de.magicred.com Open in urlscan Pro
104.27.166.174 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.todayposts.com/redirect
Effective URL:
https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
Submission: On May 23 via manual (May 23rd 2018, 10:21:48 am UTC) from ZA

Summary HTTP 53 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 9 domains to perform 53 HTTP transactions. The main IP is 104.27.166.174, located in San Francisco, United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is de.magicred.com.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on May 23rd 2018. Valid for: 6 months.

This is the only time de.magicred.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	104.20.96.25 104.20.96.25	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	34.250.237.172 34.250.237.172	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	130.211.115.4 130.211.115.4	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	151.139.241.24 151.139.241.24	54104 (AS-STACKPATH) (AS-STACKPATH - netDNA)
1 14	104.27.166.174 104.27.166.174	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 1	35.186.235.249 35.186.235.249	15169 (GOOGLE) (GOOGLE - Google LLC)
7	107.178.253.29 107.178.253.29	15169 (GOOGLE) (GOOGLE - Google LLC)
20	93.184.221.168 93.184.221.168	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
4	95.129.38.30 95.129.38.30	20521 (ASN-BELLNET) (ASN-BELLNET)
1	95.129.34.30 95.129.34.30	20521 (ASN-BELLNET) (ASN-BELLNET)
2	216.58.208.42 216.58.208.42	15169 (GOOGLE) (GOOGLE - Google LLC)
3	216.58.208.35 216.58.208.35	15169 (GOOGLE) (GOOGLE - Google LLC)
53	9

2 104.20.96.25 (San Francisco, United States) 2 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.todayposts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.250.237.172 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-250-237-172.eu-west-1.compute.amazonaws.com

tracking.perfecttoolmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.115.4 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 4.115.211.130.bc.googleusercontent.com

data.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.241.24 (Dallas, United States) 1 redirects

ASN54104 (AS-STACKPATH - netDNA, US)

record.eshkol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.27.166.174 (San Francisco, United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

online.magicred.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
de.magicred.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.235.249 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 249.235.186.35.bc.googleusercontent.com

www.magicred.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 107.178.253.29 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 29.253.178.107.bc.googleusercontent.com

fnc.aspireglobal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 93.184.221.168 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

download.gamesrv1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.129.38.30 (United Kingdom)

ASN20521 (ASN-BELLNET, MT)

gamesrv1.magicred.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.129.34.30 (Israel)

ASN20521 (ASN-BELLNET, MT)

gamesrv1.magicred.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.208.42 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s12-in-f42.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.208.35 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s12-in-f35.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	gamesrv1.com download.gamesrv1.com	668 KB
20	magicred.com 2 redirects online.magicred.com www.magicred.com de.magicred.com gamesrv1.magicred.com	172 KB
7	aspireglobal.com fnc.aspireglobal.com	220 KB
3	gstatic.com fonts.gstatic.com	73 KB
2	googleapis.com fonts.googleapis.com	981 B
2	perfecttoolmedia.com tracking.perfecttoolmedia.com	2 KB
2	todayposts.com 2 redirects www.todayposts.com	1 KB
1	eshkol.com 1 redirects record.eshkol.com	635 B
1	ad-score.com data.ad-score.com	727 B
53	9

	Domain	Requested by
20	download.gamesrv1.com	de.magicred.com gamesrv1.magicred.com download.gamesrv1.com
13	de.magicred.com	tracking.perfecttoolmedia.com de.magicred.com
7	fnc.aspireglobal.com	de.magicred.com
5	gamesrv1.magicred.com	de.magicred.com gamesrv1.magicred.com download.gamesrv1.com
3	fonts.gstatic.com
2	fonts.googleapis.com	download.gamesrv1.com
2	tracking.perfecttoolmedia.com	tracking.perfecttoolmedia.com
2	www.todayposts.com	2 redirects
1	www.magicred.com	1 redirects
1	online.magicred.com	1 redirects
1	record.eshkol.com	1 redirects
1	data.ad-score.com
53	12

This site contains links to these domains. Also see Links.

Domain
en.magicred.com
sv.magicred.com
no.magicred.com
fi.magicred.com
affiliates.eshkol.com
secure.gamblingcommission.gov.uk
www.authorisation.mga.org.mt
download.gamesrv1.com
www.gamcare.org.uk
www.aspireglobal.com
www.gamblersanonymous.org

Subject Issuer	Validity	Valid
sni80945.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-05-23` - `2018-11-29`	6 months	crt.sh
*.magicred.com Go Daddy Secure Certificate Authority - G2	`2016-06-23` - `2018-06-23`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
Frame ID: 620FFE78F1FC31935EA1CDF2260DA3FD
Requests: 53 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.todayposts.com/redirect HTTP 301
http://www.todayposts.com/redirect/ HTTP 302
http://tracking.perfecttoolmedia.com/router?code=T8MLOW0&traffic_source=296086 Page URL
http://tracking.perfecttoolmedia.com/process?campaign=670406&destination=1420834&tid=1e99ecw4WNrcSqxZxZkc4d1vWI0k... Page URL
https://record.eshkol.com/_q5h4xISYMFgxoCT0MZ3VnmNd7ZgqdRLk/1/?payload=PTM_Pops_296086_{zone}_{publish... HTTP 301
https://online.magicred.com/online/?member=17&channel=&dy_var=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&dest=http... HTTP 302
https://www.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration HTTP 301
https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

env /^angular$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

webpack (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

env /^webpackJsonp$/i

Page Statistics

53
Requests

34 %
HTTPS

0 %
IPv6

9
Domains

12
Subdomains

9
IPs

4
Countries

1135 kB
Transfer

2887 kB
Size

8
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://en.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
Title: English

Search URL Search Domain Scan URL

URL: https://sv.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
Title: Svenska

Search URL Search Domain Scan URL

URL: https://no.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
Title: Norsk

Search URL Search Domain Scan URL

URL: https://fi.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
Title: Suomi

Search URL Search Domain Scan URL

URL: https://affiliates.eshkol.com/
Title: Affiliates

Search URL Search Domain Scan URL

URL: https://secure.gamblingcommission.gov.uk/gccustomweb/PublicRegister/PRSearch.aspx?ExternalAccountId=39483
Title: Gambling Commission

Search URL Search Domain Scan URL

URL: https://www.authorisation.mga.org.mt/verification.aspx?lang=EN&company=0e4c58b8-3336-48df-a191-f7e2d7a0baad

Search URL Search Domain Scan URL

URL: https://download.gamesrv1.com//general/website/certificate/rng_certificate_080108.pdf

Search URL Search Domain Scan URL

URL: http://www.gamcare.org.uk/

Search URL Search Domain Scan URL

URL: http://www.aspireglobal.com/

Search URL Search Domain Scan URL

URL: http://www.gamblersanonymous.org/ga/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.todayposts.com/redirect HTTP 301
http://www.todayposts.com/redirect/ HTTP 302
http://tracking.perfecttoolmedia.com/router?code=T8MLOW0&traffic_source=296086 Page URL
http://tracking.perfecttoolmedia.com/process?campaign=670406&destination=1420834&tid=1e99ecw4WNrcSqxZxZkc4d1vWI0ka1d&traffic_source=296086&crfn=t1 Page URL
https://record.eshkol.com/_q5h4xISYMFgxoCT0MZ3VnmNd7ZgqdRLk/1/?payload=PTM_Pops_296086_{zone}_{publisher_id}_1e99ecw4WNrcSqxZxZkc4d1vWI0ka1d HTTP 301
https://online.magicred.com/online/?member=17&channel=&dy_var=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&dest=https://www.magicred.com/&openreg=1 HTTP 302
https://www.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration HTTP 301
https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.todayposts.com/redirect HTTP 301
http://www.todayposts.com/redirect/ HTTP 302
http://tracking.perfecttoolmedia.com/router?code=T8MLOW0&traffic_source=296086

53 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Cookie set router Show response
tracking.perfecttoolmedia.com/
Redirect Chain

http://www.todayposts.com/redirect
http://www.todayposts.com/redirect/
http://tracking.perfecttoolmedia.com/router?code=T8MLOW0&traffic_source=296086

787 B
1 KB

73ms
47ms

Document
text/html

34.250.237.172
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://tracking.perfecttoolmedia.com/router?code=T8MLOW0&traffic_source=296086
Protocol: HTTP/1.1
Server: 34.250.237.172 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-250-237-172.eu-west-1.compute.amazonaws.com
Software: Mono-HTTPAPI/1.0 /
Resource Hash: 4b5635182abd8748dc5d0936d57bcce4d9bdaa8f909ebd1a3dc84c7fc77d89bd

Request headers

Host: tracking.perfecttoolmedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 620FFE78F1FC31935EA1CDF2260DA3FD

Response headers

Cache-Control: no-cache, must-revalidate
Cache-control: no-cache="set-cookie"
Content-Type: text/html; charset=utf-8
Date: Wed, 23 May 2018 10:21:37 GMT
Expires: Thu, 11 Nov 1999 11:11:11 GMT
ORIG_REF: http://unknown.net/
Server: Mono-HTTPAPI/1.0
Set-Cookie: CRID=1e99ecw4WNrcSqxZxZkc4d1vWI0ka1d AWSELB=FFC1FFD10E18A3DFF026BF1D2E1278657827F404C7FD8A617EAEBAC776F5D07579A69B49A094B5D19173DDD182BE0E359181BA938DFB8E09F2DA1DCFDB9B8BD5955F0A83C9;PATH=/
Content-Length: 787
Connection: keep-alive

