www.linkbucks.com Open in urlscan Pro
104.20.12.25  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

• http://www.linkbucks.com/popUnder/load?t=fbc4d63ceeef907120e97f5f607aeb224e8c72a3&k=076f40021254c5b17eb96bbb3b2a5161&h=1200&w=1600&bh=1200&bw=1600&r= HTTP 302
• https://www.buzzonclick.com/script/preurl.php?r=1591019

Request Chain 7

• https://www.buzzonclick.com/script/preurl.php?stamat=m%7C%2Ckd2E-YhIqB1dQO0dEdHP3xP.d3c%2CFj52kPnVbtMyWp_yocfSvEgwkHp6pKt9T0aQLRsPsJFLbaS3NHm8sVQUbkmcaLVvQyf3gJabRVFON8TWD9N96A%2C%2C&cbrandom=0.9290064174614794&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=http%3A%2F%2Fwww.linkbucks.com%2FA3ZvJ HTTP 302
• http://tracking.perfecttoolmedia.com/router?code=1UTTPE9&traffic_source=295708&campaign_id=90344591&click_id=15063600662499489278160591703314777&language=n/a&site_id=1591019&zone=1591019&acsc=90344711

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set A3ZvJ Show response www.linkbucks.com/	7 KB 3 KB	199ms 193ms	Document text/html	104.20.12.25 CloudFlare
General Check archive.org Show headers Download Go to Full URL http://www.linkbucks.com/A3ZvJ Protocol HTTP/1.1 Server 104.20.12.25 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US), Reverse DNS Software cloudflare-nginx / ASP.NET Resource Hash 9a86c49f3012dc04a840304b172a2129de2c8fb00a42d49f087dd8cd98e23b08 Security Headers Name Value X-Frame-Options DENY Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.linkbucks.com Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Cache-Control no-cache Connection keep-alive Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Response headers Pragma no-cache Date Mon, 25 Sep 2017 17:21:05 GMT Content-Encoding gzip Server cloudflare-nginx X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET X-Frame-Options DENY Content-Type text/html; charset=utf-8 Set-Cookie __cfduid=d933e4b93cd5b4885844ecb866f0067d01506360065; expires=Tue, 25-Sep-18 17:21:05 GMT; path=/; domain=.linkbucks.com; HttpOnly ASP.NET_SessionId=xr40w0ax5oeleulon3vdi5qq; path=/; HttpOnly Cache-Control private Transfer-Encoding chunked Connection keep-alive CF-RAY 3a3fa866e1c9636d-FRA Expires Mon, 26 Jul 1997 05:00:00 GMT
GET H/1.1	200 OK	popUnderLink.js Show response www.linkbucks.com/scripts/	2 KB 838 B	10ms 10ms	Script application/javascript	104.20.12.25 CloudFlare
General Check archive.org Show headers Download Go to Full URL http://www.linkbucks.com/scripts/popUnderLink.js Requested by Host: www.linkbucks.com URL: http://www.linkbucks.com/A3ZvJ Protocol HTTP/1.1 Server 104.20.12.25 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US), Reverse DNS Software cloudflare-nginx / ASP.NET Resource Hash 90bb7b964e8aee4f0caf5b45ccd36d2fb7057a46bbb6fccf0439912764015b4f Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.linkbucks.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Accept */* Referer http://www.linkbucks.com/A3ZvJ Cookie __cfduid=d933e4b93cd5b4885844ecb866f0067d01506360065; ASP.NET_SessionId=xr40w0ax5oeleulon3vdi5qq Connection keep-alive Cache-Control no-cache Referer http://www.linkbucks.com/A3ZvJ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Response headers Date Mon, 25 Sep 2017 17:21:05 GMT Content-Encoding gzip Vary Accept-Encoding CF-Cache-Status HIT Last-Modified Thu, 03 Aug 2017 18:20:55 GMT Server cloudflare-nginx X-Powered-By ASP.NET ETag W/"a1d0303f85cd31:0" Transfer-Encoding chunked Content-Type application/javascript Connection keep-alive CF-RAY 3a3fa8682274636d-FRA
GET H/1.1	200 OK	script-adv.js Show response www.linkbucks.com/scripts/	32 B 32 B	16ms 11ms	Script application/javascript	104.20.12.25 CloudFlare
General Check archive.org Show headers Download Go to Full URL http://www.linkbucks.com/scripts/script-adv.js Requested by Host: www.linkbucks.com URL: http://www.linkbucks.com/A3ZvJ Protocol HTTP/1.1 Server 104.20.12.25 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US), Reverse DNS Software cloudflare-nginx / ASP.NET Resource Hash ac7e5e2f553bc944caa19ef20d310a3eb7f65814b31b6976618b33639365cf7f Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.linkbucks.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Accept */* Referer http://www.linkbucks.com/A3ZvJ Cookie __cfduid=d933e4b93cd5b4885844ecb866f0067d01506360065; ASP.NET_SessionId=xr40w0ax5oeleulon3vdi5qq Connection keep-alive Cache-Control no-cache Referer http://www.linkbucks.com/A3ZvJ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Response headers Date Mon, 25 Sep 2017 17:21:05 GMT CF-Cache-Status HIT Last-Modified Thu, 03 Aug 2017 18:20:55 GMT Server cloudflare-nginx X-Powered-By ASP.NET ETag "7f90333f85cd31:0" Vary Accept-Encoding Content-Type application/javascript Connection keep-alive Accept-Ranges bytes CF-RAY 3a3fa868214a6475-FRA Content-Length 32
GET H2	200	analytics.js Show response www.google-analytics.com/	34 KB 14 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:814::200e Google Inc.
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.linkbucks.com URL: http://www.linkbucks.com/A3ZvJ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:814::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US), Reverse DNS Software Golfe2 / Resource Hash 736b108848c2d0a4a9f0a6c5eaa8c8c192f64611e5146f2378b4e8e05c30411c Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers :path /analytics.js pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 accept */* cache-control no-cache :authority www.google-analytics.com referer http://www.linkbucks.com/A3ZvJ :scheme https :method GET Referer http://www.linkbucks.com/A3ZvJ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Mon, 18 Sep 2017 22:20:10 GMT server Golfe2 age 2539 date Mon, 25 Sep 2017 16:38:46 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="39,38,37,35" content-length 14031 expires Mon, 25 Sep 2017 18:38:46 GMT
