eu.redmagic.gg Open in urlscan Pro
23.227.38.74 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://redmagic.gg/
Effective URL:
https://eu.redmagic.gg/
Submission: On October 24 via manual (October 24th 2022, 9:23:24 am UTC) from FR — Scanned from NL

Summary HTTP 163 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 78 IPs in 11 countries across 61 domains to perform 163 HTTP transactions. The main IP is 23.227.38.74, located in Ottawa, Canada and belongs to CLOUDFLARENET, US. The main domain is eu.redmagic.gg.
TLS certificate: Issued by R3 on September 30th 2022. Valid for: 3 months.

This is the only time eu.redmagic.gg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 10	23.227.38.74 23.227.38.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700:20:... 2606:4700:20::681a:6d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	162.159.135.68 162.159.135.68	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.121.7 13.32.121.7	16509 (AMAZON-02) (AMAZON-02)
2	143.204.89.36 143.204.89.36	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:ed4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	162.159.130.71 162.159.130.71	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	108.138.7.31 108.138.7.31	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	185.26.99.247 185.26.99.247	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	52.222.214.79 52.222.214.79	16509 (AMAZON-02) (AMAZON-02)
1	13.224.189.10 13.224.189.10	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::396	54113 (FASTLY) (FASTLY)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
1	178.250.0.147 178.250.0.147	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	52.17.231.22 52.17.231.22	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.110 18.66.112.110	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
4 5	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:49::45 2620:1ec:49::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.1.140 151.101.1.140	54113 (FASTLY) (FASTLY)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	18.185.191.84 18.185.191.84	16509 (AMAZON-02) (AMAZON-02)
1	184.24.2.119 184.24.2.119	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	2600:9000:225... 2600:9000:225e:be00:f:8ce2:fb80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	104.16.226.72 104.16.226.72	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	107.22.52.107 107.22.52.107	14618 (AMAZON-AES) (AMAZON-AES)
1	144.217.255.176 144.217.255.176	16276 (OVH) (OVH)
1	2606:4700:303... 2606:4700:3032::6815:1586	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:224... 2600:9000:2240:3800:7:6365:89c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 3	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2620:100:a001... 2620:100:a001::17	19750 (AS-CRITEO) (AS-CRITEO)
3	20.96.88.162 20.96.88.162	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	52.73.81.232 52.73.81.232	14618 (AMAZON-AES) (AMAZON-AES)
1	52.205.170.131 52.205.170.131	14618 (AMAZON-AES) (AMAZON-AES)
1 2	18.193.243.10 18.193.243.10	16509 (AMAZON-02) (AMAZON-02)
1 1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2 2	185.83.142.19 185.83.142.19	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 2	54.76.243.127 54.76.243.127	16509 (AMAZON-02) (AMAZON-02)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.198.129.196 18.198.129.196	16509 (AMAZON-02) (AMAZON-02)
1	64.202.112.63 64.202.112.63	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	18.198.155.96 18.198.155.96	16509 (AMAZON-02) (AMAZON-02)
1	185.86.137.133 185.86.137.133	201081 (SMARTADSE...) (SMARTADSERVER)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	104.75.89.75 104.75.89.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	37.157.2.234 37.157.2.234	198622 (ADFORM) (ADFORM)
1	185.255.84.153 185.255.84.153	200271 (IGUANE-) (IGUANE-)
1 2	54.229.34.254 54.229.34.254	16509 (AMAZON-02) (AMAZON-02)
1	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:1f18:612... 2600:1f18:612b:4264:66bb:59e8:78b3:92f5	14618 (AMAZON-AES) (AMAZON-AES)
1	184.24.4.64 184.24.4.64	16625 (AKAMAI-AS) (AKAMAI-AS)
1	99.80.140.177 99.80.140.177	16509 (AMAZON-02) (AMAZON-02)
2	108.138.36.81 108.138.36.81	16509 (AMAZON-02) (AMAZON-02)
2	3.213.5.165 3.213.5.165	14618 (AMAZON-AES) (AMAZON-AES)
1	52.48.197.119 52.48.197.119	16509 (AMAZON-02) (AMAZON-02)
1	3.143.128.248 3.143.128.248	16509 (AMAZON-02) (AMAZON-02)
163	78

1 188.114.97.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

redmagic.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 23.227.38.74 (Ottawa, Canada) 1 redirects

ASN13335 (CLOUDFLARENET, US)

eu.redmagic.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:6d (United States)

ASN13335 (CLOUDFLARENET, US)

www.artfut.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 162.159.135.68 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

cdn.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-7.fra60.r.cloudfront.net

script.tapfiliate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.89.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-36.fra50.r.cloudfront.net

statics.a8.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:ed4 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.lenmit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 162.159.130.71 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

monorail-edge.shopifysvc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.7.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-31.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.26.99.247 (Frankfurt am Main, Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: dsde430-2.fornex.org

z.lenmit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-79.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-10.fra2.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.147 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.231.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-231-22.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-110.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:1::13 (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:49::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.185.191.84 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-191-84.eu-central-1.compute.amazonaws.com

manychat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget.manychat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.24.2.119 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-2-119.deploy.static.akamaitechnologies.com

chimpstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

cdn.judge.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:be00:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.226.72 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

static.shareasale.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.22.52.107 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-52-107.compute-1.amazonaws.com

rudder-tracking.rudderstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 144.217.255.176 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: us1.omegacommerce.com

feed.omegacommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:1586 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.langshop.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2240:3800:7:6365:89c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.pushowl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:800e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

socialplugin.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::17 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.96.88.162 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

k.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.73.81.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-81-232.compute-1.amazonaws.com

api.pushowl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.205.170.131 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-170-131.compute-1.amazonaws.com

usafp.tongdun.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.193.243.10 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-243-10.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.83.142.19 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.243.127 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-243-127.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.129.196 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-129-196.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.63 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.155.96 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-155-96.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.133 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.89.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.153 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.34.254 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-34-254.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:66bb:59e8:78b3:92f5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.24.4.64 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-4-64.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.140.177 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-140-177.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.36.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-81.muc50.r.cloudfront.net

api.rudderstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.213.5.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-5-165.compute-1.amazonaws.com

fstlnlevamfhl.dataplane.rudderstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.197.119 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-197-119.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.143.128.248 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-143-128-248.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	shopify.com cdn.shopify.com — Cisco Umbrella Rank: 2183	758 KB
11	criteo.com 5 redirects dynamic.criteo.com — Cisco Umbrella Rank: 4383 gum.criteo.com — Cisco Umbrella Rank: 425 mug.criteo.com — Cisco Umbrella Rank: 2786 sslwidget.criteo.com — Cisco Umbrella Rank: 1809 widget.us.criteo.com — Cisco Umbrella Rank: 18985 dis.criteo.com — Cisco Umbrella Rank: 679	28 KB
11	redmagic.gg 2 redirects redmagic.gg — Cisco Umbrella Rank: 810024 eu.redmagic.gg	100 KB
7	pushowl.com cdn.pushowl.com — Cisco Umbrella Rank: 17123 api.pushowl.com — Cisco Umbrella Rank: 37167	40 KB
7	manychat.com manychat.com — Cisco Umbrella Rank: 36957 widget.manychat.com — Cisco Umbrella Rank: 41709	236 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 565 c.clarity.ms — Cisco Umbrella Rank: 1062 k.clarity.ms — Cisco Umbrella Rank: 5434	26 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	1 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44 ajax.googleapis.com — Cisco Umbrella Rank: 306	62 KB
5	rudderstack.com rudder-tracking.rudderstack.com — Cisco Umbrella Rank: 389826 api.rudderstack.com — Cisco Umbrella Rank: 351445 fstlnlevamfhl.dataplane.rudderstack.com	141 KB
5	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 619 script.hotjar.com — Cisco Umbrella Rank: 789 vars.hotjar.com — Cisco Umbrella Rank: 916 in.hotjar.com — Cisco Umbrella Rank: 1656	72 KB
5	shopifysvc.com monorail-edge.shopifysvc.com — Cisco Umbrella Rank: 2855	861 B
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 379 c.bing.com — Cisco Umbrella Rank: 236	14 KB
4	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 stats.g.doubleclick.net — Cisco Umbrella Rank: 84 cm.g.doubleclick.net — Cisco Umbrella Rank: 215	3 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	65 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151 socialplugin.facebook.net — Cisco Umbrella Rank: 12092	201 KB
4	gstatic.com fonts.gstatic.com	67 KB
3	google.nl www.google.nl — Cisco Umbrella Rank: 8898	762 B
3	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 5017	957 B
3	artfut.com www.artfut.com — Cisco Umbrella Rank: 28446	17 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 214	2 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 294	509 B
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 681	853 B
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1351	2 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 232	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 303	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	181 KB
2	lenmit.com cdn.lenmit.com — Cisco Umbrella Rank: 160234 z.lenmit.com — Cisco Umbrella Rank: 63418	3 KB
2	a8.net statics.a8.net — Cisco Umbrella Rank: 141034	12 KB
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 1506	268 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 528	338 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2114	220 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4441	360 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2159	183 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 2682	274 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 471	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 1104	235 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1496	162 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 373	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1698	172 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1296	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 640	163 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 554	35 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 347	239 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 706	225 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 832	145 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1259	885 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 570	787 B
1	tongdun.net usafp.tongdun.net	1 KB
1	langshop.app cdn.langshop.app — Cisco Umbrella Rank: 121700	37 KB
1	omegacommerce.com feed.omegacommerce.com — Cisco Umbrella Rank: 135715	712 B
1	shareasale.com static.shareasale.com — Cisco Umbrella Rank: 25349	650 B
1	dwin1.com www.dwin1.com — Cisco Umbrella Rank: 4038	9 KB
1	judge.me cdn.judge.me — Cisco Umbrella Rank: 13249	423 B
1	chimpstatic.com chimpstatic.com — Cisco Umbrella Rank: 5208	4 KB
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1567	157 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 547	392 B
1	t.co t.co — Cisco Umbrella Rank: 483	377 B
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2195	259 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 624	15 KB
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1457	8 KB
1	tapfiliate.com script.tapfiliate.com — Cisco Umbrella Rank: 30698	4 KB
163	61

	Domain	Requested by
28	cdn.shopify.com	eu.redmagic.gg cdn.shopify.com
10	eu.redmagic.gg	1 redirects cdn.shopify.com
6	manychat.com	eu.redmagic.gg manychat.com cdn.shopify.com
6	www.facebook.com	eu.redmagic.gg cdn.shopify.com
5	gum.criteo.com	4 redirects dynamic.criteo.com
5	monorail-edge.shopifysvc.com	cdn.shopify.com
4	api.pushowl.com	cdn.shopify.com
4	www.google-analytics.com	cdn.shopify.com www.google-analytics.com eu.redmagic.gg
4	fonts.gstatic.com	fonts.googleapis.com
4	fonts.googleapis.com	eu.redmagic.gg cdn.shopify.com manychat.com
3	k.clarity.ms	cdn.shopify.com
3	cdn.pushowl.com	eu.redmagic.gg cdn.shopify.com
3	www.google.nl	eu.redmagic.gg
3	bat.bing.com	www.googletagmanager.com bat.bing.com eu.redmagic.gg
3	connect.facebook.net	eu.redmagic.gg cdn.shopify.com connect.facebook.net
3	www.artfut.com	eu.redmagic.gg www.artfut.com
2	fstlnlevamfhl.dataplane.rudderstack.com	cdn.shopify.com
2	api.rudderstack.com	cdn.shopify.com
2	dpm.demdex.net	1 redirects
2	ups.analytics.yahoo.com	1 redirects
2	ad.360yield.com	1 redirects
2	r.casalemedia.com	1 redirects
2	ib.adnxs.com	2 redirects
2	dis.criteo.com
2	x.bidswitch.net	1 redirects
2	c.clarity.ms	1 redirects
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	stats.g.doubleclick.net	cdn.shopify.com www.googletagmanager.com
2	www.google.com	eu.redmagic.gg
2	www.googletagmanager.com	eu.redmagic.gg www.googletagmanager.com
2	static.hotjar.com	eu.redmagic.gg www.googletagmanager.com
2	statics.a8.net	eu.redmagic.gg
2	ajax.googleapis.com	eu.redmagic.gg rudder-tracking.rudderstack.com
1	s.thebrighttag.com
1	beacon.krxd.net
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	criteo-partners.tremorhub.com
1	matching.ivitrack.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	exchange.mediavine.com
1	contextual.media.net
1	cm.g.doubleclick.net	1 redirects
1	widget.manychat.com	cdn.shopify.com
1	usafp.tongdun.net	eu.redmagic.gg
1	widget.us.criteo.com
1	sslwidget.criteo.com	1 redirects
1	c.bing.com	1 redirects
1	socialplugin.facebook.net	cdn.shopify.com
1	cdn.langshop.app	eu.redmagic.gg
1	feed.omegacommerce.com	eu.redmagic.gg
1	rudder-tracking.rudderstack.com	eu.redmagic.gg
1	static.shareasale.com	eu.redmagic.gg
1	www.dwin1.com	eu.redmagic.gg
1	cdn.judge.me	eu.redmagic.gg
1	chimpstatic.com	eu.redmagic.gg
1	mug.criteo.com	eu.redmagic.gg
1	alb.reddit.com	eu.redmagic.gg
1	region1.analytics.google.com	www.googletagmanager.com
1	analytics.twitter.com	eu.redmagic.gg
1	t.co	eu.redmagic.gg
1	vc.hotjar.io	cdn.shopify.com
1	in.hotjar.com	cdn.shopify.com
1	dynamic.criteo.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	www.redditstatic.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	z.lenmit.com	cdn.lenmit.com
1	cdn.lenmit.com	eu.redmagic.gg
1	script.tapfiliate.com	eu.redmagic.gg
1	redmagic.gg	1 redirects
163	83

This site contains links to these domains. Also see Links.