Redirect headers

Date: Wed, 23 May 2018 10:21:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Link: <http://www.todayposts.com/wp-json/>; rel="https://api.w.org/" <http://www.todayposts.com/?p=609>; rel=shortlink
location: http://tracking.perfecttoolmedia.com/router?code=T8MLOW0&traffic_source=296086
CF-Cache-Status: EXPIRED
Vary: Accept-Encoding
Expires: Sat, 23 Jun 2018 10:21:37 GMT
Cache-Control: public, max-age=2678400
Server: cloudflare
CF-RAY: 41f6cbf6802c2324-FRA

GET
H/1.1 200
OK img
data.ad-score.com/ 35 B
727 B 463ms
114ms Image
image/gif 130.211.115.4
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.ad-score.com/img?pid=1000272&tid=Focuus&tid=1e99ecw4WNrcSqxZxZkc4d1vWI0ka1d&uip=148.251.45.254&uid=0fc60e4e64e2a33986b7e36278ed136a298cebc0&l1=296086&cb=636626676978062730
Protocol: HTTP/1.1
Server: 130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

Referer: http://tracking.perfecttoolmedia.com/router?code=T8MLOW0&traffic_source=296086
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 May 2018 10:21:38 GMT
Last-Modified: Wed, 23 May 2018 10:21:38 UTC
Age: 0
Access-Control-Allow-Methods: GET,POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: *
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: close
Content-Type: image/gif
Content-Length: 35
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK Cookie set process
tracking.perfecttoolmedia.com/ 208 B
597 B 78ms
78ms Document
text/html 34.250.237.172
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://tracking.perfecttoolmedia.com/process?campaign=670406&destination=1420834&tid=1e99ecw4WNrcSqxZxZkc4d1vWI0ka1d&traffic_source=296086&crfn=t1
Requested by: Host: tracking.perfecttoolmedia.com
URL: http://tracking.perfecttoolmedia.com/router?code=T8MLOW0&traffic_source=296086
Protocol: HTTP/1.1
Server: 34.250.237.172 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-250-237-172.eu-west-1.compute.amazonaws.com
Software: Mono-HTTPAPI/1.0 /
Resource Hash

Request headers

Host: tracking.perfecttoolmedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://tracking.perfecttoolmedia.com/router?code=T8MLOW0&traffic_source=296086
Accept-Encoding: gzip, deflate
Cookie: CRID=1e99ecw4WNrcSqxZxZkc4d1vWI0ka1d; AWSELB=FFC1FFD10E18A3DFF026BF1D2E1278657827F404C7FD8A617EAEBAC776F5D07579A69B49A094B5D19173DDD182BE0E359181BA938DFB8E09F2DA1DCFDB9B8BD5955F0A83C9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 620FFE78F1FC31935EA1CDF2260DA3FD
Referer: http://tracking.perfecttoolmedia.com/router?code=T8MLOW0&traffic_source=296086

Response headers

Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=utf-8
Date: Wed, 23 May 2018 10:21:38 GMT
Expires: Thu, 11 Nov 1999 11:11:11 GMT
ORIG_REF: http://tracking.perfecttoolmedia.com/router?code=T8MLOW0&traffic_source=296086
Server: Mono-HTTPAPI/1.0
Set-Cookie: CRID=1e99ecw4WNrcSqxZxZkc4d1vWI0ka1d
Content-Length: 208
Connection: keep-alive

GET
H2

200

Primary Request / Show response
de.magicred.com/
Redirect Chain

https://record.eshkol.com/_q5h4xISYMFgxoCT0MZ3VnmNd7ZgqdRLk/1/?payload=PTM_Pops_296086_{zone}_{publisher_id}_1e99ecw4WNrcSqxZxZkc4d1vWI0ka1d
https://online.magicred.com/online/?member=17&channel=&dy_var=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&dest=https://www.magicred.com/&openreg=1
https://www.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration

42 KB
8 KB

657ms
650ms

Document
text/html

104.27.166.174
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration

Requested by

Host: tracking.perfecttoolmedia.com
URL: http://tracking.perfecttoolmedia.com/process?campaign=670406&destination=1420834&tid=1e99ecw4WNrcSqxZxZkc4d1vWI0ka1d&traffic_source=296086&crfn=t1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.27.166.174 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9250917dce9e9756de37e39ba4d072503b54bd5903d4121b0715c827c0f8eda9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https:;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: de.magicred.com
:scheme: https
:path: /?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://tracking.perfecttoolmedia.com/process?campaign=670406&destination=1420834&tid=1e99ecw4WNrcSqxZxZkc4d1vWI0ka1d&traffic_source=296086&crfn=t1
accept-encoding: gzip, deflate
cookie: __cfduid=d4e748e42b713f6c24767326280f4e20c1527070898; ar=17; par=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk; lastvisit=2018-05-23; visits=1; AB=B; l=de; lng=GER
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 620FFE78F1FC31935EA1CDF2260DA3FD
Referer: http://tracking.perfecttoolmedia.com/process?campaign=670406&destination=1420834&tid=1e99ecw4WNrcSqxZxZkc4d1vWI0ka1d&traffic_source=296086&crfn=t1

Response headers

status: 200
date: Wed, 23 May 2018 10:21:39 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
set-cookie: par=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk; expires=Fri, 22-Jun-2018 10:21:38 GMT; Max-Age=2592000; path=/; domain=magicred.com; secure; httponly ar=17; expires=Fri, 22-Jun-2018 10:21:38 GMT; Max-Age=2592000; path=/; domain=magicred.com; secure; httponly lastvisit=2018-05-23; expires=Thu, 23-May-2019 10:21:38 GMT; Max-Age=31536000; path=/; domain=magicred.com; secure; httponly visits=1; expires=Thu, 23-May-2019 10:21:38 GMT; Max-Age=31536000; path=/; domain=magicred.com; secure; httponly l=de; expires=Fri, 22-Jun-2018 10:21:38 GMT; Max-Age=2592000; path=/; domain=magicred.com; secure; httponly lng=GER; expires=Fri, 22-Jun-2018 10:21:38 GMT; Max-Age=2592000; path=/; domain=magicred.com; secure; httponly
link: <https://de.magicred.com/wp-json/>; rel="https://api.w.org/" <https://de.magicred.com/>; rel=shortlink
cache-control: max-age=1
expires: Wed, 23 May 2018 10:21:39 GMT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: frame-ancestors https:;
strict-transport-security: max-age=15552000
via: 1.1 google
alt-svc: clear
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 41f6cbfd783b96be-FRA
content-encoding: gzip

Redirect headers

status: 301
date: Wed, 23 May 2018 10:21:38 GMT
server: Apache/2.4.33 (Ubuntu)
x-frame-options: SAMEORIGIN
set-cookie: par=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk; expires=Fri, 22-Jun-2018 10:21:38 GMT; Max-Age=2592000; path=/; domain=magicred.com; secure; httponly ar=17; expires=Fri, 22-Jun-2018 10:21:38 GMT; Max-Age=2592000; path=/; domain=magicred.com; secure; httponly lastvisit=2018-05-23; expires=Thu, 23-May-2019 10:21:38 GMT; Max-Age=31536000; path=/; domain=magicred.com; secure; httponly visits=1; expires=Thu, 23-May-2019 10:21:38 GMT; Max-Age=31536000; path=/; domain=magicred.com; secure; httponly AB=B; expires=Thu, 24-May-2018 10:21:38 GMT; Max-Age=86400; path=/; domain=magicred.com; secure; httponly l=de; expires=Fri, 22-Jun-2018 10:21:38 GMT; Max-Age=2592000; path=/; domain=magicred.com; secure; httponly lng=GER; expires=Fri, 22-Jun-2018 10:21:38 GMT; Max-Age=2592000; path=/; domain=magicred.com; secure; httponly
location: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
cache-control: max-age=1
expires: Wed, 23 May 2018 10:21:39 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: frame-ancestors https:;
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
content-type: text/html
via: 1.1 google
alt-svc: clear

GET
S 200 open-sans.css
fnc.aspireglobal.com/asg-framework/global_plugins/fonts/open-sans-fonts/ 2 KB
548 B 139ms
14ms Stylesheet
text/css 107.178.253.29
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://fnc.aspireglobal.com/asg-framework/global_plugins/fonts/open-sans-fonts/open-sans.css
Requested by: Host: de.magicred.com
URL: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
Protocol: SPDY
Server: 107.178.253.29 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 29.253.178.107.bc.googleusercontent.com
Software: Apache/2.4.33 (Ubuntu) /
Resource Hash: 175cce5d7fdc2e28a11d97a0bab34ecda0aebefa984e3ce5770ec888999ae34e

Request headers

Referer: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 23 May 2018 10:21:39 GMT
content-encoding: gzip
access-control-allow-origin: *
status: 200
alt-svc: clear
content-length: 300
last-modified: Tue, 15 May 2018 11:31:20 GMT
server: Apache/2.4.33 (Ubuntu)
etag: "83a-56c3cf0f6141b-gzip"
vary: Accept-Encoding
content-type: text/css
via: 1.1 google
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 22 Jun 2018 10:21:39 GMT

GET
H2 200 app.style.min.css
de.magicred.com/wp-content/themes/AspireLayout/ 167 KB
29 KB 10ms
9ms Stylesheet
text/css 104.27.166.174
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://de.magicred.com/wp-content/themes/AspireLayout/app.style.min.css?v=1526381534457

