq7v3ntr1 HTTP 307
    http://go.peavyyola.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=483473789741435045 Page URL
  4. http://go.peavyyola.com/match-4625/25949/109977769/1545351571/mf_f86f16f6-4dc9-4496-aecd-b77ca5a1e6fc/dHM0NjQtaW50ZXJuYXRpb25hbGVtYWlsLWdlbmVyYWw=/?flux_txid=475075720557923304&flux_hid=483473789741435045 HTTP 302
    https://wlpremierlivecasino.adsrv.eacdn.com/C.ashx?btag=a_1343b_16c_&affid=359&siteid=1343&adid=16&c= HTTP 302
    https://wlpremierlivecasino.adsrv.eacdn.com/C.ashx?btag=a_1343b_16c_&affid=359&siteid=1343&adid=16&c=&AutoR=1 HTTP 302
    https://www.prontocasino.com/de/?btag=a_1343b_16 HTTP 302
    https://www.prontocasino.com/de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.mg-mail1.com/mailget/email_tracker/link_click?link_id=tytUji3&amp;temp_id=Ijg2ODU3Ig_3D_3D&amp;email_id=walker.anne%40aaamissouri.com&amp;s_id=k5XthN&amp;server=6324&amp;type=replace_drip_type HTTP 302
  • https://rebrand.ly/click680a3 HTTP 301
  • https://rebrand.ly/clickf7425 HTTP 301
  • https://rebrand.ly/click19dcf HTTP 301
  • https://rebrand.ly/clickc8051 HTTP 301
  • http://shinelift.com/clicks?cid=15533&pub=201138&sid1=&sid2=&sid3=&sid4= HTTP 301
  • http://shinelift.com/clicks/?cid=15533&pub=201138&sid1=&sid2=&sid3=&sid4=
Request Chain 17
  • https://exchange.bdex.com/bdex/bdexIdentity.jsp?bdexPartnerAccountId=100&customerUserId=0ce2b0bc93f34bb49137028923491660&api=Y&apiVersion=0.3 HTTP 302
  • https://exchange.bdex.com/bdex/confirmPrivacySettings.jsp?bdexPartnerAccountId=100&correlationId=757f2086-2e9a-4146-b1ea-138345337bda&redir=https%3A%2F%2Fexchange.bdex.com%2Fbdex%2FbdexIdentity.jsp%3FbdexPartnerAccountId%3D100%26customerUserId%3D0ce2b0bc93f34bb49137028923491660%26api%3DY%26apiVersion%3D0.3%26correlationId%3D757f2086-2e9a-4146-b1ea-138345337bda
Request Chain 19
  • http://rapid-cdn.com/path/lp.php?trvid=10085&trvx=8636ccc4&vert=VERT&pubid=201138&cid=14635&system=NS HTTP 302
  • http://maniacfunnel.com/?flux_fts=ioxtixzzcotllizozxeiclzclcqzllcaqxxzi74b5b&flux_cost=0.00&pubid=pubid&vert=vert&cid=cid&sxid=cyxkq7v3ntr1 HTTP 307
  • http://go.peavyyola.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=483473789741435045
Request Chain 20
  • https://exchange.bdex.com/bdex/confirmPrivacySettings.jsp?bdexPartnerAccountId=100&correlationId=757f2086-2e9a-4146-b1ea-138345337bda&redir=https%3A%2F%2Fexchange.bdex.com%2Fbdex%2FbdexIdentity.jsp%3FbdexPartnerAccountId%3D100%26customerUserId%3D0ce2b0bc93f34bb49137028923491660%26api%3DY%26apiVersion%3D0.3%26correlationId%3D757f2086-2e9a-4146-b1ea-138345337bda HTTP 302
  • https://exchange.bdex.com/bdex/bdexIdentity.jsp?bdexPartnerAccountId=100&customerUserId=0ce2b0bc93f34bb49137028923491660&api=Y&apiVersion=0.3&correlationId=757f2086-2e9a-4146-b1ea-138345337bda
Request Chain 67
  • https://v2.zopim.com/?lJlkejUwAPSlteF5GyFfxHgesNksMNQm HTTP 302
  • https://v2.zopim.com/bin/v/widget_v2.274.js

71 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
shinelift.com/clicks/
Redirect Chain
  • http://www.mg-mail1.com/mailget/email_tracker/link_click?link_id=tytUji3&amp;temp_id=Ijg2ODU3Ig_3D_3D&amp;email_id=walker.anne%40aaamissouri.com&amp;s_id=k5XthN&amp;server=6324&amp;type=replace_dri...
  • https://rebrand.ly/click680a3
  • https://rebrand.ly/clickf7425
  • https://rebrand.ly/click19dcf
  • https://rebrand.ly/clickc8051
  • http://shinelift.com/clicks?cid=15533&pub=201138&sid1=&sid2=&sid3=&sid4=
  • http://shinelift.com/clicks/?cid=15533&pub=201138&sid1=&sid2=&sid3=&sid4=
433 B
626 B 		Document
General
Check archive.org
Download Go to
Full URL
http://shinelift.com/clicks/?cid=15533&pub=201138&sid1=&sid2=&sid3=&sid4=
Protocol
HTTP/1.1
Server
206.214.78.131 Henderson, United States, ASN62904 (EONIX-COMMUNICATIONS-ASBLOCK-62904 - Eonix Corporation, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
22025faa9ceaeeea30349263002294a6e5a157149e4d0a3f9fd2c323c733c785

Request headers

Host
shinelift.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 21 Dec 2018 00:19:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Content-Length
433
Connection
close
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Fri, 21 Dec 2018 00:19:08 GMT
Server
Apache/2.2.15 (CentOS)
Location
http://shinelift.com/clicks/?cid=15533&pub=201138&sid1=&sid2=&sid3=&sid4=
Content-Length
380
Connection
close
Content-Type
text/html; charset=iso-8859-1
click.php
shinelift.com/clicks/ Frame C68C 		4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://shinelift.com/clicks/click.php?ip=82.102.16.228&referer_url=&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=shinelift.com&cid=15533&pub=201138&sid1=&sid2=&sid3=&sid4=
Requested by
Host: shinelift.com
URL: http://shinelift.com/clicks/?cid=15533&pub=201138&sid1=&sid2=&sid3=&sid4=
Protocol
HTTP/1.1
Server
206.214.78.131 Henderson, United States, ASN62904 (EONIX-COMMUNICATIONS-ASBLOCK-62904 - Eonix Corporation, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
699f2b64d87007296fc4cc48c31d2b487ff5034cf9c3e72de6a5f0aa0c1ff689

Request headers

Host
shinelift.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://shinelift.com/clicks/?cid=15533&pub=201138&sid1=&sid2=&sid3=&sid4=
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://shinelift.com/clicks/?cid=15533&pub=201138&sid1=&sid2=&sid3=&sid4=

Response headers

Date
Fri, 21 Dec 2018 00:19:10 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Content-Length
4445
Connection
close
Content-Type
text/html; charset=UTF-8
fingerprint4.min.js
shinelift.com/clicks/ Frame C68C 		33 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://shinelift.com/clicks/fingerprint4.min.js
Requested by
Host: shinelift.com
URL: http://shinelift.com/clicks/click.php?ip=82.102.16.228&referer_url=&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=shinelift.com&cid=15533&pub=201138&sid1=&sid2=&sid3=&sid4=
Protocol
HTTP/1.1
Server
206.214.78.131 Henderson, United States, ASN62904 (EONIX-COMMUNICATIONS-ASBLOCK-62904 - Eonix Corporation, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c0b32c6298bcc389697b3a0e2c889cb6d0885d5fe7f4576646e499a0a7bcc395

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
shinelift.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://shinelift.com/clicks/click.php?ip=82.102.16.228&referer_url=&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=shinelift.com&cid=15533&pub=201138&sid1=&sid2=&sid3=&sid4=
Connection
keep-alive
Cache-Control
no-cache
Referer
http://shinelift.com/clicks/click.php?ip=82.102.16.228&referer_url=&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=shinelift.com&cid=15533&pub=201138&sid1=&sid2=&sid3=&sid4=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 21 Dec 2018 00:19:17 GMT
Last-Modified
Thu, 20 Sep 2018 19:32:46 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1b40472-83fb-57652966a87a3"
Content-Type
text/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
33787
jquery-3.0.0.min.js
shinelift.com/clicks/ Frame C68C 		84 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://shinelift.com/clicks/jquery-3.0.0.min.js
Requested by
Host: shinelift.com
URL: http://shinelift.com/clicks/click.php?ip=82.102.16.228&referer_url=&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=shinelift.com&cid=15533&pub=201138&sid1=&sid2=&sid3=&sid4=
Protocol
HTTP/1.1
Server
206.214.78.131 Henderson, United States, ASN62904 (EONIX-COMMUNICATIONS-ASBLOCK-62904 - Eonix Corporation, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
6069398299730203aa434d1520ccf88ee8bf0aeee241aca18edbd85c78943432

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
shinelift.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://shinelift.com/clicks/click.php?ip=82.102.16.228&referer_url=&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=shinelift.com&cid=15533&pub=201138&sid1=&sid2=&sid3=&sid4=
Connection
keep-alive
Cache-Control
no-cache
Referer
http://shinelift.com/clicks/click.php?ip=82.102.16.228&referer_url=&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=shinelift.com&cid=15533&pub=201138&sid1=&sid2=&sid3=&sid4=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 21 Dec 2018 00:19:25 GMT
Last-Modified
Thu, 16 Mar 2017 23:50:45 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1b405c8-15144-54ae1bac74adb"
Content-Type
text/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
86340
l.js
p.cpaoa.org/ Frame C68C 		0
0
click.php
shinelift.com/clicks/ Frame C68C 		131 B
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://shinelift.com/clicks/click.php
Requested by
Host: shinelift.com
URL: http://shinelift.com/clicks/jquery-3.0.0.min.js
Protocol
HTTP/1.1
Server
206.214.78.131 Henderson, United States, ASN62904 (EONIX-COMMUNICATIONS-ASBLOCK-62904 - Eonix Corporation, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Pragma
no-cache
Origin
http://shinelift.com
Accept-Encoding
gzip, deflate
Host
shinelift.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
application/json, text/javascript, */*; q=0.01
Cache-Control
no-cache
X-Requested-With
XMLHttpRequest
Connection
keep-alive
Referer
http://shinelift.com/clicks/click.php?ip=82.102.16.228&referer_url=&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=shinelift.com&cid=15533&pub=201138&sid1=&sid2=&sid3=&sid4=
Content-Length
246
Accept
application/json, text/javascript, */*; q=0.01
Referer
http://shinelift.com/clicks/click.php?ip=82.102.16.228&referer_url=&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=shinelift.com&cid=15533&pub=201138&sid1=&sid2=&sid3=&sid4=
Origin
http://shinelift.com
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Fri, 21 Dec 2018 00:19:26 GMT
Server
Apache/2.2.15 (CentOS)
Connection
close
X-Powered-By
PHP/5.3.3
Content-Length
131
Content-Type
text/html; charset=UTF-8
t.png
p.cpaoa.org/ Frame C68C 		0
0
dl.png
p.cpaoa.org/ Frame C68C 		0
0
/
shinelift.com/clicks/ 		826 B
1019 B 		Document
General
Check archive.org
Download Go to
Full URL
http://shinelift.com/clicks/?cid=14635&pub=201138&prevcid=15533&sid1=&sid2=&sid3=&sid4=
Requested by
Host: shinelift.com
URL: http://shinelift.com/clicks/click.php?ip=82.102.16.228&referer_url=&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=shinelift.com&cid=15533&pub=201138&sid1=&sid2=&sid3=&sid4=
Protocol
HTTP/1.1
Server
206.214.78.131 Henderson, United States, ASN62904 (EONIX-COMMUNICATIONS-ASBLOCK-62904 - Eonix Corporation, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
175f17979a30847ac1817230ef45a613ae232a985ccbf4679c3760b241eea1b9

Request headers

Host
shinelift.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://shinelift.com/clicks/click.php?ip=82.102.16.228&referer_url=&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=shinelift.com&cid=15533&pub=201138&sid1=&sid2=&sid3=&sid4=
Accept-Encoding
gzip, deflate
Cookie
clkcheck15533=_201138
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://shinelift.com/clicks/click.php?ip=82.102.16.228&referer_url=&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=shinelift.com&cid=15533&pub=201138&sid1=&sid2=&sid3=&sid4=

Response headers

Date
Fri, 21 Dec 2018 00:19:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Content-Length
826
Connection
close
Content-Type
text/html; charset=UTF-8
click.php
shinelift.com/clicks/ Frame DBBE 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://shinelift.com/clicks/click.php?ip=82.102.16.228&referer_url=http%3A%2F%2Fshinelift.com%2Fclicks%2Fclick.php%3Fip%3D82.102.16.228%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Dshinelift.com%26cid%3D15533%26pub%3D201138%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=shinelift.com&cid=14635&pub=201138&prevcid=15533&sid1=&sid2=&sid3=&sid4=
Requested by
Host: shinelift.com
URL: http://shinelift.com/clicks/?cid=14635&pub=201138&prevcid=15533&sid1=&sid2=&sid3=&sid4=
Protocol
HTTP/1.1
Server
206.214.78.131 Henderson, United States, ASN62904 (EONIX-COMMUNICATIONS-ASBLOCK-62904 - Eonix Corporation, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1ea8bf38f1bb7548eac72aca4892ea5dcb630c8a13be5b8d408ce99319fdde73