Domain
help.redmagic.gg
red-magic.connect.studentbeans.com
www.facebook.com
www.instagram.com
twitter.com
www.youtube.com
www.tiktok.com

Subject Issuer	Validity	Valid
eu.redmagic.gg R3	`2022-09-30` - `2022-12-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-07-02` - `2023-07-02`	a year	crt.sh
cdn.shopify.com R3	`2022-09-16` - `2022-12-15`	3 months	crt.sh
tapfiliate.com Amazon	`2021-11-22` - `2022-12-21`	a year	crt.sh
*.a8.net GlobalSign GCC R3 DV TLS CA 2020	`2022-05-27` - `2023-06-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-02` - `2022-10-31`	3 months	crt.sh
monorail-edge.shopifysvc.com R3	`2022-09-24` - `2022-12-23`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
z.lenmit.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-23` - `2023-06-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-03` - `2022-12-30`	6 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-09-03` - `2023-03-03`	6 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
*.hotjar.io Amazon	`2022-07-18` - `2023-08-16`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-12-13` - `2022-12-12`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-01` - `2023-10-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-03` - `2022-12-30`	6 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
manychat.com Sectigo ECC Domain Validation Secure Server CA	`2022-05-30` - `2023-06-29`	a year	crt.sh
wildcardsan.us15.list-manage.com DigiCert SHA2 Secure Server CA	`2021-11-19` - `2022-11-19`	a year	crt.sh
cdn.judge.me R3	`2022-10-09` - `2023-01-07`	3 months	crt.sh
*.dwin1.com Amazon	`2021-11-19` - `2022-12-17`	a year	crt.sh
*.rudderstack.com Amazon	`2021-12-25` - `2023-01-22`	a year	crt.sh
*.omegacommerce.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-22` - `2023-08-01`	a year	crt.sh
*.langshop.app E1	`2022-10-15` - `2023-01-13`	3 months	crt.sh
ik.imagekit.io R3	`2022-08-31` - `2022-11-29`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
pushowl.com Amazon	`2021-12-20` - `2023-01-17`	a year	crt.sh
*.tongdun.cn GlobalSign RSA OV SSL CA 2018	`2022-08-08` - `2023-09-09`	a year	crt.sh
widget.manychat.com Sectigo ECC Domain Validation Secure Server CA	`2022-04-09` - `2023-05-10`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
exchange.mediavine.com Amazon	`2022-07-06` - `2023-08-04`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2021-10-24` - `2022-11-24`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
teads.tv R3	`2022-08-17` - `2022-11-15`	3 months	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
itm.ivitrack.com R3	`2022-10-06` - `2023-01-04`	3 months	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2022-01-14` - `2023-01-13`	a year	crt.sh
*.ads.yieldmo.com Amazon	`2022-06-02` - `2023-07-01`	a year	crt.sh
*.dataplane.rudderstack.com Amazon	`2022-01-12` - `2023-02-10`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://eu.redmagic.gg/
Frame ID: C8B6BBFEFF059A57A5E441BFFD92EDA8
Requests: 129 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-c1417f7b48595d0dbca01c86f95d6dbb.html
Frame ID: 1379D4628911561848DE460B655156E2
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=eu.redmagic.gg&origin=onetag
Frame ID: 61AB4F0AA110D74A311A52AC82F1E8C2
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 12F2B67BB60FD7FF260291DE65B1E6F0
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-1lH1rR2xx5TlxHWaVwjOU7Nz6CuK13mUnl8byg&expires=30
Frame ID: D2502E0A41CE5C05D73E581176B2524B
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

REDMAGIC (Europe) - REDMAGIC 7 Series Gaming Smartphone – RedMagic Accountsecure-shoppingdayswarranty-serviceVisaMastercardAmerican ExpressDiscoverJCBDiners ClubMaestroPayPalApple PayGoogle PayfacebookinstagramtwitteryoutubetiktokShapecheckmark-outlinecloseAbout RedMagic

Page URL History Show full URLs

http://redmagic.gg/ HTTP 302
http://eu.redmagic.gg/ HTTP 301
https://eu.redmagic.gg/ Page URL

Detected technologies

Shopify (Ecommerce) Expand

Overall confidence: 25%
Detected patterns

<link[^>]+=['"]//cdn\.shopify\.com

AWIN (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

dwin1\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

MailChimp (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

chimpstatic\.com/mcjs-connected

ManyChat (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

widget\.manychat\.com

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

PushOwl (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.pushowl\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

163
Requests

91 %
HTTPS

31 %
IPv6

61
Domains

83
Subdomains

78
IPs

11
Countries

2115 kB
Transfer

6174 kB
Size

85
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://help.redmagic.gg/hc/en-us
Title: Support

Search URL Search Domain Scan URL

URL: https://red-magic.connect.studentbeans.com/uk
Title: Student Discount

Search URL Search Domain Scan URL

URL: https://help.redmagic.gg/hc/en-us/categories/360001965752-FAQs
Title: FAQs

Search URL Search Domain Scan URL

URL: https://help.redmagic.gg/hc/en-us/sections/360005986031-Global-ROMs-and-Updates
Title: Software Updates

Search URL Search Domain Scan URL

URL: https://www.facebook.com/redmagicgaming
Title: facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/redmagicgaming/
Title: instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/redmagicgaming
Title: twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCqX5t6irpHLRUBqf_0hKAvg
Title: youtube

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@redmagicglobal?lang=en
Title: tiktok

Search URL Search Domain Scan URL

URL: https://red-magic.connect.studentbeans.com/fr
Title: France

Search URL Search Domain Scan URL

URL: https://red-magic.connect.studentbeans.com/de
Title: Germany

Search URL Search Domain Scan URL

URL: https://red-magic.connect.studentbeans.com/it
Title: Italy

Search URL Search Domain Scan URL

URL: https://red-magic.connect.studentbeans.com/es
Title: Spain

Search URL Search Domain Scan URL

URL: https://red-magic.connect.studentbeans.com/us
Title: United States

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://redmagic.gg/ HTTP 302
http://eu.redmagic.gg/ HTTP 301
https://eu.redmagic.gg/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 87

https://gum.criteo.com/sid/json?origin=onetag&domain=redmagic.gg&sn=ChromeSyncframe&so=0&topUrl=eu.redmagic.gg&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=HsgEynxwVHZMTWhIaVFhaWc3emNpcWJSRGJhcnhaSXVOTFN6bFdNOVFxZEI1d0dqNWVaMDlBNVJuRzNDOGd5NDRjNHlKa2V2STRna3dhUm1ReFQ0a3p6d1VmOVRGQjBPS1orS0RsOXNpQWVTZGVucFovWWhSNisyOWU3NTVTWUpJVWVheWZoSUx3dy9hd3JPTXNrRGlWMldiYTFUcXJGcHBTOTBkeWpkSzM1WGhyVXJYN0c3QVNpSm5RT0VpSjMrMUN5Ujl0ckpJRGRmWlZjcDAwZ3B5SVBpWmNVN3ZUTjBZQXNKTUJzTElCMko4UlRLOHVqNGdXam0xRzQ3WG90OFdBazJhVUI2RW9mMldjSWhmR0FPOXVCaWk1dz09fA&cppv=2

Request Chain 104

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=B6F02196ECF84084963B171B1ED2D3F3&RedC=c.clarity.ms&MXFR=35E187E87EDD62A30F6F95AF7ADD6CBB HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=B6F02196ECF84084963B171B1ED2D3F3&MUID=2E80D374D7F86C6B0B17C133D6386D19

Request Chain 105

https://sslwidget.criteo.com/event?a=95521&v=5.12.1&p0=e%3Dce%26m%3D%255B%255D%26h%3Dnone&p1=e%3Dexd%26z%3D%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.2.0&p3=e%3Ddis&adce=1&bundle=Q4E5cV9YaW4wUUt4S2NFa3VpT292MzZZalBUWnd0M2d1VVVNM1RFcmZFaDJ0WnNpWmxrdklhdTNQSEw5MzYyTERWUWRzbXl0S25rVGNwJTJGJTJCNVhxWFZTdmdqU2JpZmpWa1lBQkZEa3VPRDV0M2lNVGZTS1pJWHNyVFp0UmZCQWtCRTVIeiUyQnpuaTJuUmI4U0RacGVjMG8weGJYOXclM0QlM0Q&tld=redmagic.gg&dy=1&fu=https%253A%252F%252Feu.redmagic.gg%252F&dtycbr=27078 HTTP 302
https://widget.us.criteo.com/event?a=95521&v=5.12.1&p0=e%3Dce%26m%3D%255B%255D%26h%3Dnone&p1=e%3Dexd%26z%3D%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.2.0&p3=e%3Ddis&adce=1&bundle=Q4E5cV9YaW4wUUt4S2NFa3VpT292MzZZalBUWnd0M2d1VVVNM1RFcmZFaDJ0WnNpWmxrdklhdTNQSEw5MzYyTERWUWRzbXl0S25rVGNwJTJGJTJCNVhxWFZTdmdqU2JpZmpWa1lBQkZEa3VPRDV0M2lNVGZTS1pJWHNyVFp0UmZCQWtCRTVIeiUyQnpuaTJuUmI4U0RacGVjMG8weGJYOXclM0QlM0Q&tld=redmagic.gg&dy=1&fu=https%253A%252F%252Feu.redmagic.gg%252F&dtycbr=27078

Request Chain 128

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-1lH1rR2xx5TlxHWaVwjOU7Nz6CuK13mUnl8byg&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-1lH1rR2xx5TlxHWaVwjOU7Nz6CuK13mUnl8byg&expires=30

Request Chain 129

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-XFFPtx2xx5TlxHWaVwjOU7Nz6Csz71h1q45ksg&google_cm&google_hm=ay1YRkZQdHgyeHg1VGx4SFdhVndqT1U3Tno2Q3N6NzFoMXE0NWtzZw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-XFFPtx2xx5TlxHWaVwjOU7Nz6Csz71h1q45ksg&google_gid=CAESEJURkwXhpc-dFkSH3blsMxk&google_cver=1&google_ula=913071,0

Request Chain 130

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8033697424269524293

Request Chain 131

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-g1ZgMx2xx5TlxHWaVwjOU7Nz6CsBxM-YyPcMJg HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-g1ZgMx2xx5TlxHWaVwjOU7Nz6CsBxM-YyPcMJg&C=1

Request Chain 132

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-HfFjrB2xx5TlxHWaVwjOU7Nz6CsWer0CUH9r6g HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-HfFjrB2xx5TlxHWaVwjOU7Nz6CsWer0CUH9r6g

Request Chain 143

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-MVqZbR2xx5TlxHWaVwjOU7Nz6Cv-nIdGNSmW9A HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-MVqZbR2xx5TlxHWaVwjOU7Nz6Cv-nIdGNSmW9A&verify=true

Request Chain 146

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=_bagcjP2s0RIMaWaMEtah6vr29jdYjWq HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=_bagcjP2s0RIMaWaMEtah6vr29jdYjWq