GET H/1.1	200 OK	jquery.js Show response www.linkbucks.com/scripts/	19 KB 5 KB	192ms 191ms	Script text/javascript	104.20.12.25 CloudFlare
General Check archive.org Show headers Download Go to Full URL http://www.linkbucks.com/scripts/jquery.js?r=fbc4d63ceeef907120e97f5f607aeb224e8c72a3&23634131 Requested by Host: www.linkbucks.com URL: http://www.linkbucks.com/scripts/popUnderLink.js Protocol HTTP/1.1 Server 104.20.12.25 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US), Reverse DNS Software cloudflare-nginx / ASP.NET Resource Hash 3779437e2724544a9f8bcfdbaf8ec10425e6b14308d338b4ad6104e7ad6091db Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.linkbucks.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Accept */* Referer http://www.linkbucks.com/A3ZvJ Cookie __cfduid=d933e4b93cd5b4885844ecb866f0067d01506360065; ASP.NET_SessionId=xr40w0ax5oeleulon3vdi5qq Connection keep-alive Cache-Control no-cache Referer http://www.linkbucks.com/A3ZvJ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Response headers Pragma no-cache Date Mon, 25 Sep 2017 17:21:05 GMT Content-Encoding gzip CF-Cache-Status MISS Server cloudflare-nginx X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type text/javascript; charset=UTF-8 Cache-Control no-cache, must-revalidate Transfer-Encoding chunked Connection keep-alive CF-RAY 3a3fa86831576475-FRA Expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	collect www.google-analytics.com/r/	35 B 53 B	13ms 13ms	Image image/gif	2a00:1450:4001:814::200e Google Inc.
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/r/collect?v=1&_v=j63&a=1433733685&t=pageview&_s=1&dl=http%3A%2F%2Fwww.linkbucks.com%2FA3ZvJ&ul=en-us&de=UTF-8&dt=Linkbucks.com%20-%20Make%20money%20when%20people%20leave%20your%20website!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAMABI~&jid=57871444&gjid=620733970&cid=450273575.1506360065&tid=UA-88900307-1&_gid=77584576.1506360065&_r=1&z=634565967 Requested by Host: www.linkbucks.com URL: http://www.linkbucks.com/A3ZvJ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:814::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers :path /r/collect?v=1&_v=j63&a=1433733685&t=pageview&_s=1&dl=http%3A%2F%2Fwww.linkbucks.com%2FA3ZvJ&ul=en-us&de=UTF-8&dt=Linkbucks.com%20-%20Make%20money%20when%20people%20leave%20your%20website!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAMABI~&jid=57871444&gjid=620733970&cid=450273575.1506360065&tid=UA-88900307-1&_gid=77584576.1506360065&_r=1&z=634565967 pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 accept image/webp,image/apng,image/*,*/*;q=0.8 cache-control no-cache :authority www.google-analytics.com referer http://www.linkbucks.com/A3ZvJ :scheme https :method GET Referer http://www.linkbucks.com/A3ZvJ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Response headers pragma no-cache date Mon, 25 Sep 2017 17:21:05 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate alt-svc quic=":443"; ma=2592000; v="39,38,37,35" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET		preurl.php www.buzzonclick.com/script/ Redirect Chain http://www.linkbucks.com/popUnder/load?t=fbc4d63ceeef907120e97f5f607aeb224e8c72a3&k=076f40021254c5b17eb96bbb3b2a5161&h=1200&w=1600&bh=1200&bw=1600&r= https://www.buzzonclick.com/script/preurl.php?r=1591019	0 0
GET H/1.1	200 OK	preurl.php Show response www.buzzonclick.com/script/ Frame 1476	4 KB 2 KB	479ms 129ms	Document text/html	104.197.46.226 Google Inc.
General Check archive.org Show headers Download Go to Full URL https://www.buzzonclick.com/script/preurl.php?r=1591019 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.197.46.226 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US), Reverse DNS 226.46.197.104.bc.googleusercontent.com Software openresty / Resource Hash 0fb150f91c6d9aeb01c455fc192b7cbb197222169a4b01727d7e0d3e67e1ad54 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.buzzonclick.com Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Referer http://www.linkbucks.com/A3ZvJ Connection keep-alive Cache-Control no-cache Upgrade-Insecure-Requests 1 Referer http://www.linkbucks.com/A3ZvJ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Response headers Date Mon, 25 Sep 2017 17:21:06 GMT Content-Encoding gzip Referrer-Policy no-referrer Server openresty Vary Accept-Encoding Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive Link <//www.buzzonclick.com>; rel=dns-prefetch,<//www.buzzonclick.com>; rel=preconnect
GET		router tracking.perfecttoolmedia.com/ Frame 1476 Redirect Chain https://www.buzzonclick.com/script/preurl.php?stamat=m%7C%2Ckd2E-YhIqB1dQO0dEdHP3xP.d3c%2CFj52kPnVbtMyWp_yocfSvEgwkHp6pKt9T0aQLRsPsJFLbaS3NHm8sVQUbkmcaLVvQyf3gJabRVFON8TWD9N96A%2C%2C&cbrandom=0.929... http://tracking.perfecttoolmedia.com/router?code=1UTTPE9&traffic_source=295708&campaign_id=90344591&click_id=15063600662499489278160591703314777&language=n/a&site_id=1591019&zone=1591019&acsc=90344711	0 0