Requested by

Host: de.magicred.com
URL: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.27.166.174 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d6318dd2eb9fab0c8d9ac713bbf9339a7619d62b6b380501025e45fc7183ef3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https:;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/AspireLayout/app.style.min.css?v=1526381534457
pragma: no-cache
cookie: par=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk; ar=17; lastvisit=2018-05-23; visits=1; l=de; lng=GER
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: de.magicred.com
referer: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
:scheme: https
:method: GET
Referer: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 23 May 2018 10:21:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
alt-svc: clear
x-xss-protection: 1; mode=block
last-modified: Tue, 15 May 2018 11:34:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "29a6b-56c3cfa9dd114-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: text/css
via: 1.1 google
vary: Accept-Encoding
cache-control: public, max-age=2592000
content-security-policy: frame-ancestors https:;
set-cookie: __cfduid=d2b6a607684bd44a8039379ca35a0c7b91527070899; expires=Thu, 23-May-19 10:21:39 GMT; path=/; domain=.magicred.com; HttpOnly
cf-ray: 41f6cc01dd3596be-FRA
expires: Fri, 22 Jun 2018 10:21:39 GMT

GET
S 200 style_141.css
fnc.aspireglobal.com/asg-framework/data/css/ 5 KB
2 KB 139ms
15ms Stylesheet
text/css 107.178.253.29
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://fnc.aspireglobal.com/asg-framework/data/css/style_141.css?v=1526381534457
Requested by: Host: de.magicred.com
URL: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
Protocol: SPDY
Server: 107.178.253.29 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 29.253.178.107.bc.googleusercontent.com
Software: Apache/2.4.33 (Ubuntu) /
Resource Hash: c57167494aed0cf9556ec8b0ba288f3d901eabde59cc57e5915d825c24a66809

Request headers

Referer: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 23 May 2018 10:21:39 GMT
content-encoding: gzip
access-control-allow-origin: *
status: 200
alt-svc: clear
content-length: 1446
last-modified: Tue, 15 May 2018 11:27:17 GMT
server: Apache/2.4.33 (Ubuntu)
etag: "1450-56c3ce27a22b6-gzip"
vary: Accept-Encoding
content-type: text/css
via: 1.1 google
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 22 Jun 2018 10:21:39 GMT

GET
S 200 x.png
download.gamesrv1.com/Resources/asg-universal/ 1 KB
2 KB 8ms
8ms Image
image/png 93.184.221.168
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://download.gamesrv1.com/Resources/asg-universal/x.png
Requested by: Host: de.magicred.com
URL: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
Protocol: SPDY
Server: 93.184.221.168 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8F6B) / ASP.NET
Resource Hash: 1be309ab0b4cb9afcddfbb14f8377539805eb33a188e59c2ae1eae8b685f9914

Request headers

Referer: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 23 May 2018 10:21:39 GMT
etag: "0aff98ff1a6d21:0"
last-modified: Mon, 27 Mar 2017 11:59:18 GMT
server: ECAcc (frc/8F6B)
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/png
status: 200
cache-control: max-age=259200
accept-ranges: bytes
content-length: 1512

GET
S 404 logo_main_2.png
download.gamesrv1.com/Resources/magicredcom/web/all/ 0
1 KB 53ms
29ms Image
text/html 93.184.221.168
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://download.gamesrv1.com/Resources/magicredcom/web/all/logo_main_2.png
Requested by: Host: de.magicred.com
URL: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
Protocol: SPDY
Server: 93.184.221.168 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

content-type: text/html

GET
S 200 preloader-gif.gif
download.gamesrv1.com/Resources/magicredcom/web/all/ 46 KB
46 KB 34ms
9ms Image
image/gif 93.184.221.168
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://download.gamesrv1.com/Resources/magicredcom/web/all/preloader-gif.gif
Requested by: Host: de.magicred.com
URL: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
Protocol: SPDY
Server: 93.184.221.168 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8F32) / ASP.NET
Resource Hash: 520520a7bf5673f17f9dfaae661ee58dc27c0f35875bf399539209ad7fd48dff

Request headers

Referer: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 23 May 2018 10:21:39 GMT
etag: "80b0d43d91bd31:0"
last-modified: Wed, 23 Aug 2017 06:28:21 GMT
server: ECAcc (frc/8F32)
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/gif
status: 200
cache-control: max-age=259200
accept-ranges: bytes
content-length: 47080

GET
H2 200 lang_arrow.png
de.magicred.com/wp-content/themes/AspireLayout/images/ 159 B
321 B 16ms
16ms Image
image/png 104.27.166.174
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://de.magicred.com/wp-content/themes/AspireLayout/images/lang_arrow.png

Requested by

Host: de.magicred.com
URL: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.27.166.174 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ec2828835b6c1c9838d2cd9ebc7fb3172fd3aecea604ad146225a714f8cc707

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https:;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/AspireLayout/images/lang_arrow.png
pragma: no-cache
cookie: par=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk; ar=17; lastvisit=2018-05-23; visits=1; l=de; lng=GER; __cfduid=d2b6a607684bd44a8039379ca35a0c7b91527070899
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: de.magicred.com
referer: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
:scheme: https
:method: GET
Referer: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 23 May 2018 10:21:39 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
alt-svc: clear
content-length: 159
x-xss-protection: 1; mode=block
last-modified: Mon, 09 Apr 2018 09:03:53 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "9f-56966af5b80a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-security-policy: frame-ancestors https:;
accept-ranges: bytes
cf-ray: 41f6cc022d8396be-FRA
expires: Thu, 23 May 2019 10:21:39 GMT

GET
S 404 whtml_GER_EUR.jpg
download.gamesrv1.com/Brands/magicred/Website/PlayerSpecialEvents/PreLogin/ 0
1 KB 56ms
32ms Image
text/html 93.184.221.168
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://download.gamesrv1.com/Brands/magicred/Website/PlayerSpecialEvents/PreLogin/whtml_GER_EUR.jpg
Requested by: Host: de.magicred.com
URL: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
Protocol: SPDY
Server: 93.184.221.168 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

content-type: text/html

GET
H2 200 mr_icon_n.png
de.magicred.com/wp-content/uploads/sites/27/2017/02/ 906 B
1 KB 13ms
12ms Image
image/png 104.27.166.174
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://de.magicred.com/wp-content/uploads/sites/27/2017/02/mr_icon_n.png

Requested by

Host: de.magicred.com
URL: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.27.166.174 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a90ac9143eb08252c6c0efb38a841ec992d8f86c915b848b8be7a4dc55419d95

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https:;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/sites/27/2017/02/mr_icon_n.png
pragma: no-cache
cookie: par=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk; ar=17; lastvisit=2018-05-23; visits=1; l=de; lng=GER; __cfduid=d2b6a607684bd44a8039379ca35a0c7b91527070899
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: de.magicred.com
referer: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
:scheme: https
:method: GET
Referer: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 23 May 2018 10:21:39 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
alt-svc: clear
content-length: 906
x-xss-protection: 1; mode=block
last-modified: Tue, 29 Aug 2017 15:08:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "38a-557e5c7b05cd7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-security-policy: frame-ancestors https:;
accept-ranges: bytes
cf-ray: 41f6cc02be2396be-FRA
expires: Thu, 23 May 2019 10:21:39 GMT

GET
H2 200 live_icon_n.png
de.magicred.com/wp-content/uploads/sites/27/2017/02/ 1 KB
1 KB 113ms
112ms Image
image/png 104.27.166.174
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://de.magicred.com/wp-content/uploads/sites/27/2017/02/live_icon_n.png

Requested by

Host: de.magicred.com
URL: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.27.166.174 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa1a5a928a3fa4fbb6a835c1f80a8f5dd87b0ad105518b916e5bbe7a96b03e76

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https:;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/sites/27/2017/02/live_icon_n.png
pragma: no-cache
cookie: par=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk; ar=17; lastvisit=2018-05-23; visits=1; l=de; lng=GER; __cfduid=d2b6a607684bd44a8039379ca35a0c7b91527070899
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: de.magicred.com
referer: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
:scheme: https
:method: GET
Referer: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 23 May 2018 10:21:39 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
alt-svc: clear
content-length: 1131
x-xss-protection: 1; mode=block
last-modified: Tue, 29 Aug 2017 15:08:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "46b-557e5c7a7e0e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-security-policy: frame-ancestors https:;
accept-ranges: bytes
cf-ray: 41f6cc02be2496be-FRA
expires: Thu, 23 May 2019 10:21:39 GMT

GET
H2 200 secrure_icon_n.png
de.magicred.com/wp-content/uploads/sites/27/2017/02/ 773 B
881 B 35ms
35ms Image
image/png 104.27.166.174
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://de.magicred.com/wp-content/uploads/sites/27/2017/02/secrure_icon_n.png

Requested by

Host: de.magicred.com
URL: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.27.166.174 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bef47a9956c20f614e67a64fa25948794bfb45754155a290a69215367609e54

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https:;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/sites/27/2017/02/secrure_icon_n.png
pragma: no-cache
cookie: par=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk; ar=17; lastvisit=2018-05-23; visits=1; l=de; lng=GER; __cfduid=d2b6a607684bd44a8039379ca35a0c7b91527070899
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: de.magicred.com
referer: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
:scheme: https
:method: GET
Referer: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 23 May 2018 10:21:39 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
alt-svc: clear
content-length: 773
x-xss-protection: 1; mode=block
last-modified: Tue, 29 Aug 2017 15:08:13 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "305-557e5c7b87b0b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-security-policy: frame-ancestors https:;
accept-ranges: bytes
cf-ray: 41f6cc02be2596be-FRA
expires: Thu, 23 May 2019 10:21:39 GMT