Request Chain 158

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=U2hXC9YtmwalG6yIzXkGsSVMMufsIMmK

Request Chain 159

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=8BGQbmfjCSK1VmlDRRBSlVd12AzIx6FB

163 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
eu.redmagic.gg/
Redirect Chain

http://redmagic.gg/
http://eu.redmagic.gg/
https://eu.redmagic.gg/

205 KB
45 KB

510ms
131ms

Document
text/html

23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://eu.redmagic.gg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b367b67e71f695a3fe13096d2e5b7d52221641f32df30227a9716e88c1fe11a2

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 75f1a71d98eab924-AMS
content-encoding: br
content-language: en
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Mon, 24 Oct 2022 09:23:16 GMT
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
server: cloudflare
server-timing: processing;dur=76, db;dur=9
strict-transport-security: max-age=7889238
vary: Accept
x-alternate-cache-key: cacheable:a3431548b3a850366da7876a0eef1b75
x-cache: hit, server
x-content-type-options: nosniff
x-dc: gcp-europe-west4,europe-west1,gcp-europe-west1
x-download-options: noopen
x-frame-options: DENY
x-permitted-cross-domain-policies: none
x-request-id: 0682d868-c56b-46c9-a454-de71790485e7
x-shardid: 199
x-shopid: 1312358460
x-shopify-stage: production
x-sorting-hat-podid: 199
x-sorting-hat-shopid: 1312358460
x-storefront-renderer-rendered: 1
x-xss-protection: 1; mode=block

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 75f1a71ac9d7b950-AMS
Connection: keep-alive
Content-Security-Policy: frame-ancestors 'none';
Content-Type: text/html; charset=utf-8
Date: Mon, 24 Oct 2022 09:23:16 GMT
Location: https://eu.redmagic.gg/
Server: cloudflare
Server-Timing: processing;dur=13, db;dur=5
Transfer-Encoding: chunked
Vary: Accept
X-Content-Type-Options: nosniff
X-Dc: gcp-europe-west4,europe-west1,gcp-europe-west1
X-Download-Options: noopen
X-Frame-Options: DENY
X-Permitted-Cross-Domain-Policies: none
X-Redirect-Reason: https_required
X-Request-ID: abd982c0-dd73-4019-b7dc-da69fb06d7a0
X-ShardId: 199
X-ShopId: 1312358460
X-Shopify-Stage: production
X-Sorting-Hat-PodId: 199
X-Sorting-Hat-ShopId: 1312358460
X-Storefront-Renderer-Rendered: 1
X-XSS-Protection: 1; mode=block
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 2 KB
543 B 113ms
41ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Monda:400,700&display=swap

Requested by

Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7037e6cfd6d77a4a274818449c2aaff2faa211b6d746334a89573bf5e49239f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 24 Oct 2022 09:23:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 09:23:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Oct 2022 09:23:16 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 112ms
41ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Requested by

Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 24 Oct 2022 09:23:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 07:52:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Oct 2022 09:23:16 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 102ms
31ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 04:12:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18670
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 04:12:06 GMT

GET
H2 200 tagtag.min.js Show response
www.artfut.com/static/ 3 KB
2 KB 178ms
118ms Script
application/javascript 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.artfut.com/static/tagtag.min.js?campaign_code=56637026d8

Requested by

Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6b1300d909d9777dd97614dc1778aaa570ea95e65a9d63958c716f599b8f400

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Mon, 24 Oct 2022 09:23:17 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Mon, 23 May 2022 09:16:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"628b50f0-d05"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VXLaBRCA0PyEfWPtCVR1EZlCUpECJyiGBUdIjPBaXNpIrgT26ZVj9po2UbJzhAmh0dC55GF%2FPa5p4DC5RTQpC94id1vbn50ZOkOaZAZry6CslJfU0%2Bqh07EQgSTT7iq9fVaAzArrbtWA9zOJ"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1200, public
cf-ray: 75f1a71edf010c09-AMS
expires: Mon, 24 Oct 2022 09:43:17 GMT

GET
H2 200 load_feature-ab38017af3cf759db0af0bbd1e75229f6a189f5bf1f2db42169630998b969021.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/storefront/ 10 KB
4 KB 41ms
37ms Script
text/javascript 162.159.135.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-ab38017af3cf759db0af0bbd1e75229f6a189f5bf1f2db42169630998b969021.js

Requested by

Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.68 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab38017af3cf759db0af0bbd1e75229f6a189f5bf1f2db42169630998b969021

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eu.redmagic.gg/
Origin: https://eu.redmagic.gg
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-dc: gcp-us-east1,us-central1
age: 5122858
server-timing: imagery;dur=21.239, imageryFetch;dur=21.078
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 83937987-0a89-4646-9a91-4e7a9e35dd5e
last-modified: Fri, 26 Aug 2022 01:44:11 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-ab38017af3cf759db0af0bbd1e75229f6a189f5bf1f2db42169630998b969021.js>; rel="canonical"
cf-ray: 75f1a71fa8a6b903-AMS

GET
H2 200 features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/storefront/ 37 KB
13 KB 56ms
53ms Script
text/javascript 162.159.135.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js

Requested by

Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.68 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eu.redmagic.gg/
Origin: https://eu.redmagic.gg
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-dc: gcp-us-east1,us-east1
age: 5111920
server-timing: imagery;dur=31.500, imageryFetch;dur=31.327
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 0dd70f7f-3095-4adf-9c12-d49724c3ae5c
last-modified: Fri, 26 Aug 2022 03:53:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js>; rel="canonical"
cf-ray: 75f1a71fa8a9b903-AMS

GET
H2 200 tapfiliate.js Show response
script.tapfiliate.com/ 11 KB
4 KB 141ms
32ms Script
application/javascript 13.32.121.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://script.tapfiliate.com/tapfiliate.js
Requested by: Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-7.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 44798a517a7c8d28c1e371a1b8b869bae1608bd48df7ed50800cbed8703612c1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 07:24:27 GMT
content-encoding: gzip
via: 1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
last-modified: Wed, 12 Oct 2022 12:34:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 7131
etag: W/"ddbb39a9e8e67d5067145f8aa76b938d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 2got_fyHbuYv5AOHg_9UQrVsLCI57iV2AQXgfW-yNU3DmStGBYtrCg==

GET
H2 200 globo.alsobought.min.js Show response
cdn.shopify.com/s/files/1/0013/1235/8460/t/28/assets/ 317 KB
94 KB 70ms
67ms Script
text/javascript 162.159.135.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0013/1235/8460/t/28/assets/globo.alsobought.min.js?v=184120105635697298491651054636

Requested by

Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.68 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d142acfef8da1b404752886698d01217bc13f57c83bea3d8008ee2b638c0c940

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-dc: gcp-us-east1,us-central1
age: 2069922
server-timing: imagery;dur=146.907, imageryFetch;dur=146.715
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: dc7f35c4-2a8c-4b80-a7ce-4589601339e8
last-modified: Fri, 30 Sep 2022 09:47:25 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0013/1235/8460/t/28/assets/globo.alsobought.min.js>; rel="canonical"
cf-ray: 75f1a71faa8fb93c-AMS

GET
H2 200 globo.alsobought.css
cdn.shopify.com/s/files/1/0013/1235/8460/t/28/assets/ 21 KB
5 KB 38ms
38ms Stylesheet
text/css 162.159.135.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0013/1235/8460/t/28/assets/globo.alsobought.css?v=76648346375363260711646912796

Requested by

Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.68 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6dd7454d8e29517c68bdc52eb3595aafeaecdf047169b3b3058edc8aaa1f29f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-dc: gcp-us-east1,us-east1
age: 2070210
server-timing: imagery;dur=64.256, imageryFetch;dur=61.073
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 394a99b0-1a49-41bc-97a9-ce52a084f120
last-modified: Fri, 30 Sep 2022 06:01:22 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0013/1235/8460/t/28/assets/globo.alsobought.css>; rel="canonical"
cf-ray: 75f1a71e7821b93c-AMS

GET
H2 200 home-index.css
cdn.shopify.com/s/files/1/0013/1235/8460/t/28/assets/ 630 KB
100 KB 54ms
53ms Stylesheet
text/css 162.159.135.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0013/1235/8460/t/28/assets/home-index.css?v=50609630634788801841665921155

Requested by

Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.68 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

404bb3c18e084729d8a453c805656c0ac6d4ee0680eebdecbd119adb41e68644

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-dc: gcp-us-east1,us-central1
age: 679469
server-timing: imagery;dur=112.862, imageryFetch;dur=65.281
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 563da2ff-df65-4ca9-8eae-a06d6dd047d9
last-modified: Sun, 16 Oct 2022 11:54:50 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0013/1235/8460/t/28/assets/home-index.css>; rel="canonical"
cf-ray: 75f1a71e9864b93c-AMS

GET
H2 200 blog-carousel-index.css
cdn.shopify.com/s/files/1/0013/1235/8460/t/28/assets/ 286 KB
36 KB 45ms
45ms Stylesheet
text/css 162.159.135.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0013/1235/8460/t/28/assets/blog-carousel-index.css?v=142585173838582680371665921155

Requested by

Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.68 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c58d9a6a27b21a21825f1e28b75b47bd2a97e782bb2e907d1719ed0775b870a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-dc: gcp-us-central1,us-east1
age: 391275
server-timing: imagery;dur=102.385, imageryFetch;dur=65.232
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: f6fced48-e49f-4daa-b5a0-f2fdfe8a2e10
last-modified: Sun, 16 Oct 2022 12:21:35 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0013/1235/8460/t/28/assets/blog-carousel-index.css>; rel="canonical"
cf-ray: 75f1a71e9868b93c-AMS

GET
H2 200 REDMAGIC_7_Pro-Open_Sales_Blog-520x260_400x400.jpg
cdn.shopify.com/s/files/1/0013/1235/8460/articles/ 11 KB
11 KB 47ms
44ms Image
image/avif 162.159.135.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0013/1235/8460/articles/REDMAGIC_7_Pro-Open_Sales_Blog-520x260_400x400.jpg?v=1651215082

Requested by

Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.68 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45997e05e4d2f3b83cd54cedfec7162c55a9c64f660a1025f4468abe3343b98c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-dc: gcp-us-east1,us-central1
age: 2139494
server-timing: imagery;dur=438.495, imageryFetch;dur=48.456, imageryProcess;dur=389.374;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10885
x-xss-protection: 1; mode=block
x-request-id: aaba969d-a4c1-4ef5-a65f-561029e73b8a
last-modified: Fri, 26 Aug 2022 05:10:56 GMT
server: cloudflare
vary: Accept, Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0013/1235/8460/articles/REDMAGIC_7_Pro-Open_Sales_Blog-520x260_400x400.jpg>; rel="canonical"
cf-ray: 75f1a71faa90b93c-AMS

GET
H2 200 Blog-Game_Space-520x260_400x400.jpg
cdn.shopify.com/s/files/1/0013/1235/8460/articles/ 15 KB
15 KB 48ms
46ms Image
image/avif 162.159.135.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0013/1235/8460/articles/Blog-Game_Space-520x260_400x400.jpg?v=1648208654

Requested by

Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.68 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2af7d84324373ac147483647db9a5536005160e4e8bc972316e7f26313ece06d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-dc: gcp-us-east1,us-central1
age: 1557998
server-timing: imagery;dur=473.728, imageryFetch;dur=61.347, imageryProcess;dur=411.844;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15355
x-xss-protection: 1; mode=block
x-request-id: d3ff44ad-3280-4bd3-96cc-d04daea6b133
last-modified: Thu, 25 Aug 2022 22:44:39 GMT
server: cloudflare
vary: Accept, Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0013/1235/8460/articles/Blog-Game_Space-520x260_400x400.jpg>; rel="canonical"
cf-ray: 75f1a71faa93b93c-AMS

GET
H2 200 Blog-Comparison-520x260_400x400.jpg
cdn.shopify.com/s/files/1/0013/1235/8460/articles/ 11 KB
11 KB 42ms
39ms Image
image/avif 162.159.135.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0013/1235/8460/articles/Blog-Comparison-520x260_400x400.jpg?v=1654074275