GET H/1.1	200 OK	Cookie set router Show response tracking.perfecttoolmedia.com/ Frame 1478	380 B 380 B	399ms 254ms	Document text/html	52.208.116.243 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://tracking.perfecttoolmedia.com/router?code=1UTTPE9&traffic_source=295708&campaign_id=90344591&click_id=15063600662499489278160591703314777&language=n/a&site_id=1591019&zone=1591019&acsc=90344711 Protocol HTTP/1.1 Server 52.208.116.243 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-52-208-116-243.eu-west-1.compute.amazonaws.com Software Mono-HTTPAPI/1.0 / Resource Hash 84143601dc64bea768cb70e8ecefb074d42579cd75e226bc2637a13a30b90be3 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host tracking.perfecttoolmedia.com Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Cache-Control no-cache Connection keep-alive Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Response headers Date Mon, 25 Sep 2017 17:21:07 GMT Server Mono-HTTPAPI/1.0 Content-Type text/html; charset=utf-8 Set-Cookie CRID=d4b03vvpNxzLMsb067b9TjZPLmgLs3f AWSELB=FFC1FFD10E18A3DFF026BF1D2E1278657827F404C72A3B6AE528BE0D03DB4ECCB52CA18CD9017204DD29D835854A78D6B777B2C631E70A009E9BD3CF3E7C4D4FBBDD20B430;PATH=/ Cache-Control no-cache, must-revalidate no-cache="set-cookie" Connection keep-alive Content-Length 380 ORIG_REF http://unknown.net/ Expires Thu, 11 Nov 1999 11:11:11 GMT
GET		/ www.magicred.com/promo/ Frame 1478	0 0
GET H2	200	/ Show response www.magicred.com/promo/ Frame 1479	6 KB 3 KB	107ms 80ms	Document text/html	2400:cb00:2048:1::681b:a6ae CloudFlare
General Check archive.org Show headers Download Go to Full URL https://www.magicred.com/promo/?tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&acsc=90344711&campaign=670406&campaign_id=90344591&click_id=15063600662499489278160591703314777&code=1UTTPE9&customer=100687&destination=1415763&language=n/a&site_id=1591019&tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&traffic_source=295708&zone=1591019 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2400:cb00:2048:1::681b:a6ae , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US), Reverse DNS Software cloudflare-nginx / Resource Hash 5f39dcf5ecafad7c4e1b6de6b84a5e3e72a165c375059f1c68b68b4b17afd5df Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff Request headers :path /promo/?tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&acsc=90344711&campaign=670406&campaign_id=90344591&click_id=15063600662499489278160591703314777&code=1UTTPE9&customer=100687&destination=1415763&language=n/a&site_id=1591019&tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&traffic_source=295708&zone=1591019 pragma no-cache accept-encoding gzip, deflate upgrade-insecure-requests 1 user-agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 cache-control no-cache :authority www.magicred.com referer http://tracking.perfecttoolmedia.com/router?code=1UTTPE9&traffic_source=295708&campaign_id=90344591&click_id=15063600662499489278160591703314777&language=n/a&site_id=1591019&zone=1591019&acsc=90344711 :scheme https :method GET Upgrade-Insecure-Requests 1 Referer http://tracking.perfecttoolmedia.com/router?code=1UTTPE9&traffic_source=295708&campaign_id=90344591&click_id=15063600662499489278160591703314777&language=n/a&site_id=1591019&zone=1591019&acsc=90344711 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Response headers date Mon, 25 Sep 2017 17:21:07 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS server cloudflare-nginx strict-transport-security max-age=15552000 content-type text/html; charset=UTF-8 status 200 cache-control public, max-age=1382400 set-cookie __cfduid=d8881531e0b5869487681b792aaa91f4c1506360067; expires=Tue, 25-Sep-18 17:21:07 GMT; path=/; domain=.magicred.com; HttpOnly cf-ray 3a3fa8738b686415-FRA vary Accept-Encoding expires Wed, 11 Oct 2017 17:21:07 GMT
GET H2	200	style.css www.magicred.com/promo/ Frame 1479	2 KB 967 B	13ms 12ms	Stylesheet text/css	2400:cb00:2048:1::681b:a6ae CloudFlare
General Check archive.org Show headers Download Go to Full URL https://www.magicred.com/promo/style.css?v=156 Requested by Host: www.magicred.com URL: https://www.magicred.com/promo/?tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&acsc=90344711&campaign=670406&campaign_id=90344591&click_id=15063600662499489278160591703314777&code=1UTTPE9&customer=100687&destination=1415763&language=n/a&site_id=1591019&tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&traffic_source=295708&zone=1591019 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2400:cb00:2048:1::681b:a6ae , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US), Reverse DNS Software cloudflare-nginx / Resource Hash ad29ef003ec8d006754dc1c784e1da2377381324abba14ed43938b4f410ffbbc Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff Request headers :path /promo/style.css?v=156 pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 accept text/css,*/*;q=0.1 cache-control no-cache :authority www.magicred.com cookie __cfduid=d8881531e0b5869487681b792aaa91f4c1506360067 :scheme https referer https://www.magicred.com/promo/?tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&acsc=90344711&campaign=670406&campaign_id=90344591&click_id=15063600662499489278160591703314777&code=1UTTPE9&customer=100687&destination=1415763&language=n/a&site_id=1591019&tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&traffic_source=295708&zone=1591019 :method GET Referer https://www.magicred.com/promo/?tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&acsc=90344711&campaign=670406&campaign_id=90344591&click_id=15063600662499489278160591703314777&code=1UTTPE9&customer=100687&destination=1415763&language=n/a&site_id=1591019&tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&traffic_source=295708&zone=1591019 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Response headers date Mon, 25 Sep 2017 17:21:07 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT last-modified Fri, 23 Jun 2017 18:16:57 GMT server cloudflare-nginx etag W/"b2c-552a49b4ca031" vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=1382400 strict-transport-security max-age=15552000 cf-ray 3a3fa8741bf76415-FRA expires Wed, 11 Oct 2017 17:21:07 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.9.1/ Frame 1479	90 KB 32 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:824::200a Google Inc.
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js Requested by Host: www.magicred.com URL: https://www.magicred.com/promo/?tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&acsc=90344711&campaign=670406&campaign_id=90344591&click_id=15063600662499489278160591703314777&code=1UTTPE9&customer=100687&destination=1415763&language=n/a&site_id=1591019&tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&traffic_source=295708&zone=1591019 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a00:1450:4001:824::200a , Ireland, ASN15169 (GOOGLE - Google Inc., US), Reverse DNS Software sffe / Resource Hash c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :path /ajax/libs/jquery/1.9.1/jquery.min.js pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 accept */* cache-control no-cache :authority ajax.googleapis.com referer https://www.magicred.com/promo/?tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&acsc=90344711&campaign=670406&campaign_id=90344591&click_id=15063600662499489278160591703314777&code=1UTTPE9&customer=100687&destination=1415763&language=n/a&site_id=1591019&tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&traffic_source=295708&zone=1591019 :scheme https :method GET Referer https://www.magicred.com/promo/?tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&acsc=90344711&campaign=670406&campaign_id=90344591&click_id=15063600662499489278160591703314777&code=1UTTPE9&customer=100687&destination=1415763&language=n/a&site_id=1591019&tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&traffic_source=295708&zone=1591019 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Response headers date Wed, 30 Aug 2017 13:42:03 GMT content-encoding gzip x-content-type-options nosniff age 2259544 status 200 alt-svc quic=":443"; ma=2592000; v="39,38,37,35" content-length 33018 x-xss-protection 1; mode=block last-modified Tue, 20 Dec 2016 18:17:03 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Thu, 30 Aug 2018 13:42:03 GMT
GET H2	200	main.js Show response www.magicred.com/promo/ Frame 1479	4 KB 2 KB	15ms 15ms	Script application/javascript	2400:cb00:2048:1::681b:a6ae CloudFlare
General Check archive.org Show headers Download Go to Full URL https://www.magicred.com/promo/main.js?v=156 Requested by Host: www.magicred.com URL: https://www.magicred.com/promo/?tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&acsc=90344711&campaign=670406&campaign_id=90344591&click_id=15063600662499489278160591703314777&code=1UTTPE9&customer=100687&destination=1415763&language=n/a&site_id=1591019&tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&traffic_source=295708&zone=1591019 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2400:cb00:2048:1::681b:a6ae , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US), Reverse DNS Software cloudflare-nginx / Resource Hash 1f6616b52977435fc56190f3f4dcfd75a2b30ed19f379056b3b63918eb5ede95 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff Request headers :path /promo/main.js?v=156 pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 accept */* cache-control no-cache :authority www.magicred.com cookie __cfduid=d8881531e0b5869487681b792aaa91f4c1506360067 :scheme https referer https://www.magicred.com/promo/?tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&acsc=90344711&campaign=670406&campaign_id=90344591&click_id=15063600662499489278160591703314777&code=1UTTPE9&customer=100687&destination=1415763&language=n/a&site_id=1591019&tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&traffic_source=295708&zone=1591019 :method GET Referer https://www.magicred.com/promo/?tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&acsc=90344711&campaign=670406&campaign_id=90344591&click_id=15063600662499489278160591703314777&code=1UTTPE9&customer=100687&destination=1415763&language=n/a&site_id=1591019&tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&traffic_source=295708&zone=1591019 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Response headers date Mon, 25 Sep 2017 17:21:07 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT last-modified Fri, 28 Jul 2017 09:46:29 GMT server cloudflare-nginx etag W/"169f-5555d8e2c69e2" vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=1382400 strict-transport-security max-age=15552000 cf-ray 3a3fa8741bf86415-FRA expires Wed, 11 Oct 2017 17:21:07 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/ Frame 1479	43 KB 17 KB	16ms 16ms	Script application/javascript	2a00:1450:4001:814::2008 Google Inc.