GET
S 200 icons.png
download.gamesrv1.com/Resources/asg-universal/country/de/ 25 KB
25 KB 8ms
8ms Image
image/png 93.184.221.168
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://download.gamesrv1.com/Resources/asg-universal/country/de/icons.png
Requested by: Host: de.magicred.com
URL: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
Protocol: SPDY
Server: 93.184.221.168 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8FD1) / ASP.NET
Resource Hash: ecb7e14227205466c66316bb18598b52619c9a506372db48c05b78e152415a4a

Request headers

Referer: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 23 May 2018 10:21:39 GMT
etag: "0dd1cac9d0d31:0"
last-modified: Tue, 10 Apr 2018 12:45:22 GMT
server: ECAcc (frc/8FD1)
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/png
status: 200
cache-control: max-age=259200
accept-ranges: bytes
content-length: 26006

GET
S 200 large.png
download.gamesrv1.com/Resources/asg-universal/web-elements/ 4 KB
4 KB 14ms
13ms Image
image/png 93.184.221.168
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://download.gamesrv1.com/Resources/asg-universal/web-elements/large.png
Requested by: Host: de.magicred.com
URL: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
Protocol: SPDY
Server: 93.184.221.168 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8F64) / ASP.NET
Resource Hash: 29eba6c9e6b20c78b6e2115be6068ce6402a7b510eda085442628fe31abd8c70

Request headers

Referer: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 23 May 2018 10:21:39 GMT
etag: "0a7ee5895c5d21:0"
last-modified: Fri, 05 May 2017 11:47:18 GMT
server: ECAcc (frc/8F64)
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/png
status: 200
cache-control: max-age=259200
accept-ranges: bytes
content-length: 4428

GET
S 200 logo_main.png
download.gamesrv1.com/Resources/magicredcom/web/all/ 7 KB
8 KB 13ms
13ms Image
image/png 93.184.221.168
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://download.gamesrv1.com/Resources/magicredcom/web/all/logo_main.png
Requested by: Host: de.magicred.com
URL: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
Protocol: SPDY
Server: 93.184.221.168 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8F3E) / ASP.NET
Resource Hash: c7229ddabe1c0831eae11f61f9556ccd23882ac78295fd537112d830cbaa4d77

Request headers

Referer: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 23 May 2018 10:21:39 GMT
etag: "80ed93fa1f5d31:0"
last-modified: Tue, 25 Jul 2017 08:28:23 GMT
server: ECAcc (frc/8F3E)
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/png
status: 200
cache-control: max-age=259200
accept-ranges: bytes
content-length: 7666

GET
S 200 chat_icon.png
download.gamesrv1.com/Resources/asg-universal/web-elements/ 507 B
572 B 14ms
14ms Image
image/png 93.184.221.168
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://download.gamesrv1.com/Resources/asg-universal/web-elements/chat_icon.png
Requested by: Host: de.magicred.com
URL: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
Protocol: SPDY
Server: 93.184.221.168 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8F4D) / ASP.NET
Resource Hash: 1e8627f91d28c551c4150bfb24d9ddcd5420336de47f799dc64bbd9892e1e10a

Request headers

Referer: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 23 May 2018 10:21:39 GMT
etag: "0a7ee5895c5d21:0"
last-modified: Fri, 05 May 2017 11:47:18 GMT
server: ECAcc (frc/8F4D)
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/png
status: 200
cache-control: max-age=259200
accept-ranges: bytes
content-length: 507

GET
S 200 user_icon.png
download.gamesrv1.com/Resources/asg-universal/web-elements/ 291 B
377 B 14ms
13ms Image
image/png 93.184.221.168
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://download.gamesrv1.com/Resources/asg-universal/web-elements/user_icon.png
Requested by: Host: de.magicred.com
URL: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
Protocol: SPDY
Server: 93.184.221.168 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8E99) / ASP.NET
Resource Hash: 1238ee9492aa0a6e64cb2089a9c2c3d1690c2d907928c41f4c0f0376aa4698c1

Request headers

Referer: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 23 May 2018 10:21:39 GMT
etag: "0a7ee5895c5d21:0"
last-modified: Fri, 05 May 2017 11:47:18 GMT
server: ECAcc (frc/8E99)
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/png
status: 200
cache-control: max-age=259200
accept-ranges: bytes
content-length: 291

GET
H2 200 app.script.min.js Show response
de.magicred.com/wp-content/themes/AspireLayout/build/ 205 KB
62 KB 19ms
12ms Script
application/javascript 104.27.166.174
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://de.magicred.com/wp-content/themes/AspireLayout/build/app.script.min.js?v=1526381534457

Requested by

Host: de.magicred.com
URL: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.27.166.174 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5538f53ebe72ceb827c30eb715485d7cce32296e4898e5d492fd24f34bd5d18c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https:;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/AspireLayout/build/app.script.min.js?v=1526381534457
pragma: no-cache
cookie: par=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk; ar=17; lastvisit=2018-05-23; visits=1; l=de; lng=GER; __cfduid=d2b6a607684bd44a8039379ca35a0c7b91527070899
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: */*
cache-control: no-cache
:authority: de.magicred.com
referer: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
:scheme: https
:method: GET
Referer: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 23 May 2018 10:21:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
alt-svc: clear
x-xss-protection: 1; mode=block
last-modified: Tue, 15 May 2018 11:34:05 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "332da-56c3cfad5d8d0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: application/javascript
via: 1.1 google
vary: Accept-Encoding
cache-control: public, max-age=2592000
content-security-policy: frame-ancestors https:;
cf-ray: 41f6cc01fd5796be-FRA
expires: Fri, 22 Jun 2018 10:21:39 GMT

GET
S 200 spinner_small.gif
download.gamesrv1.com/Resources/asg-universal/web-elements/ 2 KB
2 KB 31ms
6ms Image
image/gif 93.184.221.168
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://download.gamesrv1.com/Resources/asg-universal/web-elements/spinner_small.gif
Requested by: Host: de.magicred.com
URL: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
Protocol: SPDY
Server: 93.184.221.168 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8F8A) / ASP.NET
Resource Hash: b8f0b22adf17545ac47dc2aae149b6ffa2f9608951e74a5d9e30d4fa1a4785ec

Request headers

Referer: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 23 May 2018 10:21:39 GMT
etag: "0143dd9a5fbd21:0"
last-modified: Thu, 13 Jul 2017 07:01:28 GMT
server: ECAcc (frc/8F8A)
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/gif
status: 200
cache-control: max-age=259200
accept-ranges: bytes
content-length: 1923

GET
S 200 spinner_small2.gif
download.gamesrv1.com/Resources/asg-universal/web-elements/ 19 KB
19 KB 6ms
6ms Image
image/gif 93.184.221.168
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://download.gamesrv1.com/Resources/asg-universal/web-elements/spinner_small2.gif
Requested by: Host: de.magicred.com
URL: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
Protocol: SPDY
Server: 93.184.221.168 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8FEB) / ASP.NET
Resource Hash: 59879055042768d387081157ac25cab63d4308faaf20e901428475a3a2744ba8

Request headers

Referer: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 23 May 2018 10:21:39 GMT
etag: "0884c95392ed21:0"
last-modified: Mon, 24 Oct 2016 21:00:00 GMT
server: ECAcc (frc/8FEB)
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/gif
status: 200
cache-control: max-age=259200
accept-ranges: bytes
content-length: 19243

GET
H/1.1 200
OK app.full_ver1.min.css
gamesrv1.magicred.com/MWC/css/ 163 KB
27 KB 370ms
55ms Stylesheet
text/css 95.129.38.30
ASN-BELLNET

General

Check archive.org

Show headers Download Go to

Full URL: https://gamesrv1.magicred.com/MWC/css/app.full_ver1.min.css
Requested by: Host: de.magicred.com
URL: https://de.magicred.com/wp-content/themes/AspireLayout/build/app.script.min.js?v=1526381534457
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.129.38.30 , United Kingdom, ASN20521 (ASN-BELLNET, MT),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 0da0bf12160f642ac64bbd64c45cddf6ad7f7075b2cf2a1a7a16f3c2dd3c19df

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: gamesrv1.magicred.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
Cookie: par=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk; ar=17; lastvisit=2018-05-23; visits=1; l=de; lng=GER; __cfduid=d2b6a607684bd44a8039379ca35a0c7b91527070899
Connection: keep-alive
Cache-Control: no-cache
Referer: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 23 May 2018 10:21:39 GMT
Content-Encoding: gzip
Last-Modified: Sun, 04 Dec 2016 00:56:56 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0fc374fc94dd21:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 27364

GET
H/1.1 200
OK mwc-app.js Show response
gamesrv1.magicred.com/MWC/ 10 KB
4 KB 456ms
99ms Script
application/javascript 95.129.38.30
ASN-BELLNET

General

Check archive.org

Show headers Download Go to

Full URL: https://gamesrv1.magicred.com/MWC/mwc-app.js
Requested by: Host: de.magicred.com
URL: https://de.magicred.com/wp-content/themes/AspireLayout/build/app.script.min.js?v=1526381534457
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.129.38.30 , United Kingdom, ASN20521 (ASN-BELLNET, MT),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 7732be9332ed1558b59b5be874ace798c8a3d69aa63d279f4b6d47355441ea0c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: gamesrv1.magicred.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: */*
Referer: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
Cookie: par=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk; ar=17; lastvisit=2018-05-23; visits=1; l=de; lng=GER; __cfduid=d2b6a607684bd44a8039379ca35a0c7b91527070899
Connection: keep-alive
Cache-Control: no-cache
Referer: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 23 May 2018 10:21:39 GMT
Content-Encoding: gzip
ETag: "807a38ddc6e4d31:0"
Last-Modified: Sat, 05 May 2018 23:14:49 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Length: 3567