Requested by

Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.68 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4fd5eabc1dae6f943b1a9a1975d4dd51c7069639eb422de5f6c79da7e5841e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-dc: gcp-us-east1,us-central1
age: 4716015
server-timing: imagery;dur=436.301, imageryFetch;dur=83.458, imageryProcess;dur=351.781;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11434
x-xss-protection: 1; mode=block
x-request-id: f5c58222-4fa6-4440-a21c-0fa9311a1e00
last-modified: Thu, 25 Aug 2022 23:41:27 GMT
server: cloudflare
vary: Accept, Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0013/1235/8460/articles/Blog-Comparison-520x260_400x400.jpg>; rel="canonical"
cf-ray: 75f1a71faa96b93c-AMS

GET
H2 200 REDMAGIC_Studio-520x260_400x400.jpg
cdn.shopify.com/s/files/1/0013/1235/8460/articles/ 15 KB
15 KB 47ms
45ms Image
image/avif 162.159.135.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0013/1235/8460/articles/REDMAGIC_Studio-520x260_400x400.jpg?v=1654598183

Requested by

Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.68 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a7134aabab87904238351f91e822a5021ad0c0872e06691fb24172e57136381

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-dc: gcp-us-east1,us-east1
age: 249042
server-timing: imagery;dur=758.891, imageryFetch;dur=43.385, imageryProcess;dur=714.866;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15159
x-xss-protection: 1; mode=block
x-request-id: cd50cbd8-f30a-47a7-92af-f0d6b85def14
last-modified: Thu, 25 Aug 2022 23:24:07 GMT
server: cloudflare
vary: Accept, Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0013/1235/8460/articles/REDMAGIC_Studio-520x260_400x400.jpg>; rel="canonical"
cf-ray: 75f1a71faa97b93c-AMS

GET
H2 200 REDMAGIC_Wallpapers_400x400.jpg
cdn.shopify.com/s/files/1/0013/1235/8460/articles/ 14 KB
14 KB 43ms
40ms Image
image/avif 162.159.135.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0013/1235/8460/articles/REDMAGIC_Wallpapers_400x400.jpg?v=1655816768

Requested by

Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.68 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e6da53eb83f5a1a41f316900196d17d90eaaac778c4309f86df807d45fcf7a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-dc: gcp-us-east1,us-east1
age: 2139494
server-timing: imagery;dur=622.262, imageryFetch;dur=58.566, imageryProcess;dur=562.690;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13904
x-xss-protection: 1; mode=block
x-request-id: b1264848-7cdb-4029-b5b1-436277e7b9c3
last-modified: Thu, 15 Sep 2022 00:00:09 GMT
server: cloudflare
vary: Accept, Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0013/1235/8460/articles/REDMAGIC_Wallpapers_400x400.jpg>; rel="canonical"
cf-ray: 75f1a71faa98b93c-AMS

GET
H2 200 blog-carousel-index.js Show response
cdn.shopify.com/s/files/1/0013/1235/8460/t/28/assets/ 17 KB
4 KB 41ms
39ms Script
text/javascript 162.159.135.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0013/1235/8460/t/28/assets/blog-carousel-index.js?v=68540957558501699541664451262

Requested by

Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.68 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b7d26f78ff30d6f3b51fbc4d0f2552524fddfa03a3da4bbf5b76a1d86a7148c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-dc: gcp-us-east1,us-east1
age: 2070211
server-timing: imagery;dur=99.301, imageryFetch;dur=94.492
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: ff0b83c7-fb1b-4900-ac1a-9d12d4c53280
last-modified: Fri, 30 Sep 2022 10:04:56 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0013/1235/8460/t/28/assets/blog-carousel-index.js>; rel="canonical"
cf-ray: 75f1a71faa9ab93c-AMS

GET
H2 200 home-index.js Show response
cdn.shopify.com/s/files/1/0013/1235/8460/t/28/assets/ 176 KB
51 KB 53ms
51ms Script
text/javascript 162.159.135.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0013/1235/8460/t/28/assets/home-index.js?v=49533553735763322021664451266

Requested by

Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.68 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1eefac538de89bf8bb22e154cb84cf0b5fd1326d12113b63d30e9a1e2a41ac87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-dc: gcp-us-east1,us-east1
age: 1557998
server-timing: imagery;dur=127.408, imageryFetch;dur=94.588
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 0fc33e9d-ddad-4c56-b8c1-0ecb3aa973a5
last-modified: Fri, 30 Sep 2022 10:04:56 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0013/1235/8460/t/28/assets/home-index.js>; rel="canonical"
cf-ray: 75f1a71faa9bb93c-AMS

GET
H2 200 lazysizes.js Show response
cdn.shopify.com/s/files/1/0013/1235/8460/t/28/assets/ 21 KB
8 KB 43ms
41ms Script
text/javascript 162.159.135.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0013/1235/8460/t/28/assets/lazysizes.js?v=68441465964607740661621418926

Requested by

Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.68 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbc4947c10294821006c9752cf325c1038d3172c533510c0822b0c23282bc4b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-dc: gcp-us-east1,us-east1
age: 2069922
server-timing: imagery;dur=57.463, imageryFetch;dur=52.058
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: b7ab111c-db91-4ab9-8ae4-0b03ea21b955
last-modified: Fri, 30 Sep 2022 10:04:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0013/1235/8460/t/28/assets/lazysizes.js>; rel="canonical"
cf-ray: 75f1a71faa9cb93c-AMS

GET
H2 200 a8sales.js Show response
statics.a8.net/a8sales/ 25 KB
8 KB 188ms
34ms Script
application/javascript 143.204.89.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://statics.a8.net/a8sales/a8sales.js
Requested by: Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-36.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 065c3e514d28dd6161d697b6cc57d0511b5309d2bbf7be85788b6ebfb7267981

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id: GGRLiTYnhoyXhSyMXMaBCuRjMr7YdNzY
content-encoding: gzip
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
date: Sun, 23 Oct 2022 13:52:15 GMT
last-modified: Wed, 07 Jul 2021 02:10:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 70273
etag: W/"29003b45a9ce06b17f5b80d72c2bdb33"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: tcZmSnE_YVlEV-QtzYRJjMdIzagtgSQcnraDkO_KBVsufcRmCxN-2g==

GET
H2 200 a8crossDomain.js Show response
statics.a8.net/a8sales/ 9 KB
4 KB 147ms
35ms Script
application/javascript 143.204.89.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://statics.a8.net/a8sales/a8crossDomain.js
Requested by: Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-36.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 606713e2a08b30b6b17368722dcfb327e6c8cd2649e2c5820e5a9d537becc880

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
date: Mon, 24 Oct 2022 04:16:33 GMT
last-modified: Fri, 05 Apr 2019 09:03:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 18405
etag: W/"9f490e82d6cb4992b47a92b4303892b3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 9fERf7iUXOef76L3Zj2A1yucT_YTBbcvJUBHbPRYUH87_NCxQSHHiA==

GET
H2 200 trekkie.storefront.959f71dbd7e992c48a2a5941c6de2c0cf3fc27c6.min.js Show response
cdn.shopify.com/s/ 78 KB
18 KB 66ms
64ms Script
text/javascript 162.159.135.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/trekkie.storefront.959f71dbd7e992c48a2a5941c6de2c0cf3fc27c6.min.js

Requested by

Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.68 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ac90b1915612b2d290323ec0c20ecdfa541e78cbca8c25db7a71d32fd242257

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-dc: gcp-us-central1,us-central1
age: 308972
server-timing: imagery;dur=65.197, imageryFetch;dur=64.986
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 5d8c0356-e996-4ec4-a257-405cd8196c1b
last-modified: Thu, 20 Oct 2022 19:33:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000
timing-allow-origin: *
link: <https://cdn.shopify.com/s/trekkie.storefront.959f71dbd7e992c48a2a5941c6de2c0cf3fc27c6.min.js>; rel="canonical"
cf-ray: 75f1a71fcacab93c-AMS

GET
H2 200 shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/ 8 KB
3 KB 62ms
60ms Script
text/javascript 162.159.135.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js

Requested by

Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.68 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-dc: gcp-us-east1,us-central1
age: 5123367
server-timing: imagery;dur=22.599, imageryFetch;dur=22.430
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 08b69fc1-ba0b-40f7-a067-ccd68aa642c3
last-modified: Fri, 26 Aug 2022 02:13:50 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js>; rel="canonical"
cf-ray: 75f1a71fcaceb93c-AMS

GET
H2 200 shopify-boomerang-1.0.0.min.js Show response
cdn.shopify.com/shopifycloud/boomerang/ 58 KB
19 KB 43ms
40ms Script
text/javascript 162.159.135.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js

Requested by

Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.68 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d4f19e27ee9a32aa646c33e89666ff5b295cfd9d96cb4a983edb4ae3c011dbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-dc: gcp-us-east1,us-central1
age: 224128
server-timing: imagery;dur=72.954, imageryFetch;dur=66.306
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 757b0671-68e4-4b36-8f0c-9b4805aee7de
last-modified: Fri, 21 Oct 2022 19:07:49 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=3600, must-revalidate
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js>; rel="canonical"
cf-ray: 75f1a71faa8db93c-AMS

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 138ms
30ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://eu.redmagic.gg
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 13:27:29 GMT
x-content-type-options: nosniff
age: 244548
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Oct 2023 13:27:29 GMT

GET
H2 200 browser.js Show response
cdn.shopify.com/shopifycloud/web-pixels-manager/0.0.164/esm/ 31 KB
11 KB 54ms
54ms Script
text/javascript 162.159.135.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/web-pixels-manager/0.0.164/esm/browser.js

Requested by

Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.68 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b34a7582863d7a2d824f3b18a4c4df040fa1a3313720cf9d4370e6670f5146fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eu.redmagic.gg/
Origin: https://eu.redmagic.gg
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-dc: gcp-us-east1,us-east1
age: 907246
server-timing: imagery;dur=19.930, imageryFetch;dur=19.773
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: cb171710-53ba-4f96-92d5-9625254e5979
last-modified: Thu, 13 Oct 2022 21:07:06 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/web-pixels-manager/0.0.164/esm/browser.js>; rel="canonical"
cf-ray: 75f1a71fa8adb903-AMS

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 css2
fonts.googleapis.com/ 408 B
419 B 41ms
41ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Orbitron:wght@600&display=swap

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/0013/1235/8460/t/28/assets/home-index.css?v=50609630634788801841665921155

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

37b4f27bf19fb86a2bf1c1ffc5d7b253fb9720a869908ea82079d4c0aa60d4b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.shopify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 24 Oct 2022 09:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 09:18:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Oct 2022 09:23:17 GMT

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22e859a5c7d07561df58aba864c5c575817994ec08fe96edf769f7167e5ad135

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d074e9f5ff5b030570394f1a829f19057aace9dedb7d04d09c0d282e14c6e5f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 retag.js Show response
cdn.lenmit.com/static/js/ 6 KB
3 KB 102ms
37ms Script
application/javascript 2606:4700:20::681a:ed4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.lenmit.com/static/js/retag.js?r=24
Requested by: Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:ed4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: faa07cc8277b2637e78b1984917145a224dbd8ec28be3f16bdc2fc5df059daec

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Feb 2022 08:26:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 7142
etag: W/"99d34fb0205afe21311da8a5384561d4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ONrQWgwmndKVjbGGPIa500KNqwfa0YYoYSe%2BdDAQOCOBvWgp4OspC32se54abaXJViOpE0H4JFIZexDtmOFByuuF7jUartQsG%2FSykAbgDnLp3KP%2Ff1vmdc2nJ8xoBGp2VrshlnqZfFKryUpc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 75f1a7206cc8b766-AMS
expires: Tue, 25 Oct 2022 07:24:15 GMT

GET
H2 200 xfbml.customerchat.js Show response
connect.facebook.net/en_US/sdk/ 315 KB
89 KB 102ms
36ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js

Requested by

Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0f166b9c6386b6fc4d6b73c6f9861d6178a19beaf18180b9e2e08c13b0fc5877

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 24 Oct 2022 09:23:17 GMT
content-md5: wu8avQTRa4xrVzs0W5ur8Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 90950
x-fb-rlafr: 0
x-fb-debug: Rxo2Eh5UTQfE75rhxJbg2k5UJvYpgAuEssOpe/sxxAz/+WvGAv6UFKQTZgUCzZAWBbUuB15WlCM1JMd2LjsrsA==
x-fb-trip-id: 686109401
x-fb-content-md5: 95ce115c7b6cd2a798a7fa695055fd18
cross-origin-opener-policy: same-origin-allow-popups
etag: "5837395c33ee10ef42d8afc4f8487f87"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 24 Oct 2022 09:28:16 GMT