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-THFRNV Requested by Host: www.magicred.com URL: https://www.magicred.com/promo/?tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&acsc=90344711&campaign=670406&campaign_id=90344591&click_id=15063600662499489278160591703314777&code=1UTTPE9&customer=100687&destination=1415763&language=n/a&site_id=1591019&tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&traffic_source=295708&zone=1591019 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:814::2008 , Ireland, ASN15169 (GOOGLE - Google Inc., US), Reverse DNS Software Google Tag Manager (scaffolding) / Resource Hash 6c0ca4da35249f73f320b6cca3a0d345fda9356883173e746e1d39eace7931aa Security Headers Name Value X-Xss-Protection 1; mode=block Request headers :path /gtm.js?id=GTM-THFRNV pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 accept */* cache-control no-cache :authority www.googletagmanager.com referer https://www.magicred.com/promo/?tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&acsc=90344711&campaign=670406&campaign_id=90344591&click_id=15063600662499489278160591703314777&code=1UTTPE9&customer=100687&destination=1415763&language=n/a&site_id=1591019&tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&traffic_source=295708&zone=1591019 :scheme https :method GET Referer https://www.magicred.com/promo/?tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&acsc=90344711&campaign=670406&campaign_id=90344591&click_id=15063600662499489278160591703314777&code=1UTTPE9&customer=100687&destination=1415763&language=n/a&site_id=1591019&tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&traffic_source=295708&zone=1591019 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Response headers date Mon, 25 Sep 2017 17:21:07 GMT content-encoding gzip server Google Tag Manager (scaffolding) access-control-allow-headers Cache-Control status 200 vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin http://www.googletagmanager.com cache-control private, max-age=900 access-control-allow-credentials true alt-svc quic=":443"; ma=2592000; v="39,38,37,35" content-length 17108 x-xss-protection 1; mode=block expires Mon, 25 Sep 2017 17:21:07 GMT
GET H2	200	magicred-web-bgi.jpg www.magicred.com/promo/img/ Frame 1479	154 KB 154 KB	17ms 16ms	Image image/jpeg	2400:cb00:2048:1::681b:a6ae CloudFlare
General Check archive.org Show headers Download Go to Show image Full URL https://www.magicred.com/promo/img/magicred-web-bgi.jpg?ver=1.1 Requested by Host: www.magicred.com URL: https://www.magicred.com/promo/?tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&acsc=90344711&campaign=670406&campaign_id=90344591&click_id=15063600662499489278160591703314777&code=1UTTPE9&customer=100687&destination=1415763&language=n/a&site_id=1591019&tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&traffic_source=295708&zone=1591019 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2400:cb00:2048:1::681b:a6ae , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US), Reverse DNS Software cloudflare-nginx / Resource Hash 80077c005c7dc4943159b73725984826b4eeed5f452268812b9007a859fbff3e Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff Request headers :path /promo/img/magicred-web-bgi.jpg?ver=1.1 pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 accept image/webp,image/apng,image/*,*/*;q=0.8 cache-control no-cache :authority www.magicred.com cookie __cfduid=d8881531e0b5869487681b792aaa91f4c1506360067 :scheme https referer https://www.magicred.com/promo/style.css?v=156 :method GET Referer https://www.magicred.com/promo/style.css?v=156 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Response headers date Mon, 25 Sep 2017 17:21:07 GMT x-content-type-options nosniff cf-cache-status HIT last-modified Sun, 26 Mar 2017 03:35:12 GMT server cloudflare-nginx etag "26910-54b99ea0c0f55" vary Accept-Encoding content-type image/jpeg status 200 cache-control public, max-age=1382400 strict-transport-security max-age=15552000 accept-ranges bytes cf-ray 3a3fa8744c136415-FRA content-length 157968 expires Wed, 11 Oct 2017 17:21:07 GMT
GET H2	200	magicred-logo.png www.magicred.com/promo/img/ Frame 1479	8 KB 8 KB	10ms 10ms	Image image/png	2400:cb00:2048:1::681b:a6ae CloudFlare
General Check archive.org Show headers Download Go to Show image Full URL https://www.magicred.com/promo/img/magicred-logo.png?ver=1.1 Requested by Host: www.magicred.com URL: https://www.magicred.com/promo/?tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&acsc=90344711&campaign=670406&campaign_id=90344591&click_id=15063600662499489278160591703314777&code=1UTTPE9&customer=100687&destination=1415763&language=n/a&site_id=1591019&tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&traffic_source=295708&zone=1591019 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2400:cb00:2048:1::681b:a6ae , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US), Reverse DNS Software cloudflare-nginx / Resource Hash 46a67c91042bd9f16bfc08fb336b05bc8541e6659451b85686454841713ed1ea Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff Request headers :path /promo/img/magicred-logo.png?ver=1.1 pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 accept image/webp,image/apng,image/*,*/*;q=0.8 cache-control no-cache :authority www.magicred.com cookie __cfduid=d8881531e0b5869487681b792aaa91f4c1506360067 :scheme https referer https://www.magicred.com/promo/style.css?v=156 :method GET Referer https://www.magicred.com/promo/style.css?v=156 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Response headers date Mon, 25 Sep 2017 17:21:07 GMT x-content-type-options nosniff cf-cache-status HIT last-modified Sun, 26 Mar 2017 03:35:12 GMT server cloudflare-nginx etag "218f-54b99ea0c039d" vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=1382400 strict-transport-security max-age=15552000 accept-ranges bytes cf-ray 3a3fa8744c166415-FRA content-length 8591 expires Wed, 11 Oct 2017 17:21:07 GMT