GET
S 200 dictionary.json Show response
fnc.aspireglobal.com/asg-framework/data/ 139 KB
40 KB 46ms
33ms XHR
application/json 107.178.253.29
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://fnc.aspireglobal.com/asg-framework/data/dictionary.json
Requested by: Host: de.magicred.com
URL: https://de.magicred.com/wp-content/themes/AspireLayout/build/app.script.min.js?v=1526381534457
Protocol: SPDY
Server: 107.178.253.29 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 29.253.178.107.bc.googleusercontent.com
Software: Apache/2.4.33 (Ubuntu) /
Resource Hash: 5ab338e5d2e9b5257b6ac6580a64bf342f6ccc2a6a82ce3e939c358451971fe4

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
Origin: https://de.magicred.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 23 May 2018 10:21:39 GMT
content-encoding: gzip
access-control-allow-origin: *
status: 200
alt-svc: clear
content-length: 41023
last-modified: Tue, 15 May 2018 11:27:33 GMT
server: Apache/2.4.33 (Ubuntu)
etag: "22a73-56c3ce3789744-gzip"
vary: Accept-Encoding
content-type: application/json
via: 1.1 google
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 22 Jun 2018 10:21:39 GMT

GET
S 200 iSoftBetGameSetting.json Show response
fnc.aspireglobal.com/asg-framework/data/general-data/ 1 KB
621 B 21ms
14ms XHR
application/json 107.178.253.29
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://fnc.aspireglobal.com/asg-framework/data/general-data/iSoftBetGameSetting.json
Requested by: Host: de.magicred.com
URL: https://de.magicred.com/wp-content/themes/AspireLayout/build/app.script.min.js?v=1526381534457
Protocol: SPDY
Server: 107.178.253.29 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 29.253.178.107.bc.googleusercontent.com
Software: Apache/2.4.33 (Ubuntu) /
Resource Hash: e1ae8b340032014b10ec1c5eb6570c904f949ebea83f5a1c4d940975d4b40c5e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
Origin: https://de.magicred.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 23 May 2018 10:21:39 GMT
content-encoding: gzip
access-control-allow-origin: *
status: 200
alt-svc: clear
content-length: 367
last-modified: Thu, 17 May 2018 14:07:51 GMT
server: Apache/2.4.33 (Ubuntu)
etag: "496-56c675c6816e5-gzip"
vary: Accept-Encoding
content-type: application/json
via: 1.1 google
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 22 Jun 2018 10:21:39 GMT

GET
H2 200 chat_tag.png
de.magicred.com/wp-content/themes/AspireLayout/images/ 267 B
443 B 17ms
16ms Image
image/png 104.27.166.174
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://de.magicred.com/wp-content/themes/AspireLayout/images/chat_tag.png

Requested by

Host: de.magicred.com
URL: https://de.magicred.com/wp-content/themes/AspireLayout/build/app.script.min.js?v=1526381534457

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.27.166.174 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d599f76d68646f216d9b31e469cc342c32c552d52653cfe7fc9df1672647c6ca

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https:;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/AspireLayout/images/chat_tag.png
pragma: no-cache
cookie: par=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk; ar=17; lastvisit=2018-05-23; visits=1; l=de; lng=GER; __cfduid=d2b6a607684bd44a8039379ca35a0c7b91527070899
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: de.magicred.com
referer: https://de.magicred.com/wp-content/themes/AspireLayout/app.style.min.css?v=1526381534457
:scheme: https
:method: GET
Referer: https://de.magicred.com/wp-content/themes/AspireLayout/app.style.min.css?v=1526381534457
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 23 May 2018 10:21:39 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
alt-svc: clear
content-length: 267
x-xss-protection: 1; mode=block
last-modified: Mon, 09 Apr 2018 09:03:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "10b-56966ae8a73ba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-security-policy: frame-ancestors https:;
accept-ranges: bytes
cf-ray: 41f6cc02ee6f96be-FRA
expires: Thu, 23 May 2019 10:21:39 GMT

GET
S 200 OpenSans-Regular.woff2
fnc.aspireglobal.com/asg-framework/global_plugins/fonts/open-sans-fonts/fonts/Regular/ 58 KB
58 KB 21ms
20ms Font
application/octet-stream 107.178.253.29
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://fnc.aspireglobal.com/asg-framework/global_plugins/fonts/open-sans-fonts/fonts/Regular/OpenSans-Regular.woff2?v=1.101
Requested by: Host: de.magicred.com
URL: https://de.magicred.com/wp-content/themes/AspireLayout/build/app.script.min.js?v=1526381534457
Protocol: SPDY
Server: 107.178.253.29 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 29.253.178.107.bc.googleusercontent.com
Software: Apache/2.4.33 (Ubuntu) /
Resource Hash: 03e2544599e5a06566b2579f82ac6e445b724435fccb1f3e8988e58f45b1fc5e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: https://fnc.aspireglobal.com/asg-framework/global_plugins/fonts/open-sans-fonts/open-sans.css
Origin: https://de.magicred.com

Response headers

date: Wed, 23 May 2018 10:21:39 GMT
via: 1.1 google
last-modified: Tue, 15 May 2018 11:30:47 GMT
server: Apache/2.4.33 (Ubuntu)
etag: "e8d0-56c3cef003f7d"
status: 200
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: clear
content-length: 59600
expires: Fri, 22 Jun 2018 10:21:39 GMT

GET
S 200 OpenSans-Light.woff2
fnc.aspireglobal.com/asg-framework/global_plugins/fonts/open-sans-fonts/fonts/Light/ 59 KB
59 KB 15ms
15ms Font
application/octet-stream 107.178.253.29
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://fnc.aspireglobal.com/asg-framework/global_plugins/fonts/open-sans-fonts/fonts/Light/OpenSans-Light.woff2?v=1.101
Requested by: Host: de.magicred.com
URL: https://de.magicred.com/wp-content/themes/AspireLayout/build/app.script.min.js?v=1526381534457
Protocol: SPDY
Server: 107.178.253.29 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 29.253.178.107.bc.googleusercontent.com
Software: Apache/2.4.33 (Ubuntu) /
Resource Hash: ef1afe72be678d91398fc959d6920d4e8e0df4ddc00af772f5174340a60391d2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: https://fnc.aspireglobal.com/asg-framework/global_plugins/fonts/open-sans-fonts/open-sans.css
Origin: https://de.magicred.com

Response headers

date: Wed, 23 May 2018 10:21:39 GMT
via: 1.1 google
last-modified: Tue, 15 May 2018 11:30:26 GMT
server: Apache/2.4.33 (Ubuntu)
etag: "ec38-56c3cedbfef93"
status: 200
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: clear
content-length: 60472
expires: Fri, 22 Jun 2018 10:21:39 GMT

GET
S 200 OpenSans-Bold.woff2
fnc.aspireglobal.com/asg-framework/global_plugins/fonts/open-sans-fonts/fonts/Bold/ 60 KB
60 KB 21ms
21ms Font
application/octet-stream 107.178.253.29
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://fnc.aspireglobal.com/asg-framework/global_plugins/fonts/open-sans-fonts/fonts/Bold/OpenSans-Bold.woff2?v=1.101
Requested by: Host: de.magicred.com
URL: https://de.magicred.com/wp-content/themes/AspireLayout/build/app.script.min.js?v=1526381534457
Protocol: SPDY
Server: 107.178.253.29 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 29.253.178.107.bc.googleusercontent.com
Software: Apache/2.4.33 (Ubuntu) /
Resource Hash: 78d358ba019a1cd3b28a8917560a433fc03f52c2ec058a85bd00f2236cded66e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: https://fnc.aspireglobal.com/asg-framework/global_plugins/fonts/open-sans-fonts/open-sans.css
Origin: https://de.magicred.com

Response headers

date: Wed, 23 May 2018 10:21:39 GMT
via: 1.1 google
last-modified: Tue, 15 May 2018 11:29:22 GMT
server: Apache/2.4.33 (Ubuntu)
etag: "ee6c-56c3ce9eee2d5"
status: 200
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: clear
content-length: 61036
expires: Fri, 22 Jun 2018 10:21:39 GMT

GET
H2 200 spinner_big.gif
de.magicred.com/wp-content/themes/AspireLayout/images/ 8 KB
8 KB 10ms
10ms Image
image/gif 104.27.166.174
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://de.magicred.com/wp-content/themes/AspireLayout/images/spinner_big.gif

Requested by

Host: de.magicred.com
URL: https://de.magicred.com/wp-content/themes/AspireLayout/build/app.script.min.js?v=1526381534457

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.27.166.174 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a1eb1607e6fc69bff456e5f2493b17c718552b69fed69f27831be000f53a1f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https:;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/AspireLayout/images/spinner_big.gif
pragma: no-cache
cookie: par=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk; ar=17; lastvisit=2018-05-23; visits=1; l=de; lng=GER; __cfduid=d2b6a607684bd44a8039379ca35a0c7b91527070899
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: de.magicred.com
referer: https://de.magicred.com/wp-content/themes/AspireLayout/app.style.min.css?v=1526381534457
:scheme: https
:method: GET
Referer: https://de.magicred.com/wp-content/themes/AspireLayout/app.style.min.css?v=1526381534457
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 23 May 2018 10:21:39 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
alt-svc: clear
content-length: 7904
x-xss-protection: 1; mode=block
last-modified: Mon, 09 Apr 2018 09:04:15 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1ee0-56966b0b5b3bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-security-policy: frame-ancestors https:;
accept-ranges: bytes
cf-ray: 41f6cc02ee7696be-FRA
expires: Thu, 23 May 2019 10:21:39 GMT