GET
H3 200 sprites-misc-sprites.png
cdn.shopify.com/s/files/1/0013/1235/8460/t/28/assets/ 19 KB
20 KB 38ms
38ms Image
image/webp 162.159.135.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0013/1235/8460/t/28/assets/sprites-misc-sprites.png?v=163243424019741936231621419065

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/0013/1235/8460/t/28/assets/blog-carousel-index.css?v=142585173838582680371665921155

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.135.68 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb2962eae920b1ce8712642eea20121f0c4dcd0ca0f55c963888c94ec6b405b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.shopify.com/s/files/1/0013/1235/8460/t/28/assets/blog-carousel-index.css?v=142585173838582680371665921155
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-dc: gcp-us-east1,us-east1
age: 2070827
server-timing: imagery;dur=113.868, imageryFetch;dur=70.373, imageryProcess;dur=42.982;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19698
x-xss-protection: 1; mode=block
x-request-id: 9d008e64-02dd-40de-8b49-471267284089
last-modified: Fri, 30 Sep 2022 10:05:49 GMT
server: cloudflare
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0013/1235/8460/t/28/assets/sprites-misc-sprites.png>; rel="canonical"
cf-ray: 75f1a7201a21b791-AMS

GET
H2 200 TK3gWkYFABsmjsLaGw8Eneo.woff2
fonts.gstatic.com/s/monda/v16/ 18 KB
18 KB 107ms
77ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/monda/v16/TK3gWkYFABsmjsLaGw8Eneo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Monda:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9a1d1e6ce35321fcae0d375d7882bc63f86ceb8a94be3948d6aaed013562128

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://eu.redmagic.gg
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 17:53:04 GMT
x-content-type-options: nosniff
age: 487813
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18172
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:27:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Oct 2023 17:53:04 GMT

GET
H2 200 TK3tWkYFABsmjsphPho.woff2
fonts.gstatic.com/s/monda/v16/ 17 KB
17 KB 93ms
63ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/monda/v16/TK3tWkYFABsmjsphPho.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Monda:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28ce23ce073ab795fc6e49485c0ba2a48db59d46fa14f12f486828769280d76e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://eu.redmagic.gg
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 17:50:23 GMT
x-content-type-options: nosniff
age: 487974
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17784
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:27:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Oct 2023 17:50:23 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 67ms
38ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://eu.redmagic.gg
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 578305
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Oct 2023 16:44:52 GMT

GET
H3 200 base-base.woff2
cdn.shopify.com/s/files/1/0013/1235/8460/t/28/assets/ 2 KB
3 KB 33ms
33ms Font
font/woff2 162.159.135.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0013/1235/8460/t/28/assets/base-base.woff2?v=76271977220620974001621417861

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/0013/1235/8460/t/28/assets/home-index.css?v=50609630634788801841665921155

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.135.68 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90db753cd662ca613f41d7a515753a3a3c29350d9caccec85ed67fa8c29c7c15

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.shopify.com/s/files/1/0013/1235/8460/t/28/assets/home-index.css?v=50609630634788801841665921155
Origin: https://eu.redmagic.gg
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-dc: gcp-us-east1,us-east1
age: 2067752
server-timing: imagery;dur=58.374, imageryFetch;dur=58.122
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2300
x-xss-protection: 1; mode=block
x-request-id: 75f4b589-392d-407d-ae35-4e57278bf84d
last-modified: Fri, 30 Sep 2022 10:04:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0013/1235/8460/t/28/assets/base-base.woff2>; rel="canonical"
cf-ray: 75f1a7201d17b754-AMS

GET
H3 200 logo-no-label_50x.png
cdn.shopify.com/s/files/1/0013/1235/8460/t/28/assets/ 2 KB
2 KB 59ms
59ms Image
image/avif 162.159.135.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0013/1235/8460/t/28/assets/logo-no-label_50x.png?v=113793988669875606081621418931

Requested by

Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.135.68 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

167be847bdc2a79ca463b7827b64d35cb59b7cb9fc0f1bba354fb557b3b7488b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-dc: gcp-us-central1,us-central1
age: 142968
source-type: image/png
server-timing: imagery;dur=155.397, imageryFetch;dur=50.354, imageryProcess;dur=103.987;desc="image"
source-length: 12006
content-length: 1692
x-xss-protection: 1; mode=block
x-request-id: 2ac9a53e-961d-42ce-872e-b829def6984d
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 19 Oct 2022 19:39:23 GMT
server: cloudflare
vary: Accept, Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0013/1235/8460/t/28/assets/logo-no-label_50x.png>; rel="canonical"
cf-ray: 75f1a7205a9fb791-AMS

GET
H3 200 REDMAGIC_7S_Pro_Gaming_Smartphone_-_Banner_-_PC_1920x.jpg
cdn.shopify.com/s/files/1/0013/1235/8460/files/ 98 KB
98 KB 35ms
35ms Image
image/webp 162.159.135.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0013/1235/8460/files/REDMAGIC_7S_Pro_Gaming_Smartphone_-_Banner_-_PC_1920x.jpg?v=1660035614

Requested by

Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.135.68 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fffd275f2b69d3f0a5cc883d22aa3de16e90f537b40bf4105a98571d5232ca7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-dc: gcp-us-central1,us-central1
age: 128313
source-type: image/jpeg
server-timing: imagery;dur=852.838, imageryFetch;dur=78.683, imageryProcess;dur=772.609;desc="image"
source-length: 1070967
content-length: 99968
x-xss-protection: 1; mode=block
x-request-id: 426d716c-a64c-44d8-9a68-439ef5a0df53
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Oct 2022 02:10:49 GMT
server: cloudflare
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0013/1235/8460/files/REDMAGIC_7S_Pro_Gaming_Smartphone_-_Banner_-_PC_1920x.jpg>; rel="canonical"
cf-ray: 75f1a7205aa1b791-AMS

GET
H3 200 REDMAGIC_7_Pro-Banner-PC_73243664-3b64-4849-a14f-4ef1133b3a8c_1920x.png
cdn.shopify.com/s/files/1/0013/1235/8460/files/ 71 KB
72 KB 84ms
84ms Image
image/webp 162.159.135.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0013/1235/8460/files/REDMAGIC_7_Pro-Banner-PC_73243664-3b64-4849-a14f-4ef1133b3a8c_1920x.png?v=1651033738

Requested by

Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.135.68 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec3c885acb0bb9b18ea84c2be03870856af8138051e3986ce202f7577522f553

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-dc: gcp-us-central1,us-central1
age: 128313
source-type: image/png
server-timing: imagery;dur=856.526, imageryFetch;dur=88.298, imageryProcess;dur=767.123;desc="image"
source-length: 1341043
content-length: 72748
x-xss-protection: 1; mode=block
x-request-id: 2a2b245c-1b3e-43b0-affa-a1152815088f
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 19 Oct 2022 02:32:20 GMT
server: cloudflare
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0013/1235/8460/files/REDMAGIC_7_Pro-Banner-PC_73243664-3b64-4849-a14f-4ef1133b3a8c_1920x.png>; rel="canonical"
cf-ray: 75f1a7205aa2b791-AMS

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
90 B 241ms
173ms Ping
text/plain 162.159.130.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.959f71dbd7e992c48a2a5941c6de2c0cf3fc27c6.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.130.71 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eu.redmagic.gg/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 24 Oct 2022 09:23:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-dc: gcp-us-east1,us-central1
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://eu.redmagic.gg
access-control-allow-credentials: true
cf-ray: 75f1a720e802b764-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: 3854b52b-5f5d-4e7f-96bb-382fcbd7a966

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 102 KB
27 KB 85ms
85ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.959f71dbd7e992c48a2a5941c6de2c0cf3fc27c6.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f8486cf55c57486f26236be045e02ada380d1ee0378008375cf54295c23954c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 24 Oct 2022 09:23:17 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27027
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: q4vIPGGMrC4EFkKlKzo7/kFy131PssEPBqmMKJ2Dpj/mD48a67X/B9s2Zk2o6AgyV+lx4WpzscRKIme+IELK9w==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 103ms
30ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.959f71dbd7e992c48a2a5941c6de2c0cf3fc27c6.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 24 Oct 2022 09:01:59 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1278
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 24 Oct 2022 11:01:59 GMT

GET
H2 200 hotjar-2975253.js Show response
static.hotjar.com/c/ 4 KB
2 KB 139ms
34ms Script
application/javascript 108.138.7.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2975253.js?sv=6

Requested by

Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-31.fra56.r.cloudfront.net

Software

Resource Hash

be0fe87e4c742c12286fb3d9d161a9918fa9279b57c678f102f8f1160bfd37dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:22:33 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 44
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/a2827b26a09a6835ce5404dba56e4596
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
x-amz-cf-id: e9gU7gFn7zs9XHFXg-f1Qsoe5yIdDaYNXgT113kXuCW0TnXyGpADhw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 354 KB
103 KB 197ms
74ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5CXV7RR

Requested by

Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8b5087bba6022fa1fc16ff07f9d44ea987ca7811d324a61711cbfed6800f2e99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 105165
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 24 Oct 2022 09:23:17 GMT

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
70 B 233ms
179ms Ping
text/plain 162.159.130.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.959f71dbd7e992c48a2a5941c6de2c0cf3fc27c6.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.130.71 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eu.redmagic.gg/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 24 Oct 2022 09:23:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-dc: gcp-us-east1,us-central1
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://eu.redmagic.gg
access-control-allow-credentials: true
cf-ray: 75f1a720e805b764-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: d77b6fc0-ed21-45eb-988b-185f55913a60

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
70 B 233ms
182ms Ping
text/plain 162.159.130.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.959f71dbd7e992c48a2a5941c6de2c0cf3fc27c6.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.130.71 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eu.redmagic.gg/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 24 Oct 2022 09:23:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-dc: gcp-us-east1,us-central1
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://eu.redmagic.gg
access-control-allow-credentials: true
cf-ray: 75f1a720e809b764-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: 43f707cd-314a-48fc-bbf5-3d6c0a5ed829

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
70 B 227ms
176ms Ping
text/plain 162.159.130.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.959f71dbd7e992c48a2a5941c6de2c0cf3fc27c6.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.130.71 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eu.redmagic.gg/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 24 Oct 2022 09:23:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-dc: gcp-us-east1,us-central1
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://eu.redmagic.gg
access-control-allow-credentials: true
cf-ray: 75f1a720e807b764-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: 90ef08bd-8ba2-47d2-96cf-762a679e3d62

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
561 B 153ms
151ms Ping
text/plain 162.159.130.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/web-pixels-manager/0.0.164/esm/browser.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.130.71 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eu.redmagic.gg/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 24 Oct 2022 09:23:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-dc: gcp-us-east1,us-east1
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://eu.redmagic.gg
access-control-allow-credentials: true
cf-ray: 75f1a721084ab764-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: 28092640-dd92-4627-be9d-6c68e155b82b

GET
H3 200 cart.js Show response
eu.redmagic.gg/ 283 B
1 KB 145ms
92ms XHR
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://eu.redmagic.gg/cart.js

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d96016d112189c25f59f156c345b0442cd4bcd2cb0637f3e1f0bf5a97176171b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://eu.redmagic.gg/
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:17 GMT
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=7889238
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west4,europe-west1,gcp-europe-west1
content-encoding: br
server-timing: processing;dur=29, db;dur=10
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 1312358460
x-request-id: b6def47a-409a-45c7-b0c9-7e257b3c0932
x-shardid: 199
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
x-shopid: 1312358460
vary: Accept-Encoding, Accept
x-frame-options: DENY
content-type: text/javascript; charset=utf-8
content-language: en
x-download-options: noopen
cf-ray: 75f1a72169b4b767-AMS
x-sorting-hat-podid: 199
x-cartjs-updatedat: 0

GET
H3 200 browsing_context_suggestions.json Show response
eu.redmagic.gg/ 128 B
1 KB 98ms
79ms XHR
application/json 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://eu.redmagic.gg/browsing_context_suggestions.json

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f5e6f6188ca69fe3e55bf6c1872da4abf101efe766a8317f116b24ceae7fb6b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://eu.redmagic.gg/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:17 GMT
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=7889238
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west4,europe-west1,gcp-europe-west1
content-encoding: br
server-timing: processing;dur=27, db;dur=10
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 1312358460
x-request-id: 468e863a-1793-4926-a2a1-d9d1a889faad
x-shardid: 199
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
x-shopid: 1312358460
vary: Accept-Encoding, Accept
x-frame-options: DENY
content-type: application/json; charset=utf-8
content-language: en
x-download-options: noopen
cf-ray: 75f1a72169b1b767-AMS
x-sorting-hat-podid: 199