GET H2	200	web-promo-DE-EUR-1.png www.magicred.com/promo/img/ Frame 1479	6 KB 6 KB	13ms 13ms	Image image/png	2400:cb00:2048:1::681b:a6ae CloudFlare
General Check archive.org Show headers Download Go to Show image Full URL https://www.magicred.com/promo/img/web-promo-DE-EUR-1.png?ver=1.1 Requested by Host: www.magicred.com URL: https://www.magicred.com/promo/?tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&acsc=90344711&campaign=670406&campaign_id=90344591&click_id=15063600662499489278160591703314777&code=1UTTPE9&customer=100687&destination=1415763&language=n/a&site_id=1591019&tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&traffic_source=295708&zone=1591019 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2400:cb00:2048:1::681b:a6ae , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US), Reverse DNS Software cloudflare-nginx / Resource Hash 9e0aedee758f1bb6566db87ca2fadafa56d1e28a55723058f7ca9cd71374c802 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff Request headers :path /promo/img/web-promo-DE-EUR-1.png?ver=1.1 pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 accept image/webp,image/apng,image/*,*/*;q=0.8 cache-control no-cache :authority www.magicred.com cookie __cfduid=d8881531e0b5869487681b792aaa91f4c1506360067 :scheme https referer https://www.magicred.com/promo/?tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&acsc=90344711&campaign=670406&campaign_id=90344591&click_id=15063600662499489278160591703314777&code=1UTTPE9&customer=100687&destination=1415763&language=n/a&site_id=1591019&tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&traffic_source=295708&zone=1591019 :method GET Referer https://www.magicred.com/promo/?tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&acsc=90344711&campaign=670406&campaign_id=90344591&click_id=15063600662499489278160591703314777&code=1UTTPE9&customer=100687&destination=1415763&language=n/a&site_id=1591019&tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&traffic_source=295708&zone=1591019 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Response headers date Mon, 25 Sep 2017 17:21:07 GMT x-content-type-options nosniff cf-cache-status HIT last-modified Tue, 28 Mar 2017 18:18:20 GMT server cloudflare-nginx etag "17ea-54bce7c0f2e9d" vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=1382400 strict-transport-security max-age=15552000 accept-ranges bytes cf-ray 3a3fa8744c186415-FRA content-length 6122 expires Wed, 11 Oct 2017 17:21:07 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/ Frame 1479	34 KB 14 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:814::200e Google Inc.
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-THFRNV Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:814::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US), Reverse DNS Software Golfe2 / Resource Hash 736b108848c2d0a4a9f0a6c5eaa8c8c192f64611e5146f2378b4e8e05c30411c Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers :path /analytics.js pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 accept */* cache-control no-cache :authority www.google-analytics.com referer https://www.magicred.com/promo/?tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&acsc=90344711&campaign=670406&campaign_id=90344591&click_id=15063600662499489278160591703314777&code=1UTTPE9&customer=100687&destination=1415763&language=n/a&site_id=1591019&tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&traffic_source=295708&zone=1591019 :scheme https :method GET Referer https://www.magicred.com/promo/?tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&acsc=90344711&campaign=670406&campaign_id=90344591&click_id=15063600662499489278160591703314777&code=1UTTPE9&customer=100687&destination=1415763&language=n/a&site_id=1591019&tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&traffic_source=295708&zone=1591019 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Mon, 18 Sep 2017 22:20:10 GMT server Golfe2 age 2541 date Mon, 25 Sep 2017 16:38:46 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="39,38,37,35" content-length 14031 expires Mon, 25 Sep 2017 18:38:46 GMT
GET H2	200	collect www.google-analytics.com/r/ Frame 1479	35 B 53 B	14ms 14ms	Image image/gif	2a00:1450:4001:814::200e Google Inc.