Request headers

Host
shinelift.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://shinelift.com/clicks/?cid=14635&pub=201138&prevcid=15533&sid1=&sid2=&sid3=&sid4=
Accept-Encoding
gzip, deflate
Cookie
clkcheck15533=_201138
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://shinelift.com/clicks/?cid=14635&pub=201138&prevcid=15533&sid1=&sid2=&sid3=&sid4=

Response headers

Date
Fri, 21 Dec 2018 00:19:27 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Content-Length
4875
Connection
close
Content-Type
text/html; charset=UTF-8
fingerprint4.min.js
shinelift.com/clicks/ Frame DBBE 		33 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://shinelift.com/clicks/fingerprint4.min.js
Requested by
Host: shinelift.com
URL: http://shinelift.com/clicks/click.php?ip=82.102.16.228&referer_url=http%3A%2F%2Fshinelift.com%2Fclicks%2Fclick.php%3Fip%3D82.102.16.228%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Dshinelift.com%26cid%3D15533%26pub%3D201138%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=shinelift.com&cid=14635&pub=201138&prevcid=15533&sid1=&sid2=&sid3=&sid4=
Protocol
HTTP/1.1
Server
206.214.78.131 Henderson, United States, ASN62904 (EONIX-COMMUNICATIONS-ASBLOCK-62904 - Eonix Corporation, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c0b32c6298bcc389697b3a0e2c889cb6d0885d5fe7f4576646e499a0a7bcc395

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
shinelift.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://shinelift.com/clicks/click.php?ip=82.102.16.228&referer_url=http%3A%2F%2Fshinelift.com%2Fclicks%2Fclick.php%3Fip%3D82.102.16.228%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Dshinelift.com%26cid%3D15533%26pub%3D201138%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=shinelift.com&cid=14635&pub=201138&prevcid=15533&sid1=&sid2=&sid3=&sid4=
Cookie
clkcheck15533=_201138
Connection
keep-alive
Cache-Control
no-cache
Referer
http://shinelift.com/clicks/click.php?ip=82.102.16.228&referer_url=http%3A%2F%2Fshinelift.com%2Fclicks%2Fclick.php%3Fip%3D82.102.16.228%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Dshinelift.com%26cid%3D15533%26pub%3D201138%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=shinelift.com&cid=14635&pub=201138&prevcid=15533&sid1=&sid2=&sid3=&sid4=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 21 Dec 2018 00:19:27 GMT
Last-Modified
Thu, 20 Sep 2018 19:32:46 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1b40472-83fb-57652966a87a3"
Content-Type
text/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
33787
jquery-3.0.0.min.js
shinelift.com/clicks/ Frame DBBE 		84 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://shinelift.com/clicks/jquery-3.0.0.min.js
Requested by
Host: shinelift.com
URL: http://shinelift.com/clicks/click.php?ip=82.102.16.228&referer_url=http%3A%2F%2Fshinelift.com%2Fclicks%2Fclick.php%3Fip%3D82.102.16.228%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Dshinelift.com%26cid%3D15533%26pub%3D201138%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=shinelift.com&cid=14635&pub=201138&prevcid=15533&sid1=&sid2=&sid3=&sid4=
Protocol
HTTP/1.1
Server
206.214.78.131 Henderson, United States, ASN62904 (EONIX-COMMUNICATIONS-ASBLOCK-62904 - Eonix Corporation, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
6069398299730203aa434d1520ccf88ee8bf0aeee241aca18edbd85c78943432

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
shinelift.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://shinelift.com/clicks/click.php?ip=82.102.16.228&referer_url=http%3A%2F%2Fshinelift.com%2Fclicks%2Fclick.php%3Fip%3D82.102.16.228%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Dshinelift.com%26cid%3D15533%26pub%3D201138%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=shinelift.com&cid=14635&pub=201138&prevcid=15533&sid1=&sid2=&sid3=&sid4=
Cookie
clkcheck15533=_201138
Connection
keep-alive
Cache-Control
no-cache
Referer
http://shinelift.com/clicks/click.php?ip=82.102.16.228&referer_url=http%3A%2F%2Fshinelift.com%2Fclicks%2Fclick.php%3Fip%3D82.102.16.228%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Dshinelift.com%26cid%3D15533%26pub%3D201138%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=shinelift.com&cid=14635&pub=201138&prevcid=15533&sid1=&sid2=&sid3=&sid4=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 21 Dec 2018 00:19:28 GMT
Last-Modified
Thu, 16 Mar 2017 23:50:45 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1b405c8-15144-54ae1bac74adb"
Content-Type
text/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
86340
l.js
p.cpaoa.org/ Frame DBBE 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://p.cpaoa.org/l.js?impression_type=jsredir&impression_guid=93920e305849fff6&partner_id=201138&_loc=http://shinelift.com/clicks/click.php?ip=82.102.16.228&referer_url=http%253A%252F%252Fshinelift.com%252Fclicks%252Fclick.php%253Fip%253D82.102.16.228%2526referer_url%253D%2526user_agent%253DMozilla%25252F5.0%252B%252528Macintosh%25253B%252BIntel%252BMac%252BOS%252BX%252B10_13_5%252529%252BAppleWebKit%25252F537.36%252B%252528KHTML%25252C%252Blike%252BGecko%252529%252BChrome%25252F67.0.3396.87%252BSafari%25252F537.36%2526domain%253Dshinelift.com%2526cid%253D15533%2526pub%253D201138%2526sid1%253D%2526sid2%253D%2526sid3%253D%2526sid4%253D&user_agent=Mozilla%252F5.0+%2528Macintosh%253B+Intel+Mac+OS+X+10_13_5%2529+AppleWebKit%252F537.36+%2528KHTML%252C+like+Gecko%2529+Chrome%252F67.0.3396.87+Safari%252F537.36&domain=shinelift.com&cid=14635&pub=201138&prevcid=15533&sid1=&sid2=&sid3=&sid4=&_gid=4aa63536
Requested by
Host: shinelift.com
URL: http://shinelift.com/clicks/click.php?ip=82.102.16.228&referer_url=http%3A%2F%2Fshinelift.com%2Fclicks%2Fclick.php%3Fip%3D82.102.16.228%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Dshinelift.com%26cid%3D15533%26pub%3D201138%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=shinelift.com&cid=14635&pub=201138&prevcid=15533&sid1=&sid2=&sid3=&sid4=
Protocol
HTTP/1.1
Server
54.148.224.92 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-148-224-92.us-west-2.compute.amazonaws.com
Software
nginx/1.8.1 /
Resource Hash
b4dc80cdd7c888b30bfdc64000acfe0a9a40f723e01da0bda8b24aa10f925c60

Request headers

Referer
http://shinelift.com/clicks/click.php?ip=82.102.16.228&referer_url=http%3A%2F%2Fshinelift.com%2Fclicks%2Fclick.php%3Fip%3D82.102.16.228%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Dshinelift.com%26cid%3D15533%26pub%3D201138%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=shinelift.com&cid=14635&pub=201138&prevcid=15533&sid1=&sid2=&sid3=&sid4=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 21 Dec 2018 00:19:29 GMT
Server
nginx/1.8.1
Connection
keep-alive
Content-Length
2529
Content-Type
application/javascript
click.php
shinelift.com/clicks/ Frame DBBE 		145 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://shinelift.com/clicks/click.php
Requested by
Host: shinelift.com
URL: http://shinelift.com/clicks/jquery-3.0.0.min.js
Protocol
HTTP/1.1
Server
206.214.78.131 Henderson, United States, ASN62904 (EONIX-COMMUNICATIONS-ASBLOCK-62904 - Eonix Corporation, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Pragma
no-cache
Origin
http://shinelift.com
Accept-Encoding
gzip, deflate
Host
shinelift.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
application/json, text/javascript, */*; q=0.01
Cache-Control
no-cache
X-Requested-With
XMLHttpRequest
Connection
keep-alive
Referer
http://shinelift.com/clicks/click.php?ip=82.102.16.228&referer_url=http%3A%2F%2Fshinelift.com%2Fclicks%2Fclick.php%3Fip%3D82.102.16.228%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Dshinelift.com%26cid%3D15533%26pub%3D201138%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=shinelift.com&cid=14635&pub=201138&prevcid=15533&sid1=&sid2=&sid3=&sid4=
Content-Length
652
Accept
application/json, text/javascript, */*; q=0.01
Referer
http://shinelift.com/clicks/click.php?ip=82.102.16.228&referer_url=http%3A%2F%2Fshinelift.com%2Fclicks%2Fclick.php%3Fip%3D82.102.16.228%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Dshinelift.com%26cid%3D15533%26pub%3D201138%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=shinelift.com&cid=14635&pub=201138&prevcid=15533&sid1=&sid2=&sid3=&sid4=
Origin
http://shinelift.com
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Fri, 21 Dec 2018 00:19:29 GMT
Server
Apache/2.2.15 (CentOS)
Connection
close
X-Powered-By
PHP/5.3.3
Content-Length
145
Content-Type
text/html; charset=UTF-8
t.png
p.cpaoa.org/ Frame DBBE 		68 B
381 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://p.cpaoa.org/t.png?4lfp=9a48b4818e0eeda4eb3a85d8cd970e84
Requested by
Host: shinelift.com
URL: http://shinelift.com/clicks/click.php?ip=82.102.16.228&referer_url=http%3A%2F%2Fshinelift.com%2Fclicks%2Fclick.php%3Fip%3D82.102.16.228%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Dshinelift.com%26cid%3D15533%26pub%3D201138%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=shinelift.com&cid=14635&pub=201138&prevcid=15533&sid1=&sid2=&sid3=&sid4=
Protocol
HTTP/1.1
Server
54.148.224.92 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-148-224-92.us-west-2.compute.amazonaws.com
Software
nginx/1.8.1 /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Referer
http://shinelift.com/clicks/click.php?ip=82.102.16.228&referer_url=http%3A%2F%2Fshinelift.com%2Fclicks%2Fclick.php%3Fip%3D82.102.16.228%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Dshinelift.com%26cid%3D15533%26pub%3D201138%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=shinelift.com&cid=14635&pub=201138&prevcid=15533&sid1=&sid2=&sid3=&sid4=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 21 Dec 2018 00:19:29 GMT
Server
nginx/1.8.1
Connection
keep-alive
Content-Length
68
Content-Type
image/png
bdex-identity-api-0.3.js
exchange.bdex.com/bdex/api/identity/ Frame DBBE 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://exchange.bdex.com/bdex/api/identity/bdex-identity-api-0.3.js
Requested by
Host: p.cpaoa.org
URL: http://p.cpaoa.org/l.js?impression_type=jsredir&impression_guid=93920e305849fff6&partner_id=201138&_loc=http://shinelift.com/clicks/click.php?ip=82.102.16.228&referer_url=http%253A%252F%252Fshinelift.com%252Fclicks%252Fclick.php%253Fip%253D82.102.16.228%2526referer_url%253D%2526user_agent%253DMozilla%25252F5.0%252B%252528Macintosh%25253B%252BIntel%252BMac%252BOS%252BX%252B10_13_5%252529%252BAppleWebKit%25252F537.36%252B%252528KHTML%25252C%252Blike%252BGecko%252529%252BChrome%25252F67.0.3396.87%252BSafari%25252F537.36%2526domain%253Dshinelift.com%2526cid%253D15533%2526pub%253D201138%2526sid1%253D%2526sid2%253D%2526sid3%253D%2526sid4%253D&user_agent=Mozilla%252F5.0+%2528Macintosh%253B+Intel+Mac+OS+X+10_13_5%2529+AppleWebKit%252F537.36+%2528KHTML%252C+like+Gecko%2529+Chrome%252F67.0.3396.87+Safari%252F537.36&domain=shinelift.com&cid=14635&pub=201138&prevcid=15533&sid1=&sid2=&sid3=&sid4=&_gid=4aa63536
Protocol
HTTP/1.1
Server
35.164.26.27 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-164-26-27.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
f6327e00a7e67977308afa5acccb36654b5d9c8b23125d57f85fde13474cb9e1

Request headers

Referer
http://shinelift.com/clicks/click.php?ip=82.102.16.228&referer_url=http%3A%2F%2Fshinelift.com%2Fclicks%2Fclick.php%3Fip%3D82.102.16.228%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Dshinelift.com%26cid%3D15533%26pub%3D201138%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=shinelift.com&cid=14635&pub=201138&prevcid=15533&sid1=&sid2=&sid3=&sid4=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 21 Dec 2018 00:19:28 GMT
Last-Modified
Tue, 18 Dec 2018 13:08:42 GMT
Server
Apache
ETag
W/"6491-1545138522000"
Content-Type
application/javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6491
Expires
Fri, 21 Dec 2018 01:19:29 GMT
include.gif
api.traversedlp.com/retargeting/v1/ Frame DBBE 		0
0
confirmPrivacySettings.jsp
exchange.bdex.com/bdex/ Frame DBBE
Redirect Chain
  • https://exchange.bdex.com/bdex/bdexIdentity.jsp?bdexPartnerAccountId=100&customerUserId=0ce2b0bc93f34bb49137028923491660&api=Y&apiVersion=0.3
  • https://exchange.bdex.com/bdex/confirmPrivacySettings.jsp?bdexPartnerAccountId=100&correlationId=757f2086-2e9a-4146-b1ea-138345337bda&redir=https%3A%2F%2Fexchange.bdex.com%2Fbdex%2FbdexIdentity.jsp...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.bdex.com/bdex/confirmPrivacySettings.jsp?bdexPartnerAccountId=100&correlationId=757f2086-2e9a-4146-b1ea-138345337bda&redir=https%3A%2F%2Fexchange.bdex.com%2Fbdex%2FbdexIdentity.jsp%3FbdexPartnerAccountId%3D100%26customerUserId%3D0ce2b0bc93f34bb49137028923491660%26api%3DY%26apiVersion%3D0.3%26correlationId%3D757f2086-2e9a-4146-b1ea-138345337bda
Requested by
Host: shinelift.com
URL: http://shinelift.com/clicks/click.php?ip=82.102.16.228&referer_url=http%3A%2F%2Fshinelift.com%2Fclicks%2Fclick.php%3Fip%3D82.102.16.228%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Dshinelift.com%26cid%3D15533%26pub%3D201138%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=shinelift.com&cid=14635&pub=201138&prevcid=15533&sid1=&sid2=&sid3=&sid4=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.164.26.27 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-164-26-27.us-west-2.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