GET
H3 200 browsing_context_suggestions.json Show response
eu.redmagic.gg/ 128 B
1 KB 114ms
96ms XHR
application/json 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://eu.redmagic.gg/browsing_context_suggestions.json

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f5e6f6188ca69fe3e55bf6c1872da4abf101efe766a8317f116b24ceae7fb6b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://eu.redmagic.gg/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:17 GMT
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=7889238
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west4,europe-west1,gcp-europe-west1
content-encoding: br
server-timing: processing;dur=37, db;dur=13
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 1312358460
x-request-id: 6cba09ee-5de3-445b-b264-856dbfc3cdef
x-shardid: 199
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
x-shopid: 1312358460
vary: Accept-Encoding, Accept
x-frame-options: DENY
content-type: application/json; charset=utf-8
content-language: en
x-download-options: noopen
cf-ray: 75f1a72169b6b767-AMS
x-sorting-hat-podid: 199

GET
H2 200 tracking.min.js Show response
www.artfut.com/static/ 24 KB
7 KB 139ms
139ms Script
application/javascript 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.artfut.com/static/tracking.min.js?campaign_code=56637026d8

Requested by

Host: www.artfut.com
URL: https://www.artfut.com/static/tagtag.min.js?campaign_code=56637026d8

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3423e2830e0e8512380b5995774e5d31c763daf4acf434d145a6c2e2fbbfa35

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Mon, 24 Oct 2022 09:23:17 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Mon, 23 May 2022 09:16:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"628b50ed-616e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JN7cpyZ9FR2TSmfTscm9DC70o8SU9BLCgq1vHDKbI%2Fckn4eq9NOjBG4mgarna4oQALcDbP%2FaDC0Tn5NtLJFx3cGx0h1mTY9UdJj4zrVwQeNvX8YvMVSY8KTYzUVzETa0ga0Gmnepi9SUr4jD"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1200, public
cf-ray: 75f1a72149d40c09-AMS
expires: Mon, 24 Oct 2022 09:43:17 GMT

GET
H2 200 crossdevice.min.js Show response
www.artfut.com/static/ 24 KB
8 KB 96ms
96ms Script
application/javascript 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.artfut.com/static/crossdevice.min.js?campaign_code=56637026d8

Requested by

Host: www.artfut.com
URL: https://www.artfut.com/static/tagtag.min.js?campaign_code=56637026d8

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30d31eb6c11df6156d1a8616666104c6d44a53c1b0a8e1b5e09ad693836cface

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Mon, 24 Oct 2022 09:23:17 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Mon, 23 May 2022 09:16:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"628b50f0-5f2e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CPA2Jbbyxd626i1LN5kvEHFJ39L5hodvF5gXeBaRA9aZ5v0ArEc6SlkhBV8pRVqM8E42lLPACVm5fJSo%2FpX2g7LUFT1IXYyRQco%2B81G7g444%2Foutf6aMQwjJ5vkmW7w02W547AWCgPswouOJ"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1200, public
cf-ray: 75f1a72149d70c09-AMS
expires: Mon, 24 Oct 2022 09:43:17 GMT

GET
H2 200 / Show response
z.lenmit.com/retag/tags/ 128 B
229 B 117ms
36ms Script
application/javascript 185.26.99.247
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://z.lenmit.com/retag/tags/?code=9ce8884448
Requested by: Host: cdn.lenmit.com
URL: https://cdn.lenmit.com/static/js/retag.js?r=24
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.26.99.247 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS: dsde430-2.fornex.org
Software: nginx /
Resource Hash: 1cbfb9fddbe542d5a58e8118d118aa1d6fd938c135af54d8264f6148143c5a9d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: application/javascript
date: Mon, 24 Oct 2022 09:23:17 GMT
server: nginx
content-length: 128
p3p: CP="NON DSP COR CURa TIA"

GET
H2 200 modules.5f63ca60a03298133ad8.js Show response
script.hotjar.com/ 254 KB
65 KB 113ms
38ms Script
application/javascript 52.222.214.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.5f63ca60a03298133ad8.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2975253.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-79.fra56.r.cloudfront.net

Software

Resource Hash

f433122da8de4f7e86aaa0422f1a1a782729938a6cf58632a1f591178b5b91f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 12:18:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 507911
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 66045
last-modified: Tue, 18 Oct 2022 12:17:20 GMT
etag: "eb4f228026ced3bcaadde65163571860"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: QkPbU_FyBrncAU7kT96Nt_LJMVifvfl_zl1uVThZzwVJdC0Bvvzbgg==

GET
H3 200 211786549408119 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 111ms
77ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/211786549408119?v=2.9.87&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7f64deb3b5a61396ff3261326ee0cc226d964df9f0aff07cff0bd8a138876d93

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 24 Oct 2022 09:23:17 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 6hzUJskJoMVvrOxXTn/scrGxDjdd9iRDSojykahXyxRUklC/P4I5/IDU2oIUsLgywuCh53AryxwHSngWLabJmQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 147ms
30ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:06:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1025
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 24 Oct 2022 10:06:12 GMT

POST
H3 400 cart Show response
eu.redmagic.gg/a/fstln_dock/api/promotion/ 64 B
880 B 266ms
265ms XHR
application/json 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://eu.redmagic.gg/a/fstln_dock/api/promotion/cart

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

034af0f6166edfe3a7377552238a4665ea76d8f8105d93b0c4460be2d30140fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://eu.redmagic.gg/
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 24 Oct 2022 09:23:17 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west4,gcp-europe-west4
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 1312358460
x-request-id: 1a4c4a00-5a67-4bd6-9d72-9e1d5d5bbecf
server: cloudflare
x-download-options: noopen
x-ratelimit-remaining: 118
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: https://eu.redmagic.gg
cache-control: no-cache, private
access-control-allow-credentials: true
x-ratelimit-limit: 120
cf-ray: 75f1a7224b04b767-AMS
access-control-allow-headers: *
x-sorting-hat-podid: 199

GET
H2 200 box-c1417f7b48595d0dbca01c86f95d6dbb.html Show response
vars.hotjar.com/ Frame 1379 2 KB
1 KB 118ms
31ms Document
text/html 13.224.189.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-c1417f7b48595d0dbca01c86f95d6dbb.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2975253.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-10.fra2.r.cloudfront.net

Software

Resource Hash

c0a4830af55fb7faabcbe34e804d186959aac83e6832495817e0e62122d2748f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://eu.redmagic.gg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 519071
cache-control: max-age=31536000
content-encoding: br
content-length: 1035
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 09:12:06 GMT
etag: "d2c298a660a1ee92f094a3d504e3e2e6"
last-modified: Tue, 18 Oct 2022 09:11:19 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
x-amz-cf-id: 5fKHLKtrOKSAmXTyWI9kOrd_jT8fb6OqZ5jSgZ79TVB1gkCUe4X41Q==
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/809193410/ 2 KB
2 KB 202ms
81ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/809193410/?random=1666603397500&cv=11&fst=1666603397500&bg=ffffff&guid=ON&async=1&gtm=2wgaj0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Feu.redmagic.gg%2F&tiba=REDMAGIC%20(Europe)%20-%20REDMAGIC%207%20Series%20Gaming%20Smartphone%20%E2%80%93%20RedMagic&auid=1880089170.1666603397&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CXV7RR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af53d114f9149ed441c512d5f7a285a8e8cec5a1e643df9aeb73e17b8994c974

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Oct 2022 09:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 981
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 25 KB
8 KB 299ms
102ms Script
application/javascript 2a04:4e42:400::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CXV7RR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: bef476ec3cca40a08e1dff35c707c24d5774e788c57febdb54874e90402a6af2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:17 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Tue, 19 Jul 2022 22:48:09 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "95212d33cfff78ad59f5af5b20c48c53"
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7722

GET
H2 200 hotjar-2389292.js Show response
static.hotjar.com/c/ 4 KB
2 KB 34ms
34ms Script
application/javascript 108.138.7.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2389292.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CXV7RR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-31.fra56.r.cloudfront.net

Software

Resource Hash

e90b0b8e7b426e816f5fd2798e2adc38bc1d4d2cc9f59aa06eea006fa58bdfed

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 24 Oct 2022 09:23:17 GMT
via: 1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 42
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/df579d85fc66e590af79fbcce80ad096
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: QsGrtSMcuA5Lji8AFTSner42dd9vgGjL0ZeOq8YcMEAid18Vi5Fxyw==

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 123ms
50ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CXV7RR

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 24 Oct 2022 09:23:17 GMT
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 00CB776440F140209E930674B3A22873 Ref B: DUS30EDGE0414 Ref C: 2022-10-24T09:23:17Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11367

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 110ms
31ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CXV7RR
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:17 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 20:19:10 GMT
etag: "d4de8398858246712016031c834bb061+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15317
x-served-by: cache-iad-kcgs7200165-IAD, cache-hhn11574-HHN

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 42 KB
15 KB 154ms
65ms Script
application/javascript 178.250.0.147
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=95521

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CXV7RR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.147 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5f51c31795f6f7cf4fe436ef75f73fc490d3ca3a4dd6028b815518b50bf4f316

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
78 KB 162ms
46ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TYNV4XZPCD&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CXV7RR

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

790b307dc5bf04ac8407a9c65625b28bc7ee04487eebf9473ae7438b7cd18647

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79425
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 24 Oct 2022 09:23:17 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 105ms
32ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=211786549408119&ev=PageView&dl=https%3A%2F%2Feu.redmagic.gg%2F&rl=&if=false&ts=1666603397627&sw=1600&sh=1200&v=2.9.87&r=stable&a=shopify&ec=0&o=30&fbp=fb.1.1666603397626.903735886&it=1666603397406&coo=false&eid=094db48b-6C1B-44C6-7A9F-699D40391B34&rqm=GET

Requested by

Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 24 Oct 2022 09:23:17 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 116 KB
45 KB 48ms
48ms Script
application/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-WJ66QL8&cid=1037914529.1666603397

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

403789936a1cbecc4192554bcb081e7992f19df491b7a9fa52e98c678d54949b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 45576
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 24 Oct 2022 09:23:17 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2975253/ 148 B
322 B 132ms
43ms XHR
application/json 52.17.231.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2975253/visit-data?sv=6
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.231.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-231-22.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a9106f8201be70decee33d6db0ed15214e640fb5760a3ee0492dcfb6ca7b8ad0

Request headers

Referer: https://eu.redmagic.gg/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Mon, 24 Oct 2022 09:23:17 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 204 2975253 Show response
vc.hotjar.io/sessions/ 0
259 B 164ms
61ms XHR
text/plain 18.66.112.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/2975253?s=0.25&r=0.1709774544119822
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-110.fra56.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:17 GMT
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: AfcCXWiVMeA-WzJPtbqZTbpSUqOwliFwdxKQcX74v_ShSCQ_N4pWTA==

GET
H2 200 adsct
t.co/i/ 43 B
377 B 200ms
132ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=5404dbd0-faf3-4d7d-ae05-23256d070a3e&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0ef29376-c753-42ed-9210-201ad43f71a0&tw_document_href=https%3A%2F%2Feu.redmagic.gg%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4vg4&type=javascript&version=2.3.27

Requested by

Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-response-time: 103
date: Mon, 24 Oct 2022 09:23:17 GMT
strict-transport-security: max-age=0
server: tsa_f
content-type: image/gif;charset=utf-8
x-transaction-id: b0447033bec600f1
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 97d7ef8d10a19a3b227d79ef7ae900be8ca98f163ba5d1234770b342f702d9eb
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
392 B 193ms
132ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=5404dbd0-faf3-4d7d-ae05-23256d070a3e&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0ef29376-c753-42ed-9210-201ad43f71a0&tw_document_href=https%3A%2F%2Feu.redmagic.gg%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4vg4&type=javascript&version=2.3.27

Requested by

Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-response-time: 102
date: Mon, 24 Oct 2022 09:23:17 GMT
strict-transport-security: max-age=631138519
server: tsa_f
content-type: image/gif;charset=utf-8
x-transaction-id: 0afc86e87b78af8b
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: aa32d7cd621f2b309affd2ccac3c3e93539cca01cba0e9b1fcdcf6e75d4aecc2
content-length: 43