GET
H2 200 opacity_bg.png
de.magicred.com/wp-content/themes/AspireLayout/images/ 96 B
203 B 16ms
15ms Image
image/png 104.27.166.174
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://de.magicred.com/wp-content/themes/AspireLayout/images/opacity_bg.png

Requested by

Host: de.magicred.com
URL: https://de.magicred.com/wp-content/themes/AspireLayout/build/app.script.min.js?v=1526381534457

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.27.166.174 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

63d4e5cdcb23a8586ddab41b23095dfa2e1c3618aeaacdc872820a56b93fe25b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https:;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/AspireLayout/images/opacity_bg.png
pragma: no-cache
cookie: par=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk; ar=17; lastvisit=2018-05-23; visits=1; l=de; lng=GER; __cfduid=d2b6a607684bd44a8039379ca35a0c7b91527070899
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: de.magicred.com
referer: https://de.magicred.com/wp-content/themes/AspireLayout/app.style.min.css?v=1526381534457
:scheme: https
:method: GET
Referer: https://de.magicred.com/wp-content/themes/AspireLayout/app.style.min.css?v=1526381534457
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 23 May 2018 10:21:39 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
alt-svc: clear
content-length: 96
x-xss-protection: 1; mode=block
last-modified: Mon, 09 Apr 2018 09:03:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60-56966af90b9f3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-security-policy: frame-ancestors https:;
accept-ranges: bytes
cf-ray: 41f6cc02ee7796be-FRA
expires: Thu, 23 May 2019 10:21:39 GMT

GET
H2 404 glyphicons-halflings-regular.woff2
de.magicred.com/wp-content/themes/fonts/ 0
0 180ms
180ms Font
text/html 104.27.166.174
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://de.magicred.com/wp-content/themes/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: de.magicred.com
URL: https://de.magicred.com/wp-content/themes/AspireLayout/build/app.script.min.js?v=1526381534457

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.27.166.174 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https:;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/fonts/glyphicons-halflings-regular.woff2
pragma: no-cache
cookie: par=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk; ar=17; lastvisit=2018-05-23; visits=1; l=de; lng=GER; __cfduid=d2b6a607684bd44a8039379ca35a0c7b91527070899
origin: https://de.magicred.com
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: */*
cache-control: no-cache
:authority: de.magicred.com
referer: https://de.magicred.com/wp-content/themes/AspireLayout/app.style.min.css?v=1526381534457
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: https://de.magicred.com/wp-content/themes/AspireLayout/app.style.min.css?v=1526381534457
Origin: https://de.magicred.com

Response headers

date: Wed, 23 May 2018 10:21:39 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: MISS
status: 404
content-encoding: gzip
alt-svc: clear
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, must-revalidate, max-age=0
content-security-policy: frame-ancestors https:;
cf-ray: 41f6cc02ee7a96be-FRA
link: <https://de.magicred.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 404 glyphicons-halflings-regular.woff
de.magicred.com/wp-content/themes/fonts/ 0
0 194ms
194ms Font
text/html 104.27.166.174
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://de.magicred.com/wp-content/themes/fonts/glyphicons-halflings-regular.woff

Requested by

Host: de.magicred.com
URL: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.27.166.174 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https:;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/fonts/glyphicons-halflings-regular.woff
pragma: no-cache
cookie: par=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk; ar=17; lastvisit=2018-05-23; visits=1; l=de; lng=GER; __cfduid=d2b6a607684bd44a8039379ca35a0c7b91527070899
origin: https://de.magicred.com
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: */*
cache-control: no-cache
:authority: de.magicred.com
referer: https://de.magicred.com/wp-content/themes/AspireLayout/app.style.min.css?v=1526381534457
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: https://de.magicred.com/wp-content/themes/AspireLayout/app.style.min.css?v=1526381534457
Origin: https://de.magicred.com

Response headers

date: Wed, 23 May 2018 10:21:40 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: MISS
status: 404
content-encoding: gzip
alt-svc: clear
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, must-revalidate, max-age=0
content-security-policy: frame-ancestors https:;
cf-ray: 41f6cc041fcc96be-FRA
link: <https://de.magicred.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 404 glyphicons-halflings-regular.ttf
de.magicred.com/wp-content/themes/fonts/ 0
0 178ms
178ms Font
text/html 104.27.166.174
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://de.magicred.com/wp-content/themes/fonts/glyphicons-halflings-regular.ttf

Requested by

Host: de.magicred.com
URL: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.27.166.174 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https:;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/fonts/glyphicons-halflings-regular.ttf
pragma: no-cache
cookie: par=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk; ar=17; lastvisit=2018-05-23; visits=1; l=de; lng=GER; __cfduid=d2b6a607684bd44a8039379ca35a0c7b91527070899
origin: https://de.magicred.com
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: */*
cache-control: no-cache
:authority: de.magicred.com
referer: https://de.magicred.com/wp-content/themes/AspireLayout/app.style.min.css?v=1526381534457
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: https://de.magicred.com/wp-content/themes/AspireLayout/app.style.min.css?v=1526381534457
Origin: https://de.magicred.com

Response headers

date: Wed, 23 May 2018 10:21:40 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: MISS
status: 404
content-encoding: gzip
alt-svc: clear
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, must-revalidate, max-age=0
content-security-policy: frame-ancestors https:;
cf-ray: 41f6cc0558ef96be-FRA
link: <https://de.magicred.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK Cookie set sapi.aspx Show response
gamesrv1.magicred.com/ScratchCards/ 5 KB
5 KB 126ms
126ms XHR
application/json 95.129.38.30
ASN-BELLNET

General

Check archive.org

Show headers Download Go to

Full URL: https://gamesrv1.magicred.com/ScratchCards/sapi.aspx?CSI=141&CurrencyCode=EUR&IUA=neow&LNG=GER&IP=&UniqueDeviceId=39b4212b-8d25-4449-9636-3db645fd9ed8&cm=PLI&rst=j
Requested by: Host: gamesrv1.magicred.com
URL: https://gamesrv1.magicred.com/MWC/mwc-app.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.129.38.30 , United Kingdom, ASN20521 (ASN-BELLNET, MT),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ed8dd11b642f3f0a3ef4a0e01b03040093706ab296f91eb82308e3e90859ae34

Request headers

Pragma: no-cache
Origin: https://de.magicred.com
Accept-Encoding: gzip, deflate
Host: gamesrv1.magicred.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: */*
Referer: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
Cookie: par=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk; ar=17; lastvisit=2018-05-23; visits=1; l=de; lng=GER; __cfduid=d2b6a607684bd44a8039379ca35a0c7b91527070899; UniqueDeviceId=39b4212b-8d25-4449-9636-3db645fd9ed8
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
Origin: https://de.magicred.com

Response headers

Date: Wed, 23 May 2018 10:21:39 GMT
Last-Modified: Wed, 23 May 2018 10:21:40 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: POST,GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://de.magicred.com
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Cache-Control: private, max-age=1
Access-Control-Allow-Credentials: true
Set-Cookie: ASP.NET_SessionId=zkj3o3p50b0vbdqsmx14cdkw; path=/; secure; HttpOnly
Access-Control-Allow-Headers: X-Requested-With,X-Prototype-Version,Content-Type,Cache-Control,Pragma,Origin
Content-Length: 4682
Expires: Wed, 23 May 2018 10:21:41 GMT

GET
H/1.1 200
OK glyphicons-halflings-regular.woff
gamesrv1.magicred.com/MWC/assets/base/fonts/ 23 KB
23 KB 362ms
58ms Font
font/x-woff 95.129.34.30
ASN-BELLNET

General

Check archive.org

Show headers Download Go to

Full URL: https://gamesrv1.magicred.com/MWC/assets/base/fonts/glyphicons-halflings-regular.woff
Requested by: Host: de.magicred.com
URL: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.129.34.30 , Israel, ASN20521 (ASN-BELLNET, MT),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e

Request headers

Pragma: no-cache
Origin: https://de.magicred.com
Accept-Encoding: gzip, deflate
Host: gamesrv1.magicred.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: */*
Referer: https://gamesrv1.magicred.com/MWC/css/app.full_ver1.min.css
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: https://gamesrv1.magicred.com/MWC/css/app.full_ver1.min.css
Origin: https://de.magicred.com

Response headers

Date: Wed, 23 May 2018 10:21:40 GMT
Last-Modified: Sun, 28 Jan 2018 12:30:00 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "835635b73398d31:0"
Content-Type: font/x-woff
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 23320

GET
S 200 app.css
download.gamesrv1.com/secure/MWC/2018.04_75611//appBl/ 143 KB
33 KB 38ms
38ms Stylesheet
text/css 93.184.221.168
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2018.04_75611//appBl/app.css
Requested by: Host: gamesrv1.magicred.com
URL: https://gamesrv1.magicred.com/MWC/mwc-app.js
Protocol: SPDY
Server: 93.184.221.168 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8FA3) / ASP.NET
Resource Hash: a7801a1915422692d19f4e4c8fa7e5866bd80de03fa6a6ab4da9bc517ce95d88

Request headers

Referer: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 23 May 2018 10:21:40 GMT
content-encoding: gzip
etag: "194b9bdec6e4d31:0"
last-modified: Sat, 05 May 2018 23:14:51 GMT
server: ECAcc (frc/8FA3)
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 34174