Referer
http://shinelift.com/clicks/click.php?ip=82.102.16.228&referer_url=http%3A%2F%2Fshinelift.com%2Fclicks%2Fclick.php%3Fip%3D82.102.16.228%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Dshinelift.com%26cid%3D15533%26pub%3D201138%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=shinelift.com&cid=14635&pub=201138&prevcid=15533&sid1=&sid2=&sid3=&sid4=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 21 Dec 2018 00:19:29 GMT
Server
Apache-Coyote/1.1
Location
https://exchange.bdex.com/bdex/confirmPrivacySettings.jsp?bdexPartnerAccountId=100&correlationId=757f2086-2e9a-4146-b1ea-138345337bda&redir=https%3A%2F%2Fexchange.bdex.com%2Fbdex%2FbdexIdentity.jsp%3FbdexPartnerAccountId%3D100%26customerUserId%3D0ce2b0bc93f34bb49137028923491660%26api%3DY%26apiVersion%3D0.3%26correlationId%3D757f2086-2e9a-4146-b1ea-138345337bda
p3p
CP="This is not a P3P policy!"
Access-Control-Allow-Origin
http://shinelift.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html;charset=ISO-8859-1
Content-Length
0

Redirect headers

Date
Fri, 21 Dec 2018 00:19:29 GMT
Server
Apache-Coyote/1.1
Access-Control-Allow-Origin
http://shinelift.com
p3p
CP="This is not a P3P policy!"
Location
https://exchange.bdex.com/bdex/confirmPrivacySettings.jsp?bdexPartnerAccountId=100&correlationId=757f2086-2e9a-4146-b1ea-138345337bda&redir=https%3A%2F%2Fexchange.bdex.com%2Fbdex%2FbdexIdentity.jsp%3FbdexPartnerAccountId%3D100%26customerUserId%3D0ce2b0bc93f34bb49137028923491660%26api%3DY%26apiVersion%3D0.3%26correlationId%3D757f2086-2e9a-4146-b1ea-138345337bda
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html;charset=ISO-8859-1
Content-Length
0
dl.png
p.cpaoa.org/ Frame DBBE 		68 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://p.cpaoa.org/dl.png?4lci=&iguid=93920e305849fff6
Requested by
Host: shinelift.com
URL: http://shinelift.com/clicks/click.php?ip=82.102.16.228&referer_url=http%3A%2F%2Fshinelift.com%2Fclicks%2Fclick.php%3Fip%3D82.102.16.228%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Dshinelift.com%26cid%3D15533%26pub%3D201138%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=shinelift.com&cid=14635&pub=201138&prevcid=15533&sid1=&sid2=&sid3=&sid4=
Protocol
HTTP/1.1
Server
54.148.224.92 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-148-224-92.us-west-2.compute.amazonaws.com
Software
nginx/1.8.1 /
Resource Hash

Request headers

Referer
http://shinelift.com/clicks/click.php?ip=82.102.16.228&referer_url=http%3A%2F%2Fshinelift.com%2Fclicks%2Fclick.php%3Fip%3D82.102.16.228%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Dshinelift.com%26cid%3D15533%26pub%3D201138%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=shinelift.com&cid=14635&pub=201138&prevcid=15533&sid1=&sid2=&sid3=&sid4=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 21 Dec 2018 00:19:29 GMT
Server
nginx/1.8.1
Connection
keep-alive
Content-Length
68
Content-Type
image/png
ts464-internationalemail-general
go.peavyyola.com/
Redirect Chain
  • http://rapid-cdn.com/path/lp.php?trvid=10085&trvx=8636ccc4&vert=VERT&pubid=201138&cid=14635&system=NS
  • http://maniacfunnel.com/?flux_fts=ioxtixzzcotllizozxeiclzclcqzllcaqxxzi74b5b&flux_cost=0.00&pubid=pubid&vert=vert&cid=cid&sxid=cyxkq7v3ntr1
  • http://go.peavyyola.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=483473789741435045
494 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
http://go.peavyyola.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=483473789741435045
Requested by
Host: shinelift.com
URL: http://shinelift.com/clicks/click.php?ip=82.102.16.228&referer_url=http%3A%2F%2Fshinelift.com%2Fclicks%2Fclick.php%3Fip%3D82.102.16.228%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Dshinelift.com%26cid%3D15533%26pub%3D201138%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=shinelift.com&cid=14635&pub=201138&prevcid=15533&sid1=&sid2=&sid3=&sid4=
Protocol
HTTP/1.1
Server
185.181.10.57 , Netherlands, ASN47447 (TTM, DE),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
93cf2f0b163055bb8eb7379726937eacd36d690c950c0b00508683658db26743

Request headers

Host
go.peavyyola.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://shinelift.com/clicks/click.php?ip=82.102.16.228&referer_url=http%3A%2F%2Fshinelift.com%2Fclicks%2Fclick.php%3Fip%3D82.102.16.228%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Dshinelift.com%26cid%3D15533%26pub%3D201138%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=shinelift.com&cid=14635&pub=201138&prevcid=15533&sid1=&sid2=&sid3=&sid4=
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://shinelift.com/clicks/click.php?ip=82.102.16.228&referer_url=http%3A%2F%2Fshinelift.com%2Fclicks%2Fclick.php%3Fip%3D82.102.16.228%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Dshinelift.com%26cid%3D15533%26pub%3D201138%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=shinelift.com&cid=14635&pub=201138&prevcid=15533&sid1=&sid2=&sid3=&sid4=

Response headers

Server
nginx/1.6.2
Date
Fri, 21 Dec 2018 00:19:31 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
close
Content-Encoding
gzip

Redirect headers

Date
Fri, 21 Dec 2018 00:19:31 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=de293fbad2feef705493571254368b5251545351570; expires=Sat, 21-Dec-19 00:19:30 GMT; path=/; domain=.maniacfunnel.com; HttpOnly PHPSESSID=8cbqdvfhd8qd8105aei3ko42s4; expires=Fri, 28-Dec-2018 00:19:30 GMT; Max-Age=604800; path=/ csid2=8cbqdvfhd8qd8105aei3ko42s4; expires=Sat, 21-Dec-2019 00:19:30 GMT; Max-Age=31536000; path=/ PHPSESSID=8cbqdvfhd8qd8105aei3ko42s4; expires=Sat, 22-Dec-2018 00:19:30 GMT; Max-Age=86400; path=/ ff-do-ss=node-122002350|XBwxl|XBwxl; path=/
X-Powered-By
PHP/7.0.28
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
X-Robots-Tag
noindex, noarchive, nofollow
P3P
CP="This is not a P3P policy"
Location
http://go.peavyyola.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=483473789741435045
Server
cloudflare
CF-RAY
48c62d75b04ac26f-FRA
bdexIdentity.jsp
exchange.bdex.com/bdex/ Frame DBBE
Redirect Chain
  • https://exchange.bdex.com/bdex/confirmPrivacySettings.jsp?bdexPartnerAccountId=100&correlationId=757f2086-2e9a-4146-b1ea-138345337bda&redir=https%3A%2F%2Fexchange.bdex.com%2Fbdex%2FbdexIdentity.jsp...
  • https://exchange.bdex.com/bdex/bdexIdentity.jsp?bdexPartnerAccountId=100&customerUserId=0ce2b0bc93f34bb49137028923491660&api=Y&apiVersion=0.3&correlationId=757f2086-2e9a-4146-b1ea-138345337bda
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.bdex.com/bdex/bdexIdentity.jsp?bdexPartnerAccountId=100&customerUserId=0ce2b0bc93f34bb49137028923491660&api=Y&apiVersion=0.3&correlationId=757f2086-2e9a-4146-b1ea-138345337bda
Requested by
Host: shinelift.com
URL: http://shinelift.com/clicks/click.php?ip=82.102.16.228&referer_url=http%3A%2F%2Fshinelift.com%2Fclicks%2Fclick.php%3Fip%3D82.102.16.228%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Dshinelift.com%26cid%3D15533%26pub%3D201138%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=shinelift.com&cid=14635&pub=201138&prevcid=15533&sid1=&sid2=&sid3=&sid4=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.164.26.27 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-164-26-27.us-west-2.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

Referer
http://shinelift.com/clicks/click.php?ip=82.102.16.228&referer_url=http%3A%2F%2Fshinelift.com%2Fclicks%2Fclick.php%3Fip%3D82.102.16.228%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Dshinelift.com%26cid%3D15533%26pub%3D201138%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=shinelift.com&cid=14635&pub=201138&prevcid=15533&sid1=&sid2=&sid3=&sid4=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 21 Dec 2018 00:19:29 GMT
Server
Apache-Coyote/1.1
Location
https://exchange.bdex.com/bdex/bdexIdentity.jsp?bdexPartnerAccountId=100&customerUserId=0ce2b0bc93f34bb49137028923491660&api=Y&apiVersion=0.3&correlationId=757f2086-2e9a-4146-b1ea-138345337bda
Content-Type
text/html
Access-Control-Allow-Origin
http://shinelift.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0

Redirect headers

Date
Fri, 21 Dec 2018 00:19:29 GMT
Server
Apache-Coyote/1.1
Access-Control-Allow-Origin
http://shinelift.com
Content-Type
text/html
Location
https://exchange.bdex.com/bdex/bdexIdentity.jsp?bdexPartnerAccountId=100&customerUserId=0ce2b0bc93f34bb49137028923491660&api=Y&apiVersion=0.3&correlationId=757f2086-2e9a-4146-b1ea-138345337bda
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
bdexIdentity.jsp
exchange.bdex.com/bdex/ Frame DBBE 		198 B
673 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.bdex.com/bdex/bdexIdentity.jsp?bdexPartnerAccountId=100&customerUserId=0ce2b0bc93f34bb49137028923491660&api=Y&apiVersion=0.3&correlationId=757f2086-2e9a-4146-b1ea-138345337bda
Requested by
Host: shinelift.com
URL: http://shinelift.com/clicks/click.php?ip=82.102.16.228&referer_url=http%3A%2F%2Fshinelift.com%2Fclicks%2Fclick.php%3Fip%3D82.102.16.228%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Dshinelift.com%26cid%3D15533%26pub%3D201138%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=shinelift.com&cid=14635&pub=201138&prevcid=15533&sid1=&sid2=&sid3=&sid4=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.164.26.27 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-164-26-27.us-west-2.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://shinelift.com/clicks/click.php?ip=82.102.16.228&referer_url=http%3A%2F%2Fshinelift.com%2Fclicks%2Fclick.php%3Fip%3D82.102.16.228%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Dshinelift.com%26cid%3D15533%26pub%3D201138%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=shinelift.com&cid=14635&pub=201138&prevcid=15533&sid1=&sid2=&sid3=&sid4=
Origin
http://shinelift.com

Response headers

Date
Fri, 21 Dec 2018 00:19:29 GMT
Server
Apache-Coyote/1.1
p3p
CP="This is not a P3P policy!"
Access-Control-Allow-Origin
http://shinelift.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/xml;charset=ISO-8859-1
Content-Length
198
t.png
p.cpaoa.org/ Frame DBBE 		68 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://p.cpaoa.org/t.png?bdex=15c33577-04b6-11e9-9e88-025a1d8a72bb2631
Requested by
Host: shinelift.com
URL: http://shinelift.com/clicks/click.php?ip=82.102.16.228&referer_url=http%3A%2F%2Fshinelift.com%2Fclicks%2Fclick.php%3Fip%3D82.102.16.228%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Dshinelift.com%26cid%3D15533%26pub%3D201138%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=shinelift.com&cid=14635&pub=201138&prevcid=15533&sid1=&sid2=&sid3=&sid4=
Protocol
HTTP/1.1
Server
54.148.224.92 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-148-224-92.us-west-2.compute.amazonaws.com
Software
nginx/1.8.1 /
Resource Hash