GET
H2 200 136027292.js Show response
bat.bing.com/p/action/ 3 KB
2 KB 142ms
142ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/136027292.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

b61286559f378b8a2dafc14e7976b34a5d1bd0a0e466588e8c26124d43c412c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 24 Oct 2022 09:23:17 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 899A95067BE54EB098D89CAB92188A19 Ref B: DUS30EDGE0414 Ref C: 2022-10-24T09:23:17Z
x-powered-by: ARR/3.0
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 1424

GET
H2 204 0
bat.bing.com/action/ 0
176 B 49ms
48ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=136027292&tm=gtm002&Ver=2&mid=c19c7f51-138c-4a8f-8768-9d9c54952dc6&sid=7e7d72c0537d11eda7739b4dced09e47&vid=7e7d94c0537d11edaa366b5b23edc058&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=REDMAGIC%20(Europe)%20-%20REDMAGIC%207%20Series%20Gaming%20Smartphone%20%E2%80%93%20RedMagic&p=https%3A%2F%2Feu.redmagic.gg%2F&r=&lt=1210&evt=pageLoad&sv=1&rn=423370

Requested by

Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Oct 2022 09:23:17 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 276D4830508C4A85BB9D6E0882DC218A Ref B: DUS30EDGE0414 Ref C: 2022-10-24T09:23:17Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 61AB 15 KB
6 KB 223ms
24ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=eu.redmagic.gg&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=95521

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

639785aa0d683a5d24bcbe96629d8d07fd8eefd12499bd97606e65f9373a5112

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://eu.redmagic.gg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 24 Oct 2022 09:23:17 GMT
server: Kestrel
server-processing-duration-in-ticks: 575375
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 /
www.google.com/pagead/1p-user-list/809193410/ 42 B
548 B 112ms
44ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/809193410/?random=1666603397500&cv=11&fst=1666602000000&bg=ffffff&guid=ON&async=1&gtm=2wgaj0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Feu.redmagic.gg%2F&tiba=REDMAGIC%20(Europe)%20-%20REDMAGIC%207%20Series%20Gaming%20Smartphone%20%E2%80%93%20RedMagic&fmt=3&is_vtc=1&random=1667776328&rmt_tld=0&ipr=y

Requested by

Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Oct 2022 09:23:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.nl/pagead/1p-user-list/809193410/ 42 B
548 B 142ms
45ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/809193410/?random=1666603397500&cv=11&fst=1666602000000&bg=ffffff&guid=ON&async=1&gtm=2wgaj0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Feu.redmagic.gg%2F&tiba=REDMAGIC%20(Europe)%20-%20REDMAGIC%207%20Series%20Gaming%20Smartphone%20%E2%80%93%20RedMagic&fmt=3&is_vtc=1&random=1667776328&rmt_tld=1&ipr=y

Requested by

Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Oct 2022 09:23:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 94ms
31ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-113310152-2&cid=1037914529.1666603397&jid=113109882&gjid=887505774&_gid=153939631.1666603397&_u=aGBAgEIjRAAAAEgCIAB~&z=865670147

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eu.redmagic.gg/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 24 Oct 2022 09:23:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://eu.redmagic.gg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 30ms
30ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1255168508&t=pageview&_s=1&dl=https%3A%2F%2Feu.redmagic.gg%2F&dp=%2F&ul=en-us&de=UTF-8&dt=REDMAGIC%20(Europe)%20-%20REDMAGIC%207%20Series%20Gaming%20Smartphone%20%E2%80%93%20RedMagic&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEIjRAAAAAgCIAB~&jid=113109882&gjid=887505774&cid=1037914529.1666603397&tid=UA-113310152-2&_gid=153939631.1666603397&did=BwiEti&z=1634723042

Requested by

Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Oct 2022 01:22:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28869
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
346 B 93ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-TYNV4XZPCD&gtm=2oeaj0&_p=1255168508&_gaz=1&cid=1037914529.1666603397&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1666603397&sct=1&seg=0&dl=https%3A%2F%2Feu.redmagic.gg%2F&dt=REDMAGIC%20(Europe)%20-%20REDMAGIC%207%20Series%20Gaming%20Smartphone%20%E2%80%93%20RedMagic&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TYNV4XZPCD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Oct 2022 09:23:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://eu.redmagic.gg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 53ms
32ms Ping
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TYNV4XZPCD&cid=1037914529.1666603397&gtm=2oeaj0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TYNV4XZPCD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Oct 2022 09:23:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://eu.redmagic.gg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
107 B 83ms
56ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-TYNV4XZPCD&cid=1037914529.1666603397&gtm=2oeaj0&aip=1&z=1395040729

Requested by

Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Oct 2022 09:23:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 136027292 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 228ms
118ms Script
application/x-javascript 2620:1ec:49::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/136027292
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/136027292.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:49::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 149856d8ae987a270448e87218f4046444d4582f9d1b7c59a1c54e82d157b2e4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: application/x-javascript
date: Mon, 24 Oct 2022 09:23:17 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 0hVlWYwAAAADIpXfm5BWLRYbZWzKYxGiAUEFSMjAxMDgwMzg1MDI1ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
157 B 353ms
133ms Image
image/gif 151.101.1.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1666603397812&id=t2_9bhnaaiu&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=a8ca0622-b827-4ae1-9a0b-8da0dd661a7f&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_02c59ad6
Requested by: Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:18 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 131ms
63ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-113310152-2&cid=1037914529.1666603397&jid=113109882&_u=aGBAgEIjRAAAAEgCIAB~&z=691308124

Requested by

Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Oct 2022 09:23:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
107 B 58ms
58ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-113310152-2&cid=1037914529.1666603397&jid=113109882&_u=aGBAgEIjRAAAAEgCIAB~&z=691308124

Requested by

Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Oct 2022 09:23:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 61AB
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=redmagic.gg&sn=ChromeSyncframe&so=0&topUrl=eu.redmagic.gg&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=HsgEynxwVHZMTWhIaVFhaWc3emNpcWJSRGJhcnhaSXVOTFN6bFdNOVFxZEI1d0dqNWVaMDlBNVJuRzNDOGd5NDRjNHlKa2V2STRna3dhUm1ReFQ0a3p6d1VmOVRGQjBPS1orS0RsOXNpQWVTZGVucFovWWhSNisyOWU3NT...

420 B
651 B

113ms
32ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=HsgEynxwVHZMTWhIaVFhaWc3emNpcWJSRGJhcnhaSXVOTFN6bFdNOVFxZEI1d0dqNWVaMDlBNVJuRzNDOGd5NDRjNHlKa2V2STRna3dhUm1ReFQ0a3p6d1VmOVRGQjBPS1orS0RsOXNpQWVTZGVucFovWWhSNisyOWU3NTVTWUpJVWVheWZoSUx3dy9hd3JPTXNrRGlWMldiYTFUcXJGcHBTOTBkeWpkSzM1WGhyVXJYN0c3QVNpSm5RT0VpSjMrMUN5Ujl0ckpJRGRmWlZjcDAwZ3B5SVBpWmNVN3ZUTjBZQXNKTUJzTElCMko4UlRLOHVqNGdXam0xRzQ3WG90OFdBazJhVUI2RW9mMldjSWhmR0FPOXVCaWk1dz09fA&cppv=2

Requested by

Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d9fbe6f01fab522ccf5e5da9f91027c248907710ca8464f45c5274ca208d0b7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Oct 2022 09:23:17 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3100362
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 24 Oct 2022 09:23:17 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=HsgEynxwVHZMTWhIaVFhaWc3emNpcWJSRGJhcnhaSXVOTFN6bFdNOVFxZEI1d0dqNWVaMDlBNVJuRzNDOGd5NDRjNHlKa2V2STRna3dhUm1ReFQ0a3p6d1VmOVRGQjBPS1orS0RsOXNpQWVTZGVucFovWWhSNisyOWU3NTVTWUpJVWVheWZoSUx3dy9hd3JPTXNrRGlWMldiYTFUcXJGcHBTOTBkeWpkSzM1WGhyVXJYN0c3QVNpSm5RT0VpSjMrMUN5Ujl0ckpJRGRmWlZjcDAwZ3B5SVBpWmNVN3ZUTjBZQXNKTUJzTElCMko4UlRLOHVqNGdXam0xRzQ3WG90OFdBazJhVUI2RW9mMldjSWhmR0FPOXVCaWk1dz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 338486
content-length: 0
expires: 0

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2-e/s/0.6.43/ 54 KB
23 KB 119ms
118ms Script
application/javascript 2620:1ec:49::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2-e/s/0.6.43/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/136027292
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:49::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cc8a16ce849d72f106bd67187e4b60c20da3093375202bf0b53f23e8f40a8b11

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:17 GMT
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
etag: "1d8e6ea47462a4c"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
x-azure-ref: 0hllWYwAAAAAFcFsDSlNHSof/UNrF8qL+UEFSMjAxMDgwMzg1MDI1ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 12F2 0
17 B 69ms
32ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://eu.redmagic.gg
Referer: https://eu.redmagic.gg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://eu.redmagic.gg
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Mon, 24 Oct 2022 09:23:18 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 shopify.js Show response
manychat.com/static/js/ 613 KB
226 KB 147ms
59ms Script
application/javascript 18.185.191.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://manychat.com/static/js/shopify.js?account_id=951914514968661&shop=redmagic-gaming.myshopify.com
Requested by: Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.185.191.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-191-84.eu-central-1.compute.amazonaws.com
Software: openresty/1.19.9.1 /
Resource Hash: 61e6d4f2146225de9230d4e0756082be120ddf650b57ea54c5760bf0f9c830f7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:18 GMT
cache-control: public, max-age=600
content-encoding: gzip
last-modified: Wed, 12 Oct 2022 15:39:55 GMT
server: openresty/1.19.9.1
etag: W/"6346dfcb-995cf"
content-type: application/javascript; charset=utf-8

GET
H/1.1 200
OK c8f2308b638e27476bd4d3f46.js Show response
chimpstatic.com/mcjs-connected/js/users/c72de460df1155ce2f8163d2b/ 16 KB
4 KB 149ms
48ms Script
application/javascript 184.24.2.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://chimpstatic.com/mcjs-connected/js/users/c72de460df1155ce2f8163d2b/c8f2308b638e27476bd4d3f46.js?shop=redmagic-gaming.myshopify.com
Requested by: Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.2.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-2-119.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: bf4776d550bba4dd534ec14b8f6724f5e719372f879541853fa8a44b786f0070

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency: 97
Unused62: 8096267
Content-Encoding: gzip
Date: Mon, 24 Oct 2022 09:23:18 GMT
x-amz-request-id: C3XRW8691G7XGXP5
X-EdgeConnect-MidMile-RTT: 1
Connection: keep-alive
Content-Length: 3544
x-amz-id-2: fQTgXyXjPq2jtfqJa+6t2xt49+gIUexdorb5b+0oerKTpmeeDY9gWdjmP95qO+HPKPnR0s2FlUI=
Last-Modified: Wed, 02 Sep 2020 06:37:19 GMT
Server: AmazonS3
ETag: "1e5bedbafd95103d997455caa7fa4725"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=707
Accept-Ranges: bytes
Expires: Mon, 24 Oct 2022 09:35:05 GMT

GET
H2 200 installed.js Show response
cdn.judge.me/assets/ 40 B
423 B 100ms
30ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.judge.me/assets/installed.js?shop=redmagic-gaming.myshopify.com

Requested by

Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

9dde290518ca88ed8e0ba23350560cef9f4081ed78fc718125c4a32dcd92c227

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:18 GMT
content-encoding: gzip
via: 1.1 vegur
strict-transport-security: max-age=31536000
last-modified: Fri, 06 Jul 2018 02:42:15 GMT
server: keycdn-engine
x-edge-location: defr
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
link: <https://judge.me/assets/installed.js?shop=redmagic-gaming.myshopify.com>; rel="canonical"
content-length: 58

GET
H3 200 globo.alsobought.init.js Show response
cdn.shopify.com/s/files/1/0013/1235/8460/t/28/assets/ 36 B
478 B 40ms
38ms Script
text/javascript 162.159.135.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0013/1235/8460/t/28/assets/globo.alsobought.init.js?v=1621418329&shop=redmagic-gaming.myshopify.com