GET
S 200 0.js Show response
download.gamesrv1.com/secure/MWC/2018.04_75611/ 504 KB
215 KB 7ms
6ms Script
application/javascript 93.184.221.168
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2018.04_75611/0.js?v=2018.04_75611
Requested by: Host: gamesrv1.magicred.com
URL: https://gamesrv1.magicred.com/MWC/mwc-app.js
Protocol: SPDY
Server: 93.184.221.168 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8E91) / ASP.NET
Resource Hash: 11de6148f5beef6f70fe9552ac556c1cf242faf30cf1f64f043610d9c70e244e

Request headers

Referer: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 23 May 2018 10:21:40 GMT
content-encoding: gzip
etag: "f5137ddec6e4d31:0"
last-modified: Sat, 05 May 2018 23:14:51 GMT
server: ECAcc (frc/8E91)
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 220312

GET
S 200 app-bundle.js Show response
download.gamesrv1.com/secure/MWC/2018.04_75611/appBl/ 651 KB
229 KB 7ms
6ms Script
application/javascript 93.184.221.168
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2018.04_75611/appBl/app-bundle.js?v=2018.04_75611
Requested by: Host: gamesrv1.magicred.com
URL: https://gamesrv1.magicred.com/MWC/mwc-app.js
Protocol: SPDY
Server: 93.184.221.168 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8F71) / ASP.NET
Resource Hash: de2ad6e8df2b6eb5b641a989c737402e36ae25b13906bcbba4187a667e3f4eb6

Request headers

Referer: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 23 May 2018 10:21:40 GMT
content-encoding: gzip
etag: "f9ff8fdec6e4d31:0"
last-modified: Sat, 05 May 2018 23:14:51 GMT
server: ECAcc (frc/8F71)
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 234444

GET
S 200 glyphicons-halflings-regular.woff
download.gamesrv1.com/secure/MWC/2018.04_75611//assets/base/fonts/ 23 KB
23 KB 1941ms
1928ms Font
font/x-woff 93.184.221.168
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2018.04_75611//assets/base/fonts/glyphicons-halflings-regular.woff
Requested by: Host: de.magicred.com
URL: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
Protocol: SPDY
Server: 93.184.221.168 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8FCC) / ASP.NET
Resource Hash: fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: https://download.gamesrv1.com/secure/MWC/2018.04_75611//appBl/app.css
Origin: https://de.magicred.com

Response headers

date: Wed, 23 May 2018 10:21:42 GMT
etag: "3959ddec6e4d31:0"
last-modified: Sat, 05 May 2018 23:14:51 GMT
server: ECAcc (frc/8FCC)
x-powered-by: ASP.NET
status: 200
x-cache: HIT
content-type: font/x-woff
access-control-allow-origin: *
accept-ranges: bytes
content-length: 23320

GET
S 200 branding.css
download.gamesrv1.com/secure/MWC/2018.04_75611/assets/branded/141/ 13 KB
4 KB 7ms
6ms Stylesheet
text/css 93.184.221.168
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2018.04_75611/assets/branded/141/branding.css
Requested by: Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2018.04_75611/0.js?v=2018.04_75611
Protocol: SPDY
Server: 93.184.221.168 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8FA4) / ASP.NET
Resource Hash: 795f1abd0c0afa469ebb50b120e1aa709b888bf27c3c348a97661edc57175488

Request headers

Referer: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 23 May 2018 10:21:42 GMT
content-encoding: gzip
etag: "e97e9ddfc6e4d31:0"
last-modified: Sat, 05 May 2018 23:14:53 GMT
server: ECAcc (frc/8FA4)
status: 200
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 3749

GET
S 200 icons.css
download.gamesrv1.com/secure/MWC/2018.04_75611/assets/branded/141/ 16 KB
3 KB 6ms
6ms Stylesheet
text/css 93.184.221.168
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2018.04_75611/assets/branded/141/icons.css
Requested by: Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2018.04_75611/0.js?v=2018.04_75611
Protocol: SPDY
Server: 93.184.221.168 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8FC8) / ASP.NET
Resource Hash: aefd335ddfdf77b3269e93b82d543f69c78a1a25a527e837168d14b01887b031

Request headers

Referer: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 23 May 2018 10:21:42 GMT
content-encoding: gzip
etag: "c2c9fdfc6e4d31:0"
last-modified: Sat, 05 May 2018 23:14:53 GMT
server: ECAcc (frc/8FC8)
status: 200
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2476

GET
S 200 link-141.service.js Show response
download.gamesrv1.com/secure/MWC/2018.04_75611/regulationCustomization/brand/link/ 230 B
408 B 7ms
7ms Script
application/javascript 93.184.221.168
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2018.04_75611/regulationCustomization/brand/link/link-141.service.js?v=2018.04_75611
Requested by: Host: gamesrv1.magicred.com
URL: https://gamesrv1.magicred.com/MWC/mwc-app.js
Protocol: SPDY
Server: 93.184.221.168 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8E9A) / ASP.NET
Resource Hash: 45f405b79f131145021d350fa030cedc17d60e3f4aeb772390deb62c5f024845

Request headers

Referer: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 23 May 2018 10:21:42 GMT
content-encoding: gzip
etag: "b49f6ee1c6e4d31:0"
last-modified: Sat, 05 May 2018 23:14:56 GMT
server: ECAcc (frc/8E9A)
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 319

GET
S 200 css Show response
fonts.googleapis.com/ 972 B
599 B 39ms
16ms XHR
text/css 216.58.208.42
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=latin,latin-ext

Requested by

Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2018.04_75611/0.js?v=2018.04_75611

Protocol

SPDY

Server

216.58.208.42 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f42.1e100.net

Software

ESF /

Resource Hash

1ce747b1fb2c50823f8553659ec0b7e80cc6516f6858884a86b2b0dfd396fc43

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
Origin: https://de.magicred.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 23 May 2018 10:21:42 GMT
content-encoding: gzip
server: ESF
status: 200
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
x-xss-protection: 1; mode=block
expires: Wed, 23 May 2018 10:21:42 GMT

GET
S 200 css
fonts.googleapis.com/ 972 B
382 B 15ms
14ms Stylesheet
text/css 216.58.208.42
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=latin,latin-ext

Requested by

Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2018.04_75611/appBl/app-bundle.js?v=2018.04_75611

Protocol

SPDY

Server

216.58.208.42 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f42.1e100.net

Software

ESF /

Resource Hash

1ce747b1fb2c50823f8553659ec0b7e80cc6516f6858884a86b2b0dfd396fc43

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 23 May 2018 10:21:42 GMT
content-encoding: gzip
server: ESF
status: 200
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
x-xss-protection: 1; mode=block
expires: Wed, 23 May 2018 10:21:42 GMT

GET
S 200 base-bundle-uxt-2.js Show response
download.gamesrv1.com/secure/MWC/2018.04_75611/modules/base/ 63 KB
20 KB 9ms
9ms Script
application/javascript 93.184.221.168
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2018.04_75611/modules/base/base-bundle-uxt-2.js?v=2018.04_75611
Requested by: Host: gamesrv1.magicred.com
URL: https://gamesrv1.magicred.com/MWC/mwc-app.js
Protocol: SPDY
Server: 93.184.221.168 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8FB5) / ASP.NET
Resource Hash: 8577c48dbd3f0d19ba93a92556ec9a25e5e7dc44e83c728cce15eeaa5fc5be37

Request headers

Referer: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 23 May 2018 10:21:42 GMT
content-encoding: gzip
etag: "f4282de1c6e4d31:0"
last-modified: Sat, 05 May 2018 23:14:55 GMT
server: ECAcc (frc/8FB5)
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 19921

GET
S 200 mem8YaGs126MiZpBA-UFW50e.ttf
fonts.gstatic.com/s/opensans/v15/ 38 KB
24 KB 6ms
6ms Font
font/ttf 216.58.208.35
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFW50e.ttf

Protocol

SPDY

Server

216.58.208.35 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f35.1e100.net

Software

sffe /

Resource Hash

0c4595868d57ebb5f2793e22e8493bfe2606cd8c628a039d2d1a4fa79f642b05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=latin,latin-ext
Origin: https://de.magicred.com

Response headers

date: Wed, 09 May 2018 15:54:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1189629
status: 200
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 24229
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Oct 2017 21:49:47 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 May 2019 15:54:33 GMT

GET
S 200 mem5YaGs126MiZpBA-UN7rgOXOhs.ttf
fonts.gstatic.com/s/opensans/v15/ 39 KB
25 KB 6ms
6ms Font
font/ttf 216.58.208.35
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOXOhs.ttf

Protocol

SPDY

Server

216.58.208.35 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f35.1e100.net

Software

sffe /

Resource Hash

d123a1a00d692830f1f5276c64edfbc7abc9d0640bbb02596f83e10b14f89c0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=latin,latin-ext
Origin: https://de.magicred.com

Response headers

date: Thu, 08 Feb 2018 17:57:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8958268
status: 200
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 25116
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Oct 2017 21:49:48 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Feb 2019 17:57:14 GMT

GET
S 200 mem5YaGs126MiZpBA-UN_r8OXOhs.ttf
fonts.gstatic.com/s/opensans/v15/ 39 KB
24 KB 6ms
6ms Font
font/ttf 216.58.208.35
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN_r8OXOhs.ttf