Request headers

Referer
http://shinelift.com/clicks/click.php?ip=82.102.16.228&referer_url=http%3A%2F%2Fshinelift.com%2Fclicks%2Fclick.php%3Fip%3D82.102.16.228%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Dshinelift.com%26cid%3D15533%26pub%3D201138%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=shinelift.com&cid=14635&pub=201138&prevcid=15533&sid1=&sid2=&sid3=&sid4=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 21 Dec 2018 00:19:30 GMT
Server
nginx/1.8.1
Connection
keep-alive
Content-Length
68
Content-Type
image/png
Primary Request /
www.prontocasino.com/de/
Redirect Chain
  • http://go.peavyyola.com/match-4625/25949/109977769/1545351571/mf_f86f16f6-4dc9-4496-aecd-b77ca5a1e6fc/dHM0NjQtaW50ZXJuYXRpb25hbGVtYWlsLWdlbmVyYWw=/?flux_txid=475075720557923304&flux_hid=48347378974...
  • https://wlpremierlivecasino.adsrv.eacdn.com/C.ashx?btag=a_1343b_16c_&affid=359&siteid=1343&adid=16&c=
  • https://wlpremierlivecasino.adsrv.eacdn.com/C.ashx?btag=a_1343b_16c_&affid=359&siteid=1343&adid=16&c=&AutoR=1
  • https://www.prontocasino.com/de/?btag=a_1343b_16
  • https://www.prontocasino.com/de/
96 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.prontocasino.com/de/
Requested by
Host: go.peavyyola.com
URL: http://go.peavyyola.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=483473789741435045
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:10::6814:2015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/7.2.4
Resource Hash
2565ab5a5aa5f5f6028d354e6d9ff2880d8e0db133e3ef76ce6a1de590f1ad35

Request headers

:method
GET
:authority
www.prontocasino.com
:scheme
https
:path
/de/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://go.peavyyola.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=483473789741435045
accept-encoding
gzip, deflate, br
cookie
__cfduid=da1379efb057f09358bd73a9d4d9a613d1545351572; PHPSESSID=v7e02tc2k7gqm9krni8v5bg484; qtrans_front_language=de; affiliateCode=a_1343b_16
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://go.peavyyola.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=483473789741435045

Response headers

status
200
date
Fri, 21 Dec 2018 00:19:33 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.2.4
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
qtrans_front_language=de; expires=Sat, 21-Dec-2019 00:19:33 GMT; Max-Age=31536000; path=/
link
<https://www.prontocasino.com/de/wp-json/>; rel="https://api.w.org/" <https://www.prontocasino.com/de/>; rel=shortlink
x-fastcgi-cache
MISS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
48c62d83cea4c2dd-FRA
content-encoding
gzip

Redirect headers

status
302
date
Fri, 21 Dec 2018 00:19:33 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=da1379efb057f09358bd73a9d4d9a613d1545351572; expires=Sat, 21-Dec-19 00:19:32 GMT; path=/; domain=.prontocasino.com; HttpOnly PHPSESSID=v7e02tc2k7gqm9krni8v5bg484; path=/ qtrans_front_language=de; expires=Sat, 21-Dec-2019 00:19:32 GMT; Max-Age=31536000; path=/ affiliateCode=a_1343b_16; expires=Wed, 26-Dec-2018 00:19:32 GMT; Max-Age=432000; path=/ qtrans_front_language=de; expires=Sat, 21-Dec-2019 00:19:32 GMT; Max-Age=31536000; path=/
x-powered-by
PHP/7.2.4
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
location
https://www.prontocasino.com/de/
link
<https://www.prontocasino.com/de/wp-json/>; rel="https://api.w.org/" <https://www.prontocasino.com/de/>; rel=shortlink
x-fastcgi-cache
MISS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
48c62d80a8ddc2dd-FRA
qts-default.css
www.prontocasino.com/wp-content/plugins/qtranslate-slug/assets/css/ 		302 B
334 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.prontocasino.com/wp-content/plugins/qtranslate-slug/assets/css/qts-default.css?ver=4.9.8
Requested by
Host: www.prontocasino.com
URL: https://www.prontocasino.com/de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:10::6814:2015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed02b400feabdb78d093c78fcc0d3e80228d9a708de11f91b18bf75d07b5b1fd

Request headers

:path
/wp-content/plugins/qtranslate-slug/assets/css/qts-default.css?ver=4.9.8
pragma
no-cache
cookie
__cfduid=da1379efb057f09358bd73a9d4d9a613d1545351572; PHPSESSID=v7e02tc2k7gqm9krni8v5bg484; qtrans_front_language=de; affiliateCode=a_1343b_16
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.prontocasino.com
referer
https://www.prontocasino.com/de/
:scheme
https
:method
GET
Referer
https://www.prontocasino.com/de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Dec 2018 00:19:33 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 21 Nov 2018 05:51:10 GMT
server
cloudflare
etag
W/"5bf4f24e-12e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=2592000
cf-ray
48c62d871e74c2dd-FRA
expires
Sun, 20 Jan 2019 00:19:33 GMT
style.css
www.prontocasino.com/wp-content/themes/tigershark/ 		0
82 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.prontocasino.com/wp-content/themes/tigershark/style.css?ver=4.9.8
Requested by
Host: www.prontocasino.com
URL: https://www.prontocasino.com/de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:10::6814:2015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/wp-content/themes/tigershark/style.css?ver=4.9.8
pragma
no-cache
cookie
__cfduid=da1379efb057f09358bd73a9d4d9a613d1545351572; PHPSESSID=v7e02tc2k7gqm9krni8v5bg484; qtrans_front_language=de; affiliateCode=a_1343b_16
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.prontocasino.com
referer
https://www.prontocasino.com/de/
:scheme
https
:method
GET
Referer
https://www.prontocasino.com/de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Dec 2018 00:19:33 GMT
cf-cache-status
HIT
last-modified
Thu, 24 May 2018 13:15:28 GMT
server
cloudflare
etag
"5b06baf0-0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
48c62d871e76c2dd-FRA
content-length
0
expires
Sun, 20 Jan 2019 00:19:33 GMT
bootstrap.min.css
www.prontocasino.com/wp-content/themes/tigershark/bower_components/bootstrap/dist/css/ 		118 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.prontocasino.com/wp-content/themes/tigershark/bower_components/bootstrap/dist/css/bootstrap.min.css?ver=2.277
Requested by
Host: www.prontocasino.com
URL: https://www.prontocasino.com/de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:10::6814:2015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

Request headers

:path
/wp-content/themes/tigershark/bower_components/bootstrap/dist/css/bootstrap.min.css?ver=2.277
pragma
no-cache
cookie
__cfduid=da1379efb057f09358bd73a9d4d9a613d1545351572; PHPSESSID=v7e02tc2k7gqm9krni8v5bg484; qtrans_front_language=de; affiliateCode=a_1343b_16
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.prontocasino.com
referer
https://www.prontocasino.com/de/
:scheme
https
:method
GET
Referer
https://www.prontocasino.com/de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Dec 2018 00:19:33 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 24 May 2018 13:25:53 GMT
server
cloudflare
etag
W/"5b06bd61-1d9ac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=2592000
cf-ray
48c62d871e77c2dd-FRA
expires
Sun, 20 Jan 2019 00:19:33 GMT
style.css
www.prontocasino.com/wp-content/themes/tigershark/dist/css/pr/ 		232 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.prontocasino.com/wp-content/themes/tigershark/dist/css/pr/style.css?ver=2.277
Requested by
Host: www.prontocasino.com
URL: https://www.prontocasino.com/de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:10::6814:2015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
88ea4c7146d421df30f14c0c5cd85473041710535d57c09d4f88556de49ced4a

Request headers

:path
/wp-content/themes/tigershark/dist/css/pr/style.css?ver=2.277
pragma
no-cache
cookie
__cfduid=da1379efb057f09358bd73a9d4d9a613d1545351572; PHPSESSID=v7e02tc2k7gqm9krni8v5bg484; qtrans_front_language=de; affiliateCode=a_1343b_16
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.prontocasino.com
referer
https://www.prontocasino.com/de/
:scheme
https
:method
GET
Referer
https://www.prontocasino.com/de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Dec 2018 00:19:33 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 12 Dec 2018 15:03:53 GMT
server
cloudflare
etag
W/"5c112359-39ea7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=2592000
cf-ray
48c62d871e78c2dd-FRA
expires
Sun, 20 Jan 2019 00:19:33 GMT
jquery.js
www.prontocasino.com/wp-includes/js/jquery/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.prontocasino.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: www.prontocasino.com
URL: https://www.prontocasino.com/de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:10::6814:2015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Request headers

:path
/wp-includes/js/jquery/jquery.js?ver=1.12.4
pragma
no-cache
cookie
__cfduid=da1379efb057f09358bd73a9d4d9a613d1545351572; PHPSESSID=v7e02tc2k7gqm9krni8v5bg484; qtrans_front_language=de; affiliateCode=a_1343b_16
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.prontocasino.com
referer
https://www.prontocasino.com/de/
:scheme
https
:method
GET
Referer
https://www.prontocasino.com/de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Dec 2018 00:19:33 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 21 Nov 2018 06:01:28 GMT
server
cloudflare
etag
W/"5bf4f4b8-17ba0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=2592000
cf-ray
48c62d871e7ac2dd-FRA
expires
Sun, 20 Jan 2019 00:19:33 GMT
jquery-migrate.min.js
www.prontocasino.com/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.prontocasino.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: www.prontocasino.com
URL: https://www.prontocasino.com/de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:10::6814:2015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
pragma
no-cache
cookie
__cfduid=da1379efb057f09358bd73a9d4d9a613d1545351572; PHPSESSID=v7e02tc2k7gqm9krni8v5bg484; qtrans_front_language=de; affiliateCode=a_1343b_16
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.prontocasino.com
referer
https://www.prontocasino.com/de/
:scheme
https
:method
GET
Referer
https://www.prontocasino.com/de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Dec 2018 00:19:33 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 21 Nov 2018 06:01:27 GMT
server
cloudflare
etag
W/"5bf4f4b7-2748"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=2592000
cf-ray
48c62d871e7bc2dd-FRA
expires
Sun, 20 Jan 2019 00:19:33 GMT
vue.js
www.prontocasino.com/wp-content/themes/tigershark/js/vue/ 		283 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.prontocasino.com/wp-content/themes/tigershark/js/vue/vue.js?ver=4.9.8
Requested by
Host: www.prontocasino.com
URL: https://www.prontocasino.com/de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:10::6814:2015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
08c313ae3e601b03805c17858bb90da24aa8c24cdb78bf32740272dfd7b08e44

Request headers

:path
/wp-content/themes/tigershark/js/vue/vue.js?ver=4.9.8
pragma
no-cache
cookie
__cfduid=da1379efb057f09358bd73a9d4d9a613d1545351572; PHPSESSID=v7e02tc2k7gqm9krni8v5bg484; qtrans_front_language=de; affiliateCode=a_1343b_16
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.prontocasino.com
referer
https://www.prontocasino.com/de/
:scheme
https
:method
GET
Referer
https://www.prontocasino.com/de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Dec 2018 00:19:33 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 24 May 2018 13:18:55 GMT
server
cloudflare
etag
W/"5b06bbbf-46a17"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=2592000
cf-ray
48c62d871e7cc2dd-FRA
expires
Sun, 20 Jan 2019 00:19:33 GMT
vue-router.js
www.prontocasino.com/wp-content/themes/tigershark/js/vue/ 		64 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.prontocasino.com/wp-content/themes/tigershark/js/vue/vue-router.js?ver=4.9.8
Requested by
Host: www.prontocasino.com
URL: https://www.prontocasino.com/de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:10::6814:2015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ce9413665f508c0e47cf32a6c5a8ec44f1f189c934fbb5cc1c879b6f5d9a95b

Request headers

:path
/wp-content/themes/tigershark/js/vue/vue-router.js?ver=4.9.8
pragma
no-cache
cookie
__cfduid=da1379efb057f09358bd73a9d4d9a613d1545351572; PHPSESSID=v7e02tc2k7gqm9krni8v5bg484; qtrans_front_language=de; affiliateCode=a_1343b_16
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.prontocasino.com
referer
https://www.prontocasino.com/de/
:scheme
https
:method
GET
Referer
https://www.prontocasino.com/de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Dec 2018 00:19:33 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 24 May 2018 13:18:53 GMT
server
cloudflare
etag
W/"5b06bbbd-ff09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=2592000
cf-ray
48c62d871e7ec2dd-FRA
expires
Sun, 20 Jan 2019 00:19:33 GMT
logo.png
www.prontocasino.com/wp-content/themes/tigershark/images/site/pr/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.prontocasino.com/wp-content/themes/tigershark/images/site/pr/logo.png
Requested by
Host: www.prontocasino.com
URL: https://www.prontocasino.com/de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:10::6814:2015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
89d2c49cf64675c68d425de1776c53b0a7ef576c6a74c166dc0d51a1036cb604

Request headers

:path
/wp-content/themes/tigershark/images/site/pr/logo.png
pragma
no-cache
cookie
__cfduid=da1379efb057f09358bd73a9d4d9a613d1545351572; PHPSESSID=v7e02tc2k7gqm9krni8v5bg484; qtrans_front_language=de; affiliateCode=a_1343b_16
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.prontocasino.com
referer
https://www.prontocasino.com/de/
:scheme
https
:method
GET
Referer
https://www.prontocasino.com/de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Dec 2018 00:19:33 GMT
cf-cache-status
HIT
last-modified
Tue, 20 Nov 2018 12:29:50 GMT
server
cloudflare
etag
"5bf3fe3e-5eb2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
48c62d872eb6c2dd-FRA
content-length
24242
expires
Sun, 20 Jan 2019 00:19:33 GMT
game-set.jpg
www.prontocasino.com/wp-content/themes/tigershark/images/site/pr/ 		101 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.prontocasino.com/wp-content/themes/tigershark/images/site/pr/game-set.jpg
Requested by
Host: www.prontocasino.com
URL: https://www.prontocasino.com/de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:10::6814:2015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
777974e118976822eee23d6c3c053ae310a4c156b445d04252a31176123a961b