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/r/collect?v=1&_v=j63&a=385872747&t=pageview&_s=1&dl=https%3A%2F%2Fwww.magicred.com%2Fpromo%2F%3Ftid%3Dd4b03vvpNxzLMsb067b9TjZPLmgLs3f%26acsc%3D90344711%26campaign%3D670406%26campaign_id%3D90344591%26click_id%3D15063600662499489278160591703314777%26code%3D1UTTPE9%26customer%3D100687%26destination%3D1415763%26language%3Dn%2Fa%26site_id%3D1591019%26tid%3Dd4b03vvpNxzLMsb067b9TjZPLmgLs3f%26traffic_source%3D295708%26zone%3D1591019&dr=http%3A%2F%2Ftracking.perfecttoolmedia.com%2Frouter%3Fcode%3D1UTTPE9%26traffic_source%3D295708%26campaign_id%3D90344591%26click_id%3D15063600662499489278160591703314777%26language%3Dn%2Fa%26site_id%3D1591019%26zone%3D1591019%26acsc%3D90344711&ul=en-us&de=UTF-8&dt=MagicRed.com%20-%20Online%20casino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABI~&jid=274366671&gjid=1655121907&cid=1821378625.1506360067&tid=UA-86838331-1&_gid=1349532253.1506360067&_r=1&gtm=GTM-THFRNV&z=2139611489 Requested by Host: www.magicred.com URL: https://www.magicred.com/promo/?tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&acsc=90344711&campaign=670406&campaign_id=90344591&click_id=15063600662499489278160591703314777&code=1UTTPE9&customer=100687&destination=1415763&language=n/a&site_id=1591019&tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&traffic_source=295708&zone=1591019 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:814::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers :path /r/collect?v=1&_v=j63&a=385872747&t=pageview&_s=1&dl=https%3A%2F%2Fwww.magicred.com%2Fpromo%2F%3Ftid%3Dd4b03vvpNxzLMsb067b9TjZPLmgLs3f%26acsc%3D90344711%26campaign%3D670406%26campaign_id%3D90344591%26click_id%3D15063600662499489278160591703314777%26code%3D1UTTPE9%26customer%3D100687%26destination%3D1415763%26language%3Dn%2Fa%26site_id%3D1591019%26tid%3Dd4b03vvpNxzLMsb067b9TjZPLmgLs3f%26traffic_source%3D295708%26zone%3D1591019&dr=http%3A%2F%2Ftracking.perfecttoolmedia.com%2Frouter%3Fcode%3D1UTTPE9%26traffic_source%3D295708%26campaign_id%3D90344591%26click_id%3D15063600662499489278160591703314777%26language%3Dn%2Fa%26site_id%3D1591019%26zone%3D1591019%26acsc%3D90344711&ul=en-us&de=UTF-8&dt=MagicRed.com%20-%20Online%20casino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABI~&jid=274366671&gjid=1655121907&cid=1821378625.1506360067&tid=UA-86838331-1&_gid=1349532253.1506360067&_r=1&gtm=GTM-THFRNV&z=2139611489 pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 accept image/webp,image/apng,image/*,*/*;q=0.8 cache-control no-cache :authority www.google-analytics.com referer https://www.magicred.com/promo/?tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&acsc=90344711&campaign=670406&campaign_id=90344591&click_id=15063600662499489278160591703314777&code=1UTTPE9&customer=100687&destination=1415763&language=n/a&site_id=1591019&tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&traffic_source=295708&zone=1591019 :scheme https :method GET Referer https://www.magicred.com/promo/?tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&acsc=90344711&campaign=670406&campaign_id=90344591&click_id=15063600662499489278160591703314777&code=1UTTPE9&customer=100687&destination=1415763&language=n/a&site_id=1591019&tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&traffic_source=295708&zone=1591019 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Response headers pragma no-cache date Mon, 25 Sep 2017 17:21:07 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate alt-svc quic=":443"; ma=2592000; v="39,38,37,35" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	web-promo-DE-EUR-2.png www.magicred.com/promo/img/ Frame 1479	5 KB 5 KB	8ms 8ms	Image image/png	2400:cb00:2048:1::681b:a6ae CloudFlare
General Check archive.org Show headers Download Go to Show image Full URL https://www.magicred.com/promo/img/web-promo-DE-EUR-2.png?ver=1.1 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2400:cb00:2048:1::681b:a6ae , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US), Reverse DNS Software cloudflare-nginx / Resource Hash b35da4c02f67a2089abd9e857226b8b3eb1d843e14caa6437bc7264f5ee90338 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff Request headers :path /promo/img/web-promo-DE-EUR-2.png?ver=1.1 pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 accept image/webp,image/apng,image/*,*/*;q=0.8 cache-control no-cache :authority www.magicred.com cookie __cfduid=d8881531e0b5869487681b792aaa91f4c1506360067; ar=; par=-cW_fFRpXONVDQsR8vgoqWNd7ZgqdRLk; _ga=GA1.2.1821378625.1506360067; _gid=GA1.2.1349532253.1506360067; _gat_UA-86838331-1=1 :scheme https referer https://www.magicred.com/promo/?tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&acsc=90344711&campaign=670406&campaign_id=90344591&click_id=15063600662499489278160591703314777&code=1UTTPE9&customer=100687&destination=1415763&language=n/a&site_id=1591019&tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&traffic_source=295708&zone=1591019 :method GET Referer https://www.magicred.com/promo/?tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&acsc=90344711&campaign=670406&campaign_id=90344591&click_id=15063600662499489278160591703314777&code=1UTTPE9&customer=100687&destination=1415763&language=n/a&site_id=1591019&tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&traffic_source=295708&zone=1591019 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Response headers date Mon, 25 Sep 2017 17:21:11 GMT x-content-type-options nosniff cf-cache-status HIT last-modified Tue, 28 Mar 2017 18:18:20 GMT server cloudflare-nginx etag "1229-54bce7c0f2e9d" vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=1382400 strict-transport-security max-age=15552000 accept-ranges bytes cf-ray 3a3fa88d6efc6415-FRA content-length 4649 expires Wed, 11 Oct 2017 17:21:11 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.buzzonclick.com