Protocol

SPDY

Server

216.58.208.35 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f35.1e100.net

Software

sffe /

Resource Hash

b5f97120805971ceb303f56728f4b940e88a0b0ca8a6185b9561613faa510acb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=latin,latin-ext
Origin: https://de.magicred.com

Response headers

date: Wed, 14 Feb 2018 13:51:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8454607
status: 200
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 24872
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Oct 2017 21:49:34 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Feb 2019 13:51:35 GMT

GET
S 200 Lang_GER.json Show response
download.gamesrv1.com/secure/MWC/2018.04_75611/assets/lang/base/ 128 KB
31 KB 7ms
7ms XHR
application/json 93.184.221.168
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2018.04_75611/assets/lang/base/Lang_GER.json
Requested by: Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2018.04_75611/appBl/app-bundle.js?v=2018.04_75611
Protocol: SPDY
Server: 93.184.221.168 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8FAF) / ASP.NET
Resource Hash: 99e887c67c9e075ec7dd62116656e3d3e881b9076e5686cd371068ff8ceaac4a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
Origin: https://de.magicred.com

Response headers

date: Wed, 23 May 2018 10:21:42 GMT
content-encoding: gzip
etag: "f0024e1c6e4d31:0+gzip"
last-modified: Sat, 05 May 2018 23:14:55 GMT
server: ECAcc (frc/8FAF)
status: 200
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes
content-length: 31913

GET
H/1.1 200
OK sapi.aspx
gamesrv1.magicred.com/ScratchCards/ 174 KB
0 257ms
257ms XHR
application/json 95.129.38.30
ASN-BELLNET

General

Check archive.org

Show headers Download Go to

Full URL: https://gamesrv1.magicred.com/ScratchCards/sapi.aspx?AR=17&CSI=141&IUA=neow&LNG=GER&PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&PlayMode=M&UniqueDeviceId=39b4212b-8d25-4449-9636-3db645fd9ed8&cm=GGL&rst=j
Requested by: Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2018.04_75611/0.js?v=2018.04_75611
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.129.38.30 , United Kingdom, ASN20521 (ASN-BELLNET, MT),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Pragma: no-cache
Origin: https://de.magicred.com
Accept-Encoding: gzip, deflate
Host: gamesrv1.magicred.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
Cookie: par=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk; ar=17; lastvisit=2018-05-23; visits=1; l=de; lng=GER; __cfduid=d2b6a607684bd44a8039379ca35a0c7b91527070899; UniqueDeviceId=39b4212b-8d25-4449-9636-3db645fd9ed8; ASP.NET_SessionId=zkj3o3p50b0vbdqsmx14cdkw
Connection: keep-alive
Cache-Control: no-cache
Accept: application/json, text/plain, */*
Referer: https://de.magicred.com/?PAR=JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk&AR=17&NeoDL=Registration
Origin: https://de.magicred.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 23 May 2018 10:21:42 GMT
Last-Modified: Wed, 23 May 2018 10:21:42 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: POST,GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://de.magicred.com
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Cache-Control: private, max-age=1
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,X-Prototype-Version,Content-Type,Cache-Control,Pragma,Origin
Content-Length: 246989
Expires: Wed, 23 May 2018 10:21:43 GMT

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.magicred.com/	1970-01-19 00:56:46	Name: UniqueDeviceId Value: 39b4212b-8d25-4449-9636-3db645fd9ed8
.magicred.com/	1970-01-19 00:56:46	Name: __cfduid Value: d2b6a607684bd44a8039379ca35a0c7b91527070899
.magicred.com/	1970-01-18 16:54:22	Name: l Value: de
.magicred.com/	1970-01-18 16:54:22	Name: lng Value: GER
.magicred.com/	1970-01-19 00:56:46	Name: lastvisit Value: 2018-05-23
.magicred.com/	1970-01-19 00:56:46	Name: visits Value: 1
.magicred.com/	1970-01-18 16:54:22	Name: ar Value: 17
.magicred.com/	1970-01-18 16:54:22	Name: par Value: JbnRB9iCR52pH5vqr_sx2mNd7ZgqdRLk

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

data.ad-score.com
de.magicred.com
download.gamesrv1.com
fnc.aspireglobal.com
fonts.googleapis.com
fonts.gstatic.com
gamesrv1.magicred.com
online.magicred.com
record.eshkol.com
tracking.perfecttoolmedia.com
www.magicred.com
www.todayposts.com
104.20.96.25
104.27.166.174
107.178.253.29
130.211.115.4
151.139.241.24
216.58.208.35
216.58.208.42
34.250.237.172
35.186.235.249
93.184.221.168
95.129.34.30
95.129.38.30
03e2544599e5a06566b2579f82ac6e445b724435fccb1f3e8988e58f45b1fc5e
0a1eb1607e6fc69bff456e5f2493b17c718552b69fed69f27831be000f53a1f8
0c4595868d57ebb5f2793e22e8493bfe2606cd8c628a039d2d1a4fa79f642b05
0da0bf12160f642ac64bbd64c45cddf6ad7f7075b2cf2a1a7a16f3c2dd3c19df
11de6148f5beef6f70fe9552ac556c1cf242faf30cf1f64f043610d9c70e244e
1238ee9492aa0a6e64cb2089a9c2c3d1690c2d907928c41f4c0f0376aa4698c1
175cce5d7fdc2e28a11d97a0bab34ecda0aebefa984e3ce5770ec888999ae34e
1be309ab0b4cb9afcddfbb14f8377539805eb33a188e59c2ae1eae8b685f9914
1ce747b1fb2c50823f8553659ec0b7e80cc6516f6858884a86b2b0dfd396fc43
1e8627f91d28c551c4150bfb24d9ddcd5420336de47f799dc64bbd9892e1e10a
29eba6c9e6b20c78b6e2115be6068ce6402a7b510eda085442628fe31abd8c70
3ec2828835b6c1c9838d2cd9ebc7fb3172fd3aecea604ad146225a714f8cc707
45f405b79f131145021d350fa030cedc17d60e3f4aeb772390deb62c5f024845
4b5635182abd8748dc5d0936d57bcce4d9bdaa8f909ebd1a3dc84c7fc77d89bd
4d6318dd2eb9fab0c8d9ac713bbf9339a7619d62b6b380501025e45fc7183ef3
520520a7bf5673f17f9dfaae661ee58dc27c0f35875bf399539209ad7fd48dff
5538f53ebe72ceb827c30eb715485d7cce32296e4898e5d492fd24f34bd5d18c
59879055042768d387081157ac25cab63d4308faaf20e901428475a3a2744ba8
5ab338e5d2e9b5257b6ac6580a64bf342f6ccc2a6a82ce3e939c358451971fe4
63d4e5cdcb23a8586ddab41b23095dfa2e1c3618aeaacdc872820a56b93fe25b
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
7732be9332ed1558b59b5be874ace798c8a3d69aa63d279f4b6d47355441ea0c
78d358ba019a1cd3b28a8917560a433fc03f52c2ec058a85bd00f2236cded66e
795f1abd0c0afa469ebb50b120e1aa709b888bf27c3c348a97661edc57175488
8577c48dbd3f0d19ba93a92556ec9a25e5e7dc44e83c728cce15eeaa5fc5be37
9250917dce9e9756de37e39ba4d072503b54bd5903d4121b0715c827c0f8eda9
99e887c67c9e075ec7dd62116656e3d3e881b9076e5686cd371068ff8ceaac4a
9bef47a9956c20f614e67a64fa25948794bfb45754155a290a69215367609e54
a7801a1915422692d19f4e4c8fa7e5866bd80de03fa6a6ab4da9bc517ce95d88
a90ac9143eb08252c6c0efb38a841ec992d8f86c915b848b8be7a4dc55419d95
aa1a5a928a3fa4fbb6a835c1f80a8f5dd87b0ad105518b916e5bbe7a96b03e76
aefd335ddfdf77b3269e93b82d543f69c78a1a25a527e837168d14b01887b031
b5f97120805971ceb303f56728f4b940e88a0b0ca8a6185b9561613faa510acb
b8f0b22adf17545ac47dc2aae149b6ffa2f9608951e74a5d9e30d4fa1a4785ec
c57167494aed0cf9556ec8b0ba288f3d901eabde59cc57e5915d825c24a66809
c7229ddabe1c0831eae11f61f9556ccd23882ac78295fd537112d830cbaa4d77
d123a1a00d692830f1f5276c64edfbc7abc9d0640bbb02596f83e10b14f89c0d
d599f76d68646f216d9b31e469cc342c32c552d52653cfe7fc9df1672647c6ca
de2ad6e8df2b6eb5b641a989c737402e36ae25b13906bcbba4187a667e3f4eb6
e1ae8b340032014b10ec1c5eb6570c904f949ebea83f5a1c4d940975d4b40c5e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecb7e14227205466c66316bb18598b52619c9a506372db48c05b78e152415a4a
ed8dd11b642f3f0a3ef4a0e01b03040093706ab296f91eb82308e3e90859ae34
ef1afe72be678d91398fc959d6920d4e8e0df4ddc00af772f5174340a60391d2
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e

de.magicred.com Open in urlscan Pro 104.27.166.174 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

34 %HTTPS

0 %IPv6

9 Domains

12 Subdomains

9 IPs

4 Countries

1135 kBTransfer

2887 kBSize

8 Cookies

11 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

de.magicred.com Open in urlscan Pro
104.27.166.174 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

34 %
HTTPS

0 %
IPv6

9
Domains

12
Subdomains

9
IPs

4
Countries

1135 kB
Transfer

2887 kB
Size

8
Cookies

53 HTTP transactions
0 data transactions