Request headers

:path
/wp-content/themes/tigershark/images/site/pr/game-set.jpg
pragma
no-cache
cookie
__cfduid=da1379efb057f09358bd73a9d4d9a613d1545351572; PHPSESSID=v7e02tc2k7gqm9krni8v5bg484; qtrans_front_language=de; affiliateCode=a_1343b_16
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.prontocasino.com
referer
https://www.prontocasino.com/de/
:scheme
https
:method
GET
Referer
https://www.prontocasino.com/de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Dec 2018 00:19:33 GMT
cf-cache-status
HIT
last-modified
Tue, 20 Nov 2018 12:29:49 GMT
server
cloudflare
etag
"5bf3fe3d-19419"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
48c62d872ebdc2dd-FRA
content-length
103449
expires
Sun, 20 Jan 2019 00:19:33 GMT
mga_logo.png
www.prontocasino.com/wp-content/themes/tigershark/images/footer-icons/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.prontocasino.com/wp-content/themes/tigershark/images/footer-icons/mga_logo.png
Requested by
Host: www.prontocasino.com
URL: https://www.prontocasino.com/de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:10::6814:2015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7243eb263cdd3f6bd73e1cc1a4c638390c2041ca36bfa94aa3ee1e84d1b7e632

Request headers

:path
/wp-content/themes/tigershark/images/footer-icons/mga_logo.png
pragma
no-cache
cookie
__cfduid=da1379efb057f09358bd73a9d4d9a613d1545351572; PHPSESSID=v7e02tc2k7gqm9krni8v5bg484; qtrans_front_language=de; affiliateCode=a_1343b_16
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.prontocasino.com
referer
https://www.prontocasino.com/de/
:scheme
https
:method
GET
Referer
https://www.prontocasino.com/de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Dec 2018 00:19:33 GMT
cf-cache-status
HIT
last-modified
Mon, 24 Sep 2018 14:44:00 GMT
server
cloudflare
etag
"5ba8f830-ebc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
48c62d876f3fc2dd-FRA
content-length
3772
expires
Sun, 20 Jan 2019 00:19:33 GMT
GamCare@2x.png
www.prontocasino.com/wp-content/themes/tigershark/images/footer-icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.prontocasino.com/wp-content/themes/tigershark/images/footer-icons/GamCare@2x.png
Requested by
Host: www.prontocasino.com
URL: https://www.prontocasino.com/de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:10::6814:2015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
baa86f7a0538a9aee3e37b0645892169cde49f871cf9bb897fec55e6ebe07482

Request headers

:path
/wp-content/themes/tigershark/images/footer-icons/GamCare@2x.png
pragma
no-cache
cookie
__cfduid=da1379efb057f09358bd73a9d4d9a613d1545351572; PHPSESSID=v7e02tc2k7gqm9krni8v5bg484; qtrans_front_language=de; affiliateCode=a_1343b_16
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.prontocasino.com
referer
https://www.prontocasino.com/de/
:scheme
https
:method
GET
Referer
https://www.prontocasino.com/de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Dec 2018 00:19:33 GMT
cf-cache-status
HIT
last-modified
Mon, 24 Sep 2018 14:43:59 GMT
server
cloudflare
etag
"5ba8f82f-600"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
48c62d876f40c2dd-FRA
content-length
1536
expires
Sun, 20 Jan 2019 00:19:33 GMT
GA@2x.png
www.prontocasino.com/wp-content/themes/tigershark/images/footer-icons/ 		950 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.prontocasino.com/wp-content/themes/tigershark/images/footer-icons/GA@2x.png
Requested by
Host: www.prontocasino.com
URL: https://www.prontocasino.com/de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:10::6814:2015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
22fc624d82cc22681146dde438b54c2c848345b12efe763f83fe7d4396f7df78

Request headers

:path
/wp-content/themes/tigershark/images/footer-icons/GA@2x.png
pragma
no-cache
cookie
__cfduid=da1379efb057f09358bd73a9d4d9a613d1545351572; PHPSESSID=v7e02tc2k7gqm9krni8v5bg484; qtrans_front_language=de; affiliateCode=a_1343b_16
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.prontocasino.com
referer
https://www.prontocasino.com/de/
:scheme
https
:method
GET
Referer
https://www.prontocasino.com/de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Dec 2018 00:19:33 GMT
cf-cache-status
HIT
last-modified
Mon, 24 Sep 2018 14:43:59 GMT
server
cloudflare
etag
"5ba8f82f-3b6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
48c62d877f65c2dd-FRA
content-length
950
expires
Sun, 20 Jan 2019 00:19:33 GMT
GambleAware@2x.png
www.prontocasino.com/wp-content/themes/tigershark/images/footer-icons/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.prontocasino.com/wp-content/themes/tigershark/images/footer-icons/GambleAware@2x.png
Requested by
Host: www.prontocasino.com
URL: https://www.prontocasino.com/de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:10::6814:2015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3185c61786b97472e67400f87f4c9c51f75aa0c8f5be7b0b19f66e9765b491c2

Request headers

:path
/wp-content/themes/tigershark/images/footer-icons/GambleAware@2x.png
pragma
no-cache
cookie
__cfduid=da1379efb057f09358bd73a9d4d9a613d1545351572; PHPSESSID=v7e02tc2k7gqm9krni8v5bg484; qtrans_front_language=de; affiliateCode=a_1343b_16
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.prontocasino.com
referer
https://www.prontocasino.com/de/
:scheme
https
:method
GET
Referer
https://www.prontocasino.com/de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Dec 2018 00:19:33 GMT
cf-cache-status
HIT
last-modified
Mon, 24 Sep 2018 14:43:59 GMT
server
cloudflare
etag
"5ba8f82f-10c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
48c62d877f69c2dd-FRA
content-length
4297
expires
Sun, 20 Jan 2019 00:19:33 GMT
IBAS@2x.png
www.prontocasino.com/wp-content/themes/tigershark/images/footer-icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.prontocasino.com/wp-content/themes/tigershark/images/footer-icons/IBAS@2x.png
Requested by
Host: www.prontocasino.com
URL: https://www.prontocasino.com/de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:10::6814:2015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
34896c841e6a3e4040db9d968fc62e862d414ac280a9f42441e160b12a052c2e

Request headers

:path
/wp-content/themes/tigershark/images/footer-icons/IBAS@2x.png
pragma
no-cache
cookie
__cfduid=da1379efb057f09358bd73a9d4d9a613d1545351572; PHPSESSID=v7e02tc2k7gqm9krni8v5bg484; qtrans_front_language=de; affiliateCode=a_1343b_16
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.prontocasino.com
referer
https://www.prontocasino.com/de/
:scheme
https
:method
GET
Referer
https://www.prontocasino.com/de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Dec 2018 00:19:33 GMT
cf-cache-status
HIT
last-modified
Mon, 24 Sep 2018 14:44:00 GMT
server
cloudflare
etag
"5ba8f830-8c2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
48c62d877f6cc2dd-FRA
content-length
2242
expires
Sun, 20 Jan 2019 00:19:33 GMT
GAM%20STOP_BW_small.png
www.prontocasino.com/wp-content/themes/tigershark/images/footer-icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.prontocasino.com/wp-content/themes/tigershark/images/footer-icons/GAM%20STOP_BW_small.png
Requested by
Host: www.prontocasino.com
URL: https://www.prontocasino.com/de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:10::6814:2015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4d9ce1821749ebabad5910648d70bf267390cba9e67a7488f40f9ecd2789b0a

Request headers

:path
/wp-content/themes/tigershark/images/footer-icons/GAM%20STOP_BW_small.png
pragma
no-cache
cookie
__cfduid=da1379efb057f09358bd73a9d4d9a613d1545351572; PHPSESSID=v7e02tc2k7gqm9krni8v5bg484; qtrans_front_language=de; affiliateCode=a_1343b_16
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.prontocasino.com
referer
https://www.prontocasino.com/de/
:scheme
https
:method
GET
Referer
https://www.prontocasino.com/de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Dec 2018 00:19:33 GMT
cf-cache-status
HIT
last-modified
Mon, 24 Sep 2018 14:43:59 GMT
server
cloudflare
etag
"5ba8f82f-4b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
48c62d877f6fc2dd-FRA
content-length
1205
expires
Sun, 20 Jan 2019 00:19:33 GMT
trustly-loader.gif
www.prontocasino.com/wp-content/themes/tigershark/images/site/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.prontocasino.com/wp-content/themes/tigershark/images/site/trustly-loader.gif
Requested by
Host: www.prontocasino.com
URL: https://www.prontocasino.com/de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:10::6814:2015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee236935482cda1e0ddec0ee3cee35662cf7b7357e1c588aa6ae35251d3b684f

Request headers

:path
/wp-content/themes/tigershark/images/site/trustly-loader.gif
pragma
no-cache
cookie
__cfduid=da1379efb057f09358bd73a9d4d9a613d1545351572; PHPSESSID=v7e02tc2k7gqm9krni8v5bg484; qtrans_front_language=de; affiliateCode=a_1343b_16
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.prontocasino.com
referer
https://www.prontocasino.com/de/
:scheme
https
:method
GET
Referer
https://www.prontocasino.com/de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Dec 2018 00:19:33 GMT
cf-cache-status
HIT
last-modified
Tue, 25 Sep 2018 16:03:53 GMT
server
cloudflare
etag
"5baa5c69-abe3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
48c62d877f72c2dd-FRA
content-length
44003
expires
Sun, 20 Jan 2019 00:19:33 GMT
scripts.min.js
www.prontocasino.com/wp-content/themes/tigershark/dist/js/ 		280 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.prontocasino.com/wp-content/themes/tigershark/dist/js/scripts.min.js?ver=2.277
Requested by
Host: www.prontocasino.com
URL: https://www.prontocasino.com/de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:10::6814:2015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
551a4a5fab15b3fd7c9907a5e43cbb09d8741ef1c228686a9240c788cb295885

Request headers

:path
/wp-content/themes/tigershark/dist/js/scripts.min.js?ver=2.277
pragma
no-cache
cookie
__cfduid=da1379efb057f09358bd73a9d4d9a613d1545351572; PHPSESSID=v7e02tc2k7gqm9krni8v5bg484; qtrans_front_language=de; affiliateCode=a_1343b_16
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.prontocasino.com
referer
https://www.prontocasino.com/de/
:scheme
https
:method
GET
Referer
https://www.prontocasino.com/de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Dec 2018 00:19:33 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 12 Dec 2018 15:03:31 GMT
server
cloudflare
etag
W/"5c112343-45ff7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=2592000
cf-ray
48c62d874ee6c2dd-FRA
expires
Sun, 20 Jan 2019 00:19:33 GMT
wp-embed.min.js
www.prontocasino.com/wp-includes/js/ 		1 KB
851 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.prontocasino.com/wp-includes/js/wp-embed.min.js?ver=4.9.8
Requested by
Host: www.prontocasino.com
URL: https://www.prontocasino.com/de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:10::6814:2015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0

Request headers

:path
/wp-includes/js/wp-embed.min.js?ver=4.9.8
pragma
no-cache
cookie
__cfduid=da1379efb057f09358bd73a9d4d9a613d1545351572; PHPSESSID=v7e02tc2k7gqm9krni8v5bg484; qtrans_front_language=de; affiliateCode=a_1343b_16
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.prontocasino.com
referer
https://www.prontocasino.com/de/
:scheme
https
:method
GET
Referer
https://www.prontocasino.com/de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Dec 2018 00:19:33 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 21 Nov 2018 06:00:30 GMT
server
cloudflare
etag
W/"5bf4f47e-576"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=2592000
cf-ray
48c62d875f21c2dd-FRA
expires
Sun, 20 Jan 2019 00:19:33 GMT
site-flash.svg
www.prontocasino.com/wp-content/themes/tigershark/images/site/pr/ 		612 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.prontocasino.com/wp-content/themes/tigershark/images/site/pr/site-flash.svg
Requested by
Host: www.prontocasino.com
URL: https://www.prontocasino.com/de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:10::6814:2015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6be9285e4d2a9c86a94767d5b9676169685fb9ba2f21ad0040c530fba890c49e

Request headers

:path
/wp-content/themes/tigershark/images/site/pr/site-flash.svg
pragma
no-cache
cookie
__cfduid=da1379efb057f09358bd73a9d4d9a613d1545351572; PHPSESSID=v7e02tc2k7gqm9krni8v5bg484; qtrans_front_language=de; affiliateCode=a_1343b_16
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.prontocasino.com
referer
https://www.prontocasino.com/wp-content/themes/tigershark/dist/css/pr/style.css?ver=2.277
:scheme
https
:method
GET
Referer
https://www.prontocasino.com/wp-content/themes/tigershark/dist/css/pr/style.css?ver=2.277
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Fri, 21 Dec 2018 00:19:33 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 20 Nov 2018 12:29:51 GMT
server
cloudflare
etag
W/"5bf3fe3f-264"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
public, max-age=2592000
cf-ray
48c62d878f8fc2dd-FRA
expires
Sun, 20 Jan 2019 00:19:33 GMT
montserrat-regular-webfont.woff2
www.prontocasino.com/wp-content/themes/tigershark/fonts/montserrat/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.prontocasino.com/wp-content/themes/tigershark/fonts/montserrat/montserrat-regular-webfont.woff2
Requested by
Host: www.prontocasino.com
URL: https://www.prontocasino.com/de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:10::6814:2015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fd4e4df33feeaf42180fafb106ef3556a992140dcc94d1fcd2c4218e9ca6bdc