URL

https://www.buzzonclick.com/script/preurl.php?r=1591019

Domain

tracking.perfecttoolmedia.com

URL

http://tracking.perfecttoolmedia.com/router?code=1UTTPE9&traffic_source=295708&campaign_id=90344591&click_id=15063600662499489278160591703314777&language=n/a&site_id=1591019&zone=1591019&acsc=90344711

Domain

www.magicred.com

URL

https://www.magicred.com/promo/?tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&acsc=90344711&campaign=670406&campaign_id=90344591&click_id=15063600662499489278160591703314777&code=1UTTPE9&customer=100687&destination=1415763&language=n/a&site_id=1591019&tid=d4b03vvpNxzLMsb067b9TjZPLmgLs3f&traffic_source=295708&zone=1591019

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.magicred.com/	2017-09-25 17:22:07	Name: _gat_UA-86838331-1 Value: 1
			.magicred.com/	2019-09-25 17:21:07	Name: _ga Value: GA1.2.1821378625.1506360067
			.magicred.com/	2017-11-24 17:21:07	Name: par Value: -cW_fFRpXONVDQsR8vgoqWNd7ZgqdRLk
			.magicred.com/	2017-09-26 17:21:07	Name: _gid Value: GA1.2.1349532253.1506360067
			.magicred.com/	2017-11-24 17:21:07	Name: ar Value:
			.magicred.com/	2018-09-25 17:21:07	Name: __cfduid Value: d8881531e0b5869487681b792aaa91f4c1506360067

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
tracking.perfecttoolmedia.com
www.buzzonclick.com
www.google-analytics.com
www.googletagmanager.com
www.linkbucks.com
www.magicred.com
tracking.perfecttoolmedia.com
www.buzzonclick.com
www.magicred.com
104.197.46.226
104.20.12.25
2400:cb00:2048:1::681b:a6ae
2a00:1450:4001:814::2008
2a00:1450:4001:814::200e
2a00:1450:4001:824::200a
52.208.116.243
0fb150f91c6d9aeb01c455fc192b7cbb197222169a4b01727d7e0d3e67e1ad54
1f6616b52977435fc56190f3f4dcfd75a2b30ed19f379056b3b63918eb5ede95
3779437e2724544a9f8bcfdbaf8ec10425e6b14308d338b4ad6104e7ad6091db
46a67c91042bd9f16bfc08fb336b05bc8541e6659451b85686454841713ed1ea
5f39dcf5ecafad7c4e1b6de6b84a5e3e72a165c375059f1c68b68b4b17afd5df
6c0ca4da35249f73f320b6cca3a0d345fda9356883173e746e1d39eace7931aa
736b108848c2d0a4a9f0a6c5eaa8c8c192f64611e5146f2378b4e8e05c30411c
80077c005c7dc4943159b73725984826b4eeed5f452268812b9007a859fbff3e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84143601dc64bea768cb70e8ecefb074d42579cd75e226bc2637a13a30b90be3
90bb7b964e8aee4f0caf5b45ccd36d2fb7057a46bbb6fccf0439912764015b4f
9a86c49f3012dc04a840304b172a2129de2c8fb00a42d49f087dd8cd98e23b08
9e0aedee758f1bb6566db87ca2fadafa56d1e28a55723058f7ca9cd71374c802
ac7e5e2f553bc944caa19ef20d310a3eb7f65814b31b6976618b33639365cf7f
ad29ef003ec8d006754dc1c784e1da2377381324abba14ed43938b4f410ffbbc
b35da4c02f67a2089abd9e857226b8b3eb1d843e14caa6437bc7264f5ee90338
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4