Request headers

:path
/wp-content/themes/tigershark/fonts/montserrat/montserrat-regular-webfont.woff2
pragma
no-cache
cookie
__cfduid=da1379efb057f09358bd73a9d4d9a613d1545351572; PHPSESSID=v7e02tc2k7gqm9krni8v5bg484; qtrans_front_language=de; affiliateCode=a_1343b_16
origin
https://www.prontocasino.com
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.prontocasino.com
referer
https://www.prontocasino.com/wp-content/themes/tigershark/dist/css/pr/style.css?ver=2.277
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.prontocasino.com/wp-content/themes/tigershark/dist/css/pr/style.css?ver=2.277
Origin
https://www.prontocasino.com

Response headers

pragma
public
date
Fri, 21 Dec 2018 00:19:33 GMT
cf-cache-status
HIT
last-modified
Thu, 24 May 2018 13:16:30 GMT
server
cloudflare
etag
"5b06bb2e-48e8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
status
200
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
48c62d878fa2c2dd-FRA
content-length
18664
expires
Sun, 20 Jan 2019 00:19:33 GMT
montserrat-light-webfont.woff2
www.prontocasino.com/wp-content/themes/tigershark/fonts/montserrat/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.prontocasino.com/wp-content/themes/tigershark/fonts/montserrat/montserrat-light-webfont.woff2
Requested by
Host: www.prontocasino.com
URL: https://www.prontocasino.com/de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:10::6814:2015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
38d56a72591c3a8703cd71db90f96b262d86798ca136a13a4d47053a7167c13d

Request headers

:path
/wp-content/themes/tigershark/fonts/montserrat/montserrat-light-webfont.woff2
pragma
no-cache
cookie
__cfduid=da1379efb057f09358bd73a9d4d9a613d1545351572; PHPSESSID=v7e02tc2k7gqm9krni8v5bg484; qtrans_front_language=de; affiliateCode=a_1343b_16
origin
https://www.prontocasino.com
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.prontocasino.com
referer
https://www.prontocasino.com/wp-content/themes/tigershark/dist/css/pr/style.css?ver=2.277
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.prontocasino.com/wp-content/themes/tigershark/dist/css/pr/style.css?ver=2.277
Origin
https://www.prontocasino.com

Response headers

pragma
public
date
Fri, 21 Dec 2018 00:19:33 GMT
cf-cache-status
HIT
last-modified
Thu, 24 May 2018 13:16:29 GMT
server
cloudflare
etag
"5b06bb2d-48f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
status
200
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
48c62d878fb2c2dd-FRA
content-length
18676
expires
Sun, 20 Jan 2019 00:19:33 GMT
glyphicons-halflings-regular.woff2
www.prontocasino.com/wp-content/themes/tigershark/bower_components/bootstrap/dist/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.prontocasino.com/wp-content/themes/tigershark/bower_components/bootstrap/dist/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: www.prontocasino.com
URL: https://www.prontocasino.com/de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:10::6814:2015 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

:path
/wp-content/themes/tigershark/bower_components/bootstrap/dist/fonts/glyphicons-halflings-regular.woff2
pragma
no-cache
cookie
__cfduid=da1379efb057f09358bd73a9d4d9a613d1545351572; PHPSESSID=v7e02tc2k7gqm9krni8v5bg484; qtrans_front_language=de; affiliateCode=a_1343b_16
origin
https://www.prontocasino.com
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.prontocasino.com
referer
https://www.prontocasino.com/wp-content/themes/tigershark/bower_components/bootstrap/dist/css/bootstrap.min.css?ver=2.277
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.prontocasino.com/wp-content/themes/tigershark/bower_components/bootstrap/dist/css/bootstrap.min.css?ver=2.277
Origin
https://www.prontocasino.com

Response headers

pragma
public
date
Fri, 21 Dec 2018 00:19:33 GMT
cf-cache-status
HIT
last-modified
Thu, 24 May 2018 13:25:55 GMT
server
cloudflare
etag
"5b06bd63-466c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
status
200
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
48c62d878fc0c2dd-FRA
content-length
18028
expires
Sun, 20 Jan 2019 00:19:33 GMT
gtm.js
www.googletagmanager.com/ 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TFMFGHF
Requested by
Host: www.prontocasino.com
URL: https://www.prontocasino.com/de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:815::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
dd4074965cac958d81ec432847bc5d22416941a6d20da43cc41fb2a58a7e52e5
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.prontocasino.com/de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 21 Dec 2018 00:19:33 GMT
content-encoding
gzip
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
32309
x-xss-protection
1; mode=block
expires
Fri, 21 Dec 2018 00:19:33 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TFMFGHF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.prontocasino.com/de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 05 Nov 2018 21:10:09 GMT
server
Golfe2
age
315
date
Fri, 21 Dec 2018 00:14:18 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
17404
expires
Fri, 21 Dec 2018 02:14:18 GMT
snippet.js
static.zdassets.com/ekr/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/snippet.js?key=c19a9a7c-82c0-402f-bf3a-11206e1c8316
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TFMFGHF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.18.71.113 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
43b7eac462c1cf9f7ed8b66de3e8cff1101007ab66d90187ae07964d50a81a06
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.prontocasino.com/de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 21 Dec 2018 00:19:34 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
DC2C3476FC507154
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
strict-transport-security
max-age=0
content-type
application/javascript
x-amz-id-2
4NaKA8Xz4sC3CRQzwP8igMOD+kZUcDifRoyX9bdNCrUUvpXUjmjNpRpXlAzDBELKNOqdCAkaqR4=
last-modified
Wed, 12 Dec 2018 23:40:45 GMT
server
cloudflare
etag
W/"db86dfe0bdd759f13eb9520b90e98d50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
ZCCwtrLXsy6Ioz4KcbwQtJvhrv1BaFNz
cache-control
public, max-age=3600, s-maxage=60
cf-ray
48c62d8a5ba3bf93-AMS
hotjar-1043908.js
static.hotjar.com/c/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1043908.js?sv=6
Requested by
Host: shinelift.com
URL: http://shinelift.com/clicks/?cid=15533&pub=201138&sid1=&sid2=&sid3=&sid4=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.205.43 Amsterdam, Netherlands, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-31
Software
/
Resource Hash
44073acff7bca8d85f00da8ffd2957899a0e4af4f643f467789d98c3d46ea7e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.prontocasino.com/de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 21 Dec 2018 00:19:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
*
etag
W/86b28d6bf9d3396fdc11d5e719c4e35a
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=60
section-io-origin-time-seconds
0.050
section-io-origin-status
304
accept-ranges
bytes
section-io-id
510f446698ca99bf70c83587ea2586d2
content-length
948
collect
www.google-analytics.com/r/ 		35 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j72&a=228466338&t=pageview&_s=1&dl=https%3A%2F%2Fwww.prontocasino.com%2Fde%2F&dr=http%3A%2F%2Fgo.peavyyola.com%2Fts464-internationalemail-general%3Fflux_txid%3D475075720557923304%26flux_hid%3D483473789741435045&ul=en-us&de=UTF-8&dt=Pronto%20Casino%20-%20Online%20Casino%20Spiele%20ohne%20Registrierung.%20Auszahlungen%20innerhalb%20von%205%20Minuten&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=754631828&gjid=1063763260&cid=888842051.1545351574&tid=UA-126268886-1&_gid=1750495144.1545351574&_r=1&gtm=2wgbc0TFMFGHF&z=289463164
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.prontocasino.com/de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Dec 2018 00:19:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules-38e6054579cf2b1595bd244b3975c490.js
script.hotjar.com/ 		399 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules-38e6054579cf2b1595bd244b3975c490.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1043908.js?sv=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.205.49 Amsterdam, Netherlands, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-26
Software
/
Resource Hash
91ac593c251900f8375f8da34f3b87afb65c360330e25f62b07ae98ae8cf46d2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.prontocasino.com/de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 21 Dec 2018 00:19:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 19 Dec 2018 17:52:07 GMT
access-control-allow-origin
*
etag
W/"38e6054579cf2b1595bd244b3975c490"
content-type
application/javascript
status
200
cache-control
max-age=31536000
section-io-origin-time-seconds
0.045
content-length
82179
section-io-origin-status
200
accept-ranges
bytes
section-io-id
9053f6bdac60f1bd2a5819c1d434a1de
x-amz-version-id
Tt5ezr69rgccQPgGN5LKvdjITaZlSJh2
rcj-da10bd4908deb9e19dfde013ec3fe4ff.html
vars.hotjar.com/ Frame 816D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/rcj-da10bd4908deb9e19dfde013ec3fe4ff.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1043908.js?sv=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.80.178 , Switzerland, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-25
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/rcj-da10bd4908deb9e19dfde013ec3fe4ff.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.prontocasino.com/de/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.prontocasino.com/de/

Response headers

status
200
date
Fri, 21 Dec 2018 00:19:34 GMT
content-type
text/html
content-length
857
cache-control
max-age=31536000
last-modified
Wed, 19 Dec 2018 17:52:07 GMT
x-amz-version-id
kXDbHBZalxruILSHZ6IiMl.paKN9UFgK
section-io-origin-status
200
section-io-origin-time-seconds
0.044
etag
W/"da10bd4908deb9e19dfde013ec3fe4ff"
content-encoding
gzip
accept-ranges
bytes
section-io-id
7e44db5addbff2233995a3e433e4adf8
asset_composer.fb4a55c4f794453a91d7.js
static.zdassets.com/ekr/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/asset_composer.fb4a55c4f794453a91d7.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=c19a9a7c-82c0-402f-bf3a-11206e1c8316
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.18.71.113 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
460befce6c7fad3607f2cc5301a5754a4ebc4d757b3c39ec6c6373bf0d09ca5e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.prontocasino.com/de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 21 Dec 2018 00:19:34 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
9AAE7FA9BF3347F0
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
strict-transport-security
max-age=0
content-type
application/javascript
x-amz-id-2
07Pm/mGCJ3oFa8dUsRAT6YrSNS02ICNy4YmREnVjIqvmiqYNM8DEdXXLBoJaFC8vXkmI0R5QfBg=
last-modified
Wed, 12 Dec 2018 23:40:46 GMT
server
cloudflare
etag
W/"5f0f35ff7c7e2f77a0696490514ba44e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
ozq4NJEER8TWjcfFZxRnC.wod12T3zE4
cache-control
public, max-age=31536000
cf-ray
48c62d8a7ba9bf93-AMS
/
track.adform.net/serving/scripts/trackpoint/async/ 		76 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/scripts/trackpoint/async/
Requested by
Host: shinelift.com
URL: http://shinelift.com/clicks/?cid=15533&pub=201138&sid1=&sid2=&sid3=&sid4=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a631e8098179b4b6feaca08bce747cb8b3c53450c3fe30eead2c3f23dd288265

Request headers

Referer
https://www.prontocasino.com/de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 21 Dec 2018 00:19:34 GMT
content-encoding
gzip
server
nginx
access-control-allow-origin
*
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
public, max-age=604800
content-type
text/javascript; charset=utf-8
content-length
30712
expires
Fri, 28 Dec 2018 00:19:34 GMT
c19a9a7c-82c0-402f-bf3a-11206e1c8316
ekr.zdassets.com/compose/ 		236 B
767 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/c19a9a7c-82c0-402f-bf3a-11206e1c8316
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.fb4a55c4f794453a91d7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:ba00:14:e8dc:9940:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
817099c3387fef457d5a37d899deec8f76daad46cdf010d3641cc41afe0b96ea

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.prontocasino.com/de/
Origin
https://www.prontocasino.com

Response headers

date
Fri, 21 Dec 2018 00:19:34 GMT
via
1.1 3283735112d0a322451d32ef038129c9.cloudfront.net (CloudFront)
vary
Origin
x-cache
Miss from cloudfront
status
200, 200 OK
content-length
236
x-request-id
e7477689-5808-4eca-8e9c-a283a13d425f
x-runtime
0.007256
server
nginx
etag
W/"817099c3387fef457d5a37d899deec8f"
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.prontocasino.com
access-control-expose-headers
cache-control
public, max-age=600, s-maxage=60
access-control-allow-credentials
true
x-amz-cf-id
H5hmVq4GIllbiMec7xtHlE5djQ3nREAWJ-G_cFLj1D0pDZOuo3zcmA==
/
track.adform.net/Serving/TrackPoint/ 		18 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/TrackPoint/?pm=1481840&ADFdivider=%7C&ord=191451966034&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=http%3A%2F%2Fgo.peavyyola.com%2Fts464-internationalemail-general%3Fflux_txid%3D475075720557923304%26flux_hid%3D483473789741435045&ADFtpmode=2&loc=https%3A%2F%2Fwww.prontocasino.com%2Fde%2F
Requested by
Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
d5fba233b12683a978670dbcd7d14308427f99dd2538e044b4d8aa7defdfb593

Request headers

Referer
https://www.prontocasino.com/de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Dec 2018 00:19:34 GMT
content-encoding
gzip
server
nginx
access-control-allow-origin
*
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
text/javascript; charset=utf-8
content-length
8680
expires
-1
/
track.adform.net/wpf/v2/Vla44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXdMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2VHqwodv.numypZHgfLMC7AeLd7FmrpwoNN5uQ4s5uQ1szHVyVxFAk.rpwoNJ9z4oYY... 		475 B
840 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/wpf/v2/Vla44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXdMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2VHqwodv.numypZHgfLMC7AeLd7FmrpwoNN5uQ4s5uQ1szHVyVxFAk.rpwoNJ9z4oYYLzZGgeWy24bT8sjrkRGyC_JxoPyjzA1j4Hj5Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6._htdIq0bp_xf7_OLgiPFMtrs1OeyjaY1vSiwu5tB5CI8ZzYbJlpMpwoNSUC56MnGWpwoNHHACVZXnN9N8Za9PJ9Jdik.uJtHoqvynx9MsFyxYM914Ve_clr_ikkKGmXb97SSr_JzAqUd2wHCSFQ_01kKJA237lY5BSmxWY5BNBtQT.clYIT3SvgMJgJ0Nc1lF4XVA4.L9.gJ.elF1VLf4.9dPgJ2MnGmRgJ2MnGmRgJ.c4elF1VLf4.ATjV.038/serving/trackpoint/?pm=1481840&ADFdivider=%7c&ord=191451966034&Set1=en-US%7cen-US%7c1600x1200%7c24&CPref=http%3a%2f%2fgo.peavyyola.com%2fts464-internationalemail-general%3fflux_txid%3d475075720557923304%26flux_hid%3d483473789741435045&ADFtpmode=2&loc=https%3a%2f%2fwww.prontocasino.com%2fde%2f&catdt=0
Requested by
Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8f67d985b02794a013889e47760c326b77c65d3d68e722691a077cf5c750b973

Request headers

Referer
https://www.prontocasino.com/de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Dec 2018 00:19:34 GMT
content-encoding
gzip
server
nginx
access-control-allow-origin
*
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
text/javascript; charset=utf-8
content-length
437
expires
-1
/
track.adform.net/serving/container/ Frame C67E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/container/?pm=1481840&lid=43194283&ctype=0&media=0&PageName=prontocasino.com%2fde%2f&rnd=1099330958&cpref=http%3a%2f%2fgo.peavyyola.com%2fts464-internationalemail-general%3fflux_txid%3d475075720557923304%26flux_hid%3d483473789741435045&loc=https%3a%2f%2fwww.prontocasino.com%2fde%2f
Requested by
Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
track.adform.net
:scheme
https
:path
/serving/container/?pm=1481840&lid=43194283&ctype=0&media=0&PageName=prontocasino.com%2fde%2f&rnd=1099330958&cpref=http%3a%2f%2fgo.peavyyola.com%2fts464-internationalemail-general%3fflux_txid%3d475075720557923304%26flux_hid%3d483473789741435045&loc=https%3a%2f%2fwww.prontocasino.com%2fde%2f
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.prontocasino.com/de/
accept-encoding
gzip, deflate, br
cookie
cid=-6618991247103419365,0,0,0,0; uid=-6618991247103419365
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.prontocasino.com/de/

Response headers

status
200
server
nginx
date
Fri, 21 Dec 2018 00:19:34 GMT
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-encoding
gzip
expires
-1
vary
Accept-Encoding
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
abc024d3b1f092477c7385e4883af6ff03f5d040
ekr.zdassets.com/compose_product/web_widget/ 		432 B
956 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose_product/web_widget/abc024d3b1f092477c7385e4883af6ff03f5d040?features[]=ticket_submission&use_json=true
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.fb4a55c4f794453a91d7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:ba00:14:e8dc:9940:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
b9d8dc3abc6943c4ff889cd12fb4a3ac0dd15f0494eef7c86106046ba12293d6

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.prontocasino.com/de/
Origin
https://www.prontocasino.com

Response headers

date
Fri, 21 Dec 2018 00:19:34 GMT
via
1.1 3283735112d0a322451d32ef038129c9.cloudfront.net (CloudFront)
vary
Origin
x-cache
Miss from cloudfront
status
200, 200 OK
content-length
432
x-request-id
1317752f-1d54-4ef2-8033-490a811698ef
x-runtime
0.004038
server
nginx
etag
W/"b9d8dc3abc6943c4ff889cd12fb4a3ac"
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.prontocasino.com
access-control-expose-headers
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-amz-cf-id
G7oOl6O9NWQGqsadH36A9jtYky5piURXWCg3t1ZLkeFbk3dge1iQaw==
runtime.21a26ad46e6a06a0f779.js
static.zdassets.com/web_widget/latest/ Frame 0408 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/runtime.21a26ad46e6a06a0f779.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.fb4a55c4f794453a91d7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.18.71.113 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
efc0bb1677d588657818104b7fb63b7603c05c6c4661bebb1bdbbeb261efebf3
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 21 Dec 2018 00:19:34 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
9420C84C758771C1
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
x-amz-id-2
t5lVEHnyj+8etV8e1R2C2djFhKEsjDAxNlYlHo/arkB1iJ3hADdviKVo8drtznQuNJ6h++vv7+A=
last-modified
Fri, 14 Dec 2018 00:54:05 GMT
server
cloudflare
etag
W/"04aa81a811d7d4d281109356ad4135eb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
q4nm6_cXtSjSPWyX6Wh8F0HhCOdCpYog
cache-control
public, max-age=31536000
cf-ray
48c62d8dcc69bf93-AMS
expires
Sat, 14 Dec 2019 00:54:04 GMT
common_vendor.285b6cab938b29886c86.js
static.zdassets.com/web_widget/latest/ Frame 0408 		257 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/common_vendor.285b6cab938b29886c86.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.fb4a55c4f794453a91d7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.18.71.113 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a02b96bbdee211461cca71b76e9d14843d182b1abd3d6b97989245b7dff821bb
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 21 Dec 2018 00:19:34 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
82716C445DBB0618
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
x-amz-id-2
6Iobxh+8OEjQPdgvo+C/5C7NQXpCi25OJoWGJZDh0wh0+7GqftDx3y+T83X7Gq4fyDEjVe1atyk=
last-modified
Fri, 14 Dec 2018 00:54:05 GMT
server
cloudflare
etag
W/"9be26a343c5d0ad125d4c463cceb858c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
ES9.vUS5fX6gdNqslPuPza9c1kMNCoNV
cache-control
public, max-age=31536000
cf-ray
48c62d8dcc6abf93-AMS
expires
Sat, 14 Dec 2019 00:54:04 GMT
translations.fb2e94f3a4e204899afe.js
static.zdassets.com/web_widget/latest/ Frame 0408 		652 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/translations.fb2e94f3a4e204899afe.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.fb4a55c4f794453a91d7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.18.71.113 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3000ae9daa07139f67ef47df3f7a5f3fdbf0caf9de7a87e2413b3cc1df0ba4c3
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 21 Dec 2018 00:19:34 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
18FEF82BE9D9FE08
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
x-amz-id-2
YJQoLlFQyH+2rXfV2s0bo/V+3cJchWxn2D+Sw1V3LfNrw3RwJ6sdHKjBCybtGNsGh7VNyX1UFLM=
last-modified
Wed, 19 Dec 2018 03:42:21 GMT
server
cloudflare
etag
W/"78eee500eb1488083cc5cef7ae2bac31"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
qbQLhaisqjkeZ8taA.zbP0fjSLP.tN_4
cache-control
public, max-age=31536000
cf-ray
48c62d8dcc6bbf93-AMS
expires
Thu, 19 Dec 2019 03:42:20 GMT
web_widget.4007db8f36cdefac9012.js
static.zdassets.com/web_widget/latest/ Frame 0408 		2 MB
453 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web_widget.4007db8f36cdefac9012.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.fb4a55c4f794453a91d7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.18.71.113 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ea2d156efc124a80554a7c1e4e40c4fb51705f723d56af14f933254b1f60a11
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 21 Dec 2018 00:19:34 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
E1AB89E757CC4DCA
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
x-amz-id-2
X5I2iXwgnAOslQk5BLnnco7fSWeog9t0cLTRDj+FbUCIgSvmT2OglEJbXcgME0wXRJLu1NRzkTs=
last-modified
Wed, 19 Dec 2018 03:42:22 GMT
server
cloudflare
etag
W/"b817a1b1655d6e9d6817f32f00833b37"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
BGSsuYLZKPNYQW03HAQbXKTf0SqrEQHm
cache-control
public, max-age=31536000
cf-ray
48c62d8dcc6cbf93-AMS
expires
Thu, 19 Dec 2019 03:42:21 GMT
config
deltaservices.zendesk.com/embeddable/ Frame 0408 		461 B
859 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://deltaservices.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web_widget.4007db8f36cdefac9012.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.54.111 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6f1acfbfb23144ce7d7f5a7c9044cb1ce3fe058c5889e485099e6f1a417b30d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://www.prontocasino.com

Response headers

date
Fri, 21 Dec 2018 00:19:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
status
200, 200 OK
vary
Origin, Accept-Encoding
x-request-id
48c62d9069ecbf7f-SEA
x-runtime
0.002000
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
1728000
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=300, stale-while-revalidate=600, stale-if-error=3600
x-zendesk-origin-server
embeddable3.pod20.usw2.zdsys.com
cf-ray
48c62d9069ecbf7f-AMS
embeddable_blip
deltaservices.zendesk.com/ Frame 0408 		0
38 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://deltaservices.zendesk.com/embeddable_blip?type=userAction&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInVzZXJBY3Rpb24iOnsiY2F0ZWdvcnkiOiJhcGkiLCJhY3Rpb24iOiJ3ZWJXaWRnZXQuc2V0TG9jYWxlIiwibGFiZWwiOm51bGwsInZhbHVlIjp7ImFyZ3MiOiJkZSJ9fSwiYnVpZCI6IjIzY2U0YjhjYWQwZjY4MTE3YmMxMGMwMDc0NTUzYjUzIiwic3VpZCI6ImEzNmIxZGQ3N2U1NGM4NzMwYzkzY2JiYjRiZmZiNmI3IiwidmVyc2lvbiI6ImFiYzAyNGQzYiIsInRpbWVzdGFtcCI6IjIwMTgtMTItMjFUMDA6MTk6MzUuMzAyWiIsInVybCI6Imh0dHBzOi8vd3d3LnByb250b2Nhc2luby5jb20vZGUvIn0%3D
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web_widget.4007db8f36cdefac9012.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.54.111 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://www.prontocasino.com

Response headers

date
Fri, 21 Dec 2018 00:19:35 GMT
cf-cache-status
MISS
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.prontocasino.com
accept-ranges
bytes
cf-ray
48c62d91bc9ebf7f-AMS
content-length
0
embeddable_blip
deltaservices.zendesk.com/ Frame 0408 		0
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://deltaservices.zendesk.com/embeddable_blip?type=pageView&data=eyJwYWdlVmlldyI6eyJyZWZlcnJlciI6Imh0dHA6Ly9nby5wZWF2eXlvbGEuY29tL3RzNDY0LWludGVybmF0aW9uYWxlbWFpbC1nZW5lcmFsP2ZsdXhfdHhpZD00NzUwNzU3MjA1NTc5MjMzMDQmZmx1eF9oaWQ9NDgzNDczNzg5NzQxNDM1MDQ1IiwidGltZSI6MCwibmF2aWdhdG9yTGFuZ3VhZ2UiOiJlbi1VUyIsInBhZ2VUaXRsZSI6IlByb250byBDYXNpbm8gLSBPbmxpbmUgQ2FzaW5vIFNwaWVsZSBvaG5lIFJlZ2lzdHJpZXJ1bmcuIEF1c3phaGx1bmdlbiBpbm5lcmhhbGIgdm9uIDUgTWludXRlbiIsInVzZXJBZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzEzXzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS82Ny4wLjMzOTYuODcgU2FmYXJpLzUzNy4zNiIsImhlbHBDZW50ZXJEZWR1cCI6ZmFsc2V9LCJidWlkIjoiYWNiMGE1ZjE2ZTY1ZTQxMWFlNDYzNGVkYzQzZTkwYTYiLCJzdWlkIjoiNjdjNmQxNzM2MjI1NmEwZmZjZDk0YmIzY2UzZDk0NTQiLCJ2ZXJzaW9uIjoiYWJjMDI0ZDNiIiwidGltZXN0YW1wIjoiMjAxOC0xMi0yMVQwMDoxOTozNS4zMDVaIiwidXJsIjoiaHR0cHM6Ly93d3cucHJvbnRvY2FzaW5vLmNvbS9kZS8ifQ%3D%3D
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web_widget.4007db8f36cdefac9012.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.54.111 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://www.prontocasino.com

Response headers

date
Fri, 21 Dec 2018 00:19:35 GMT
cf-cache-status
MISS
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.prontocasino.com
accept-ranges
bytes
cf-ray
48c62d91bc9fbf7f-AMS
content-length
0
widget_v2.274.js
v2.zopim.com/bin/v/
Redirect Chain
  • https://v2.zopim.com/?lJlkejUwAPSlteF5GyFfxHgesNksMNQm
  • https://v2.zopim.com/bin/v/widget_v2.274.js
1 MB
247 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v2.zopim.com/bin/v/widget_v2.274.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.83.55 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
13caa0d514a4e4700ec3c21e150d650cd3123254fdf3ac11ead0e778a06aeea5

Request headers

Referer
https://www.prontocasino.com/de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 21 Dec 2018 00:19:35 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 12 Dec 2018 05:23:17 GMT
server
cloudflare
etag
W/"5c109b45-108177"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=315360000
cf-ray
48c62d92cb1bc839-AMS
expires
Mon, 18 Dec 2028 00:19:35 GMT

Redirect headers

date
Fri, 21 Dec 2018 00:19:35 GMT
cf-cache-status
HIT
server
cloudflare
location
https://v2.zopim.com/bin/v/widget_v2.274.js
etag
"5c19b449-0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
status
302
cache-control
max-age=14400, max-age=14400, public, must-revalidate, proxy-revalidate
cf-ray
48c62d91fa4ac839-AMS
content-length
0
expires
Fri, 21 Dec 2018 03:55:32 GMT
__$$__stringtable_lang_de.js
v2.zopim.com/lib/20181212.052263/ Frame EADB 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v2.zopim.com/lib/20181212.052263/__$$__stringtable_lang_de.js
Requested by
Host: v2.zopim.com
URL: https://v2.zopim.com/bin/v/widget_v2.274.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.83.55 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8476d5176a2c6a7a0d597622d841856f951c7f33767f47aa104b3ede6bcba5f

Request headers

Referer
https://www.prontocasino.com/de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 21 Dec 2018 00:19:35 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 12 Dec 2018 05:23:16 GMT
server
cloudflare
etag
W/"5c109b44-18e2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=315360000
cf-ray
48c62d939be2c839-AMS
expires
Mon, 18 Dec 2028 00:19:35 GMT
avatar_simple_visitor.png
v2.zopim.com/widget/images/ Frame 85EC 		663 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v2.zopim.com/widget/images/avatar_simple_visitor.png
Requested by
Host: www.prontocasino.com
URL: https://www.prontocasino.com/de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.83.55 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
05b802e6202a6d515f867510ecfd6474289dcc72b5997e3b0f7d784e5aeccae6

Request headers

Referer
https://www.prontocasino.com/de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 21 Dec 2018 00:19:35 GMT
cf-cache-status
HIT
cf-polished
origSize=1922
status
200
cf-bgj
imgq:100
content-length
663
last-modified
Thu, 02 Mar 2017 11:22:19 GMT
server
cloudflare
etag
"58b8006b-782"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
48c62d95ee57c839-AMS
expires
Fri, 28 Dec 2018 00:19:35 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
p.cpaoa.org
URL
http://p.cpaoa.org/l.js?impression_type=jsredir&impression_guid=777720172ec405f3&partner_id=201138&_loc=http://shinelift.com/clicks/click.php?ip=82.102.16.228&referer_url=&user_agent=Mozilla%252F5.0+%2528Macintosh%253B+Intel+Mac+OS+X+10_13_5%2529+AppleWebKit%252F537.36+%2528KHTML%252C+like+Gecko%2529+Chrome%252F67.0.3396.87+Safari%252F537.36&domain=shinelift.com&cid=15533&pub=201138&sid1=&sid2=&sid3=&sid4=&_gid=4aa63536
Domain
p.cpaoa.org
URL
http://p.cpaoa.org/t.png?4lfp=9a48b4818e0eeda4eb3a85d8cd970e84
Domain
p.cpaoa.org
URL
http://p.cpaoa.org/dl.png?4lci=&iguid=777720172ec405f3
Domain
api.traversedlp.com
URL
http://api.traversedlp.com/retargeting/v1/include.gif?advertiserId=46d1ac2b-491a-40e3-907a-9402d7749cef&campaignId=0a9b5c32-1742-42d0-8591-9f007cb53e8e&advertiserProperties.offerId=undefined&advertiserProperties.impressionId=b9d0c9125da1424ab2850e4a2f6220bf&advertiserProperties.uid=0ce2b0bc93f34bb49137028923491660

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery function| Vue function| VueRouter object| ajax_obj function| afterSuccess2 function| beforeSubmit2 function| OnProgress2 function| afterSuccess3 function| beforeSubmit3 function| OnProgress3 function| afterSuccess4 function| beforeSubmit4 function| OnProgress4 function| afterSuccess5 function| beforeSubmit5 function| OnProgress5 function| afterSuccess6 function| beforeSubmit6 function| OnProgress6 object| InitVue object| Accordion function| Authentication object| Bingo object| Dictionary function| Forms object| GameFilter function| Notifications object| QuickDeposit object| Search object| Site object| Sports object| Winners function| Bonuses function| ChangePassword object| Game function| ResponsibleGamingLimits function| PaymentOptions function| Payments function| PendingWithdrawals function| Profile function| Register function| Unsubscribe function| Swiper object| Lockr function| FormSerializer object| Foundation function| FastClick object| YTPlayer function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry object| VueLazyload object| classie object| wp object| dataLayer function| postscribe object| google_tag_manager string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| hjSiteSettings function| hjBootstrap function| zE function| zEmbed undefined| playerID object| trackObj object| _adftrack function| setImmediate function| clearImmediate object| Adform object| KJUR object| adf object| fortyone boolean| zEACLoaded function| $zopim string| __$__GEO

7 Cookies

Domain/Path Name / Value
.prontocasino.com/ Name: _gat_UA-126268886-1
Value: 1
.prontocasino.com/ Name: _gid
Value: GA1.2.1750495144.1545351574
www.prontocasino.com/ Name: affiliateCode
Value: a_1343b_16
www.prontocasino.com/ Name: qtrans_front_language
Value: de
www.prontocasino.com/ Name: PHPSESSID
Value: v7e02tc2k7gqm9krni8v5bg484
.prontocasino.com/ Name: _ga
Value: GA1.2.888842051.1545351574
.prontocasino.com/ Name: __cfduid
Value: da1379efb057f09358bd73a9d4d9a613d1545351572

8 Console Messages

Source Level URL
Text
console-api log URL: https://www.prontocasino.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api info URL: https://www.prontocasino.com/wp-content/themes/tigershark/js/vue/vue.js?ver=4.9.8(Line 8542)
Message:
Download the Vue Devtools extension for a better development experience: https://github.com/vuejs/vue-devtools
console-api info URL: https://www.prontocasino.com/wp-content/themes/tigershark/js/vue/vue.js?ver=4.9.8(Line 8553)
Message:
You are running Vue in development mode. Make sure to turn on production mode when deploying for production. See more tips at https://vuejs.org/guide/deployment.html
console-api warning URL: https://www.prontocasino.com/wp-content/themes/tigershark/dist/js/scripts.min.js?ver=2.277(Line 1)
Message:
Lockr could not load the item with key version
console-api error URL: https://www.prontocasino.com/wp-content/themes/tigershark/js/vue/vue.js?ver=4.9.8(Line 597)
Message:
[Vue warn]: Error in created hook: "TypeError: Cannot read property 'data' of undefined" (found in <Root>)
console-api error URL: https://www.prontocasino.com/wp-content/themes/tigershark/js/vue/vue.js?ver=4.9.8(Line 1743)
Message:
TypeError: Cannot read property 'data' of undefined
console-api warning URL: https://www.prontocasino.com/wp-content/themes/tigershark/dist/js/scripts.min.js?ver=2.277(Line 1)
Message:
Lockr could not load the item with key dictionary
console-api info URL: https://static.zdassets.com/web_widget/latest/web_widget.4007db8f36cdefac9012.js(Line 8)
Message:
Our embeddable contains third-party, open source software and/or libraries. To view them and their license terms, go to http://goto.zendesk.com/embeddable-legal-notices

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.traversedlp.com
deltaservices.zendesk.com
ekr.zdassets.com
exchange.bdex.com
go.peavyyola.com
maniacfunnel.com
p.cpaoa.org
rapid-cdn.com
rebrand.ly
script.hotjar.com
shinelift.com
static.hotjar.com
static.zdassets.com
track.adform.net
v2.zopim.com
vars.hotjar.com
wlpremierlivecasino.adsrv.eacdn.com
www.google-analytics.com
www.googletagmanager.com
www.mg-mail1.com
www.prontocasino.com
api.traversedlp.com
p.cpaoa.org
104.16.54.111
104.16.83.55
104.18.71.113
147.75.205.43
147.75.205.49
147.75.80.178
18.232.237.176
185.181.10.57
206.214.78.131
2600:9000:2047:ba00:14:e8dc:9940:93a1
2606:4700:10::6814:2015
2606:4700:30::681f:4135
2a00:1450:4001:815::2008
2a00:1450:4001:81c::200e
35.155.142.191
35.164.26.27
37.157.2.234
52.58.150.193
54.148.224.92
91.92.196.190
05b802e6202a6d515f867510ecfd6474289dcc72b5997e3b0f7d784e5aeccae6
08c313ae3e601b03805c17858bb90da24aa8c24cdb78bf32740272dfd7b08e44
13caa0d514a4e4700ec3c21e150d650cd3123254fdf3ac11ead0e778a06aeea5
175f17979a30847ac1817230ef45a613ae232a985ccbf4679c3760b241eea1b9
1ea8bf38f1bb7548eac72aca4892ea5dcb630c8a13be5b8d408ce99319fdde73
22025faa9ceaeeea30349263002294a6e5a157149e4d0a3f9fd2c323c733c785
22fc624d82cc22681146dde438b54c2c848345b12efe763f83fe7d4396f7df78
2565ab5a5aa5f5f6028d354e6d9ff2880d8e0db133e3ef76ce6a1de590f1ad35
3000ae9daa07139f67ef47df3f7a5f3fdbf0caf9de7a87e2413b3cc1df0ba4c3
3185c61786b97472e67400f87f4c9c51f75aa0c8f5be7b0b19f66e9765b491c2
34896c841e6a3e4040db9d968fc62e862d414ac280a9f42441e160b12a052c2e
38d56a72591c3a8703cd71db90f96b262d86798ca136a13a4d47053a7167c13d
3ce9413665f508c0e47cf32a6c5a8ec44f1f189c934fbb5cc1c879b6f5d9a95b
43b7eac462c1cf9f7ed8b66de3e8cff1101007ab66d90187ae07964d50a81a06
44073acff7bca8d85f00da8ffd2957899a0e4af4f643f467789d98c3d46ea7e4
460befce6c7fad3607f2cc5301a5754a4ebc4d757b3c39ec6c6373bf0d09ca5e
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
551a4a5fab15b3fd7c9907a5e43cbb09d8741ef1c228686a9240c788cb295885
6069398299730203aa434d1520ccf88ee8bf0aeee241aca18edbd85c78943432
699f2b64d87007296fc4cc48c31d2b487ff5034cf9c3e72de6a5f0aa0c1ff689
6be9285e4d2a9c86a94767d5b9676169685fb9ba2f21ad0040c530fba890c49e
7243eb263cdd3f6bd73e1cc1a4c638390c2041ca36bfa94aa3ee1e84d1b7e632
777974e118976822eee23d6c3c053ae310a4c156b445d04252a31176123a961b
817099c3387fef457d5a37d899deec8f76daad46cdf010d3641cc41afe0b96ea
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88ea4c7146d421df30f14c0c5cd85473041710535d57c09d4f88556de49ced4a
89d2c49cf64675c68d425de1776c53b0a7ef576c6a74c166dc0d51a1036cb604
8ea2d156efc124a80554a7c1e4e40c4fb51705f723d56af14f933254b1f60a11
8f67d985b02794a013889e47760c326b77c65d3d68e722691a077cf5c750b973
91ac593c251900f8375f8da34f3b87afb65c360330e25f62b07ae98ae8cf46d2
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
93cf2f0b163055bb8eb7379726937eacd36d690c950c0b00508683658db26743
9fd4e4df33feeaf42180fafb106ef3556a992140dcc94d1fcd2c4218e9ca6bdc
a02b96bbdee211461cca71b76e9d14843d182b1abd3d6b97989245b7dff821bb
a4d9ce1821749ebabad5910648d70bf267390cba9e67a7488f40f9ecd2789b0a
a631e8098179b4b6feaca08bce747cb8b3c53450c3fe30eead2c3f23dd288265
b4dc80cdd7c888b30bfdc64000acfe0a9a40f723e01da0bda8b24aa10f925c60
b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255
b9d8dc3abc6943c4ff889cd12fb4a3ac0dd15f0494eef7c86106046ba12293d6
baa86f7a0538a9aee3e37b0645892169cde49f871cf9bb897fec55e6ebe07482
c0b32c6298bcc389697b3a0e2c889cb6d0885d5fe7f4576646e499a0a7bcc395
c6f1acfbfb23144ce7d7f5a7c9044cb1ce3fe058c5889e485099e6f1a417b30d
d5fba233b12683a978670dbcd7d14308427f99dd2538e044b4d8aa7defdfb593
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
dd4074965cac958d81ec432847bc5d22416941a6d20da43cc41fb2a58a7e52e5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed02b400feabdb78d093c78fcc0d3e80228d9a708de11f91b18bf75d07b5b1fd
ee236935482cda1e0ddec0ee3cee35662cf7b7357e1c588aa6ae35251d3b684f
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
efc0bb1677d588657818104b7fb63b7603c05c6c4661bebb1bdbbeb261efebf3
f6327e00a7e67977308afa5acccb36654b5d9c8b23125d57f85fde13474cb9e1
f8476d5176a2c6a7a0d597622d841856f951c7f33767f47aa104b3ede6bcba5f
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c