Requested by

Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.135.68 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9886d01aef8bff0e2c37cf6d7ecd24386a2cdd3da054e2fe3ca11c2f9ac456f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-dc: gcp-us-east1,us-east1
age: 5110540
server-timing: imagery;dur=44.585, imageryFetch;dur=43.720
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
x-xss-protection: 1; mode=block
x-request-id: 0b6b9542-6f13-43f4-a0c2-0dacb1435eba
last-modified: Fri, 26 Aug 2022 04:02:47 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0013/1235/8460/t/28/assets/globo.alsobought.init.js>; rel="canonical"
cf-ray: 75f1a7271d15b791-AMS

GET
H2 200 19038.js Show response
www.dwin1.com/ 34 KB
9 KB 125ms
32ms Script
application/javascript 2600:9000:225e:be00:f:8ce2:fb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/19038.js?shop=redmagic-gaming.myshopify.com
Requested by: Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:be00:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 000f04a739c4ecb3219000e6bf9d00b9032f7840012b5d72002c95e898ca5f27

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id: AYV6By4DMnoYYs.dZ7l8yAFN_fz7B5dK
content-encoding: gzip
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
date: Mon, 24 Oct 2022 09:20:18 GMT
x-amz-cf-pop: FRA60-P4
age: 180
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 19 Oct 2022 10:18:12 GMT
server: AmazonS3
etag: W/"02aa0fe59b42bc45993badd0bab542e7"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600, s-maxage=600
x-amz-cf-id: kAzsIfI3UixdZyBPOpppn_7m-oMzDOEdAPg2hJ6vBdbvEr8vwaLvHw==

GET
H2 200 deduplication.js Show response
static.shareasale.com/json/shopify/ 444 B
650 B 496ms
434ms Script
application/javascript 104.16.226.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.shareasale.com/json/shopify/deduplication.js?shop=redmagic-gaming.myshopify.com

Requested by

Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.226.72 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

159770a84040dbb0036a9690d15ddaa8bea21c3c3e034289dad77af1a2940826

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Wed, 23 Jun 2021 15:57:36 GMT
server: cloudflare
x-amz-request-id: JFQNFKM351BZ1JMG
etag: W/"f12d1a61011c4eb81f2c7b58c060dd6d"
vary: Accept-Encoding
content-type: application/javascript
content-encoding: gzip
cf-ray: 75f1a7277a83b97e-AMS
x-amz-id-2: A98O+H9Cu/+yevgvCBC7v1xtUUs1gabwjQg3MPMK4SNAp9Lmut2DQFoGyop+DlOBWWu2IP5P2NA=

GET
H2 200 load Show response
rudder-tracking.rudderstack.com/ 139 KB
139 KB 437ms
211ms Script
application/javascript 107.22.52.107
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rudder-tracking.rudderstack.com/load?writeKey=27BbHNFQswxOZIJ3E5PWcaBRWWe&dataPlaneUrl=fstlnlevamfhl.dataplane.rudderstack.com&shop=redmagic-gaming.myshopify.com
Requested by: Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.22.52.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-22-52-107.compute-1.amazonaws.com
Software: /
Resource Hash: 9b04c16db1e9c77d18a7fc289032814463aadec19425c5b9864c47900591277b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:18 GMT
content-length: 141916
content-type: application/javascript

GET
H2 200 init.js Show response
feed.omegacommerce.com/js/ 410 B
712 B 383ms
126ms Script
text/plain 144.217.255.176
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://feed.omegacommerce.com/js/init.js?shop=redmagic-gaming.myshopify.com
Requested by: Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.217.255.176 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: us1.omegacommerce.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: dbc57c5c552d1131081720d4b51bfb500a176dfa100f892a12f3ebf32929bc8d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-proxy-node: 0
x-version: v1.5.65_v1.13.8
date: Mon, 24 Oct 2022 09:23:18 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Origin
content-type: text/plain; charset=utf-8
cache-control: max-age=31536000
x-request-host: us1_0
content-length: 410
x-request-id: 65885345-c88c-49b1-b60d-2c3061db38be
expires: Tue, 24 Oct 2023 09:23:18 GMT

GET
H2 200 sdk.js Show response
cdn.langshop.app/buckets/app/libs/storefront/ 180 KB
37 KB 160ms
73ms Script
application/javascript 2606:4700:3032::6815:1586
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.langshop.app/buckets/app/libs/storefront/sdk.js?release=v2.13.0&proxy_prefix=/apps/langshop&shop=redmagic-gaming.myshopify.com
Requested by: Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1586 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a75759d1e9d34d1fdf3cdd64d3a1e7736a858c9c8eaad95b12b5b6e1ef652c2e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:18 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 21 Oct 2022 16:21:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4089538868"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QLzejEumiTBqRaSyM%2Bw2qOinZ%2B9QIPbVKk6AkGUF16PpAPNwJqRNuBVAiIzVT5PY3LVmD8ph4DfzLc26IB01fhLbTPTKuDgJIMwMsmxiq6i2hTsk4zYDxuj3KwbGs5Ppv1MKQSEivfjNHOSLnetQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 75f1a727aa289a12-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 config.js Show response
cdn.shopify.com/proxy/1112edaf569441978144f88f9a0644c14d37f62d306efe67688192ae965b1125/static.tongdun.net/shopify/ 755 B
746 B 39ms
38ms Script
application/javascript 162.159.135.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/proxy/1112edaf569441978144f88f9a0644c14d37f62d306efe67688192ae965b1125/static.tongdun.net/shopify/config.js?shop=redmagic-gaming.myshopify.com&sp-cache-control=cHVibGljLCBtYXgtYWdlPTkwMA

Requested by

Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.135.68 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87164479c8b2da402db3ba52a30233dda0cc3625a6466668f597a38815406589

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:18 GMT
content-security-policy: default-src 'none'; sandbox;
via: T.209.M, V.403-zj-fud-208, S.pcw-cn-hkg-165, T.165.M, V.pcw-cn-hkg-163, T.187.H, M.gtt-us-lax1-187
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-central1,gcp-us-central1,us-central1
age: 29
content-encoding: br
content-disposition: attachment
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: eaf52392-0539-4d65-81e4-2896c3d9d837
last-modified: Mon, 17 Oct 2022 08:11:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=600
timing-allow-origin: *
cf-ray: 75f1a7271d18b791-AMS
expires: Tue, 25 Oct 2022 08:11:26 GMT

GET
H3 200 common.js Show response
cdn.shopify.com/proxy/3b721ea717aeb67bcb0ef21bc763c142c78804ca7446e3abfb4cefac4868ab77/static.tongdun.net/shopify/ 89 KB
32 KB 44ms
43ms Script
application/javascript 162.159.135.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/proxy/3b721ea717aeb67bcb0ef21bc763c142c78804ca7446e3abfb4cefac4868ab77/static.tongdun.net/shopify/common.js?shop=redmagic-gaming.myshopify.com&sp-cache-control=cHVibGljLCBtYXgtYWdlPTkwMA

Requested by

Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.135.68 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f27f32f932651c06b1a5b5932ec8f37c82b93e4968ff65ac52a7ec05ce5979b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:18 GMT
content-security-policy: default-src 'none'; sandbox;
via: T.205.H, V.403-zj-fud-209, S.pcw-cn-hkg-165, T.165.H, V.pcw-cn-hkg-167, T.187.H, M.gtt-us-lax1-187
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-central1,gcp-us-central1,us-east1
age: 29
content-encoding: br
content-disposition: attachment
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: fb4f848f-2d9a-4538-9713-e9a0ab12b35d
last-modified: Mon, 12 Apr 2021 03:30:45 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=600
timing-allow-origin: *
cf-ray: 75f1a7271d1bb791-AMS
expires: Sat, 29 Oct 2022 19:32:45 GMT

GET
H3 200 fms.js Show response
cdn.shopify.com/proxy/35fa26e9b175e7e27c37588678f07a4967a3aae625c8f582d901fed2b267cd57/static.tongdun.net/shopify/ 140 KB
41 KB 51ms
49ms Script
application/javascript 162.159.135.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/proxy/35fa26e9b175e7e27c37588678f07a4967a3aae625c8f582d901fed2b267cd57/static.tongdun.net/shopify/fms.js?shop=redmagic-gaming.myshopify.com&sp-cache-control=cHVibGljLCBtYXgtYWdlPTkwMA

Requested by

Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.135.68 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6c30d97f9c9013accd8af8a64de2b09e09a0c2f6fb668e23b5a6ef33882ff54

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:18 GMT
content-security-policy: default-src 'none'; sandbox;
via: T.208.H, V.403-zj-fud-202, S.pcw-cn-hkg-167, T.167.H, V.pcw-cn-hkg-163, T.187.H, M.gtt-us-lax1-187
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-east1,gcp-us-east1,us-east1
age: 29
content-encoding: br
content-disposition: attachment
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 697d2f34-42b3-4f16-a5a6-6a7817a3d969
last-modified: Mon, 26 Apr 2021 09:52:54 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=600
timing-allow-origin: *
cf-ray: 75f1a7271d1cb791-AMS
expires: Thu, 27 Oct 2022 20:03:22 GMT

GET
H2 200 pushowl-shopify.js Show response
cdn.pushowl.com/latest/sdks/ 153 KB
37 KB 144ms
36ms Script
application/javascript 2600:9000:2240:3800:7:6365:89c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushowl.com/latest/sdks/pushowl-shopify.js?subdomain=redmagic-gaming&environment=production&guid=955186ad-b19b-4fee-91fe-d14752f588ec&shop=redmagic-gaming.myshopify.com
Requested by: Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:3800:7:6365:89c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 9ec35dd74587fa332c653eb89cd221cc9f087e68c59af297d1086ca38e2f8c82

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 06:50:17 GMT
content-encoding: br
via: 1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
age: 181981
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-request-id: 5390f8c0-184c-4d9e-9121-a0a78c169d2e
etag: W/"262cc-jV/KFAGlVT3J7DC+xe6YwUMoyQE"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-server: ImageKit.io
timing-allow-origin: *
x-amz-cf-id: SGibY1TKhYKEQNMA67JPk7jic6W4Z9pCIYvZX85K8rWYauX9upRsuQ==

GET
H2 200 / Show response
socialplugin.facebook.net/new_domain_gating/ 40 B
877 B 194ms
71ms XHR
application/json 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://socialplugin.facebook.net/new_domain_gating/?endpoint=customerchat&page_id=951914514968661&suppress_http_code=1

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cdaab024c0121953419a4a1094ffe2ee9a902df55ee79d792e411bac835b9134

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://eu.redmagic.gg/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
date: Mon, 24 Oct 2022 09:23:18 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: cq5PDgmTxwzN2bEDDNK78smB/8fV9STg/3ykQxa0QoJNerETDROL4+4fba5gJdLrtutYtXMADJjzDtcwvYPURA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: https://eu.redmagic.gg
cache-control: private, no-cache, no-store, must-revalidate
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=B6F02196ECF84084963B171B1ED2D3F3&RedC=c.clarity.ms&MXFR=35E187E87EDD62A30F6F95AF7ADD6CBB
https://c.clarity.ms/c.gif?CtsSyncId=B6F02196ECF84084963B171B1ED2D3F3&MUID=2E80D374D7F86C6B0B17C133D6386D19

42 B
369 B

40ms
40ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=B6F02196ECF84084963B171B1ED2D3F3&MUID=2E80D374D7F86C6B0B17C133D6386D19
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Oct 2022 09:23:18 GMT
last-modified: Thu, 13 Oct 2022 20:07:05 GMT
server: Microsoft-IIS/10.0
etag: "40db785d3fdfd81:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 24 Oct 2022 09:23:17 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F7FE22001BCA47258C3F1CBC652A048E Ref B: DUS30EDGE0414 Ref C: 2022-10-24T09:23:18Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=B6F02196ECF84084963B171B1ED2D3F3&MUID=2E80D374D7F86C6B0B17C133D6386D19
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=95521&v=5.12.1&p0=e%3Dce%26m%3D%255B%255D%26h%3Dnone&p1=e%3Dexd%26z%3D%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.2.0&p3=e%3Ddis&adce=1&bundle=Q4E5cV9YaW4wUUt4S...
https://widget.us.criteo.com/event?a=95521&v=5.12.1&p0=e%3Dce%26m%3D%255B%255D%26h%3Dnone&p1=e%3Dexd%26z%3D%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.2.0&p3=e%3Ddis&adce=1&bundle=Q4E5cV9YaW4wUUt4S...

8 KB
4 KB

325ms
110ms

Script
application/x-javascript

2620:100:a001::17
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=95521&v=5.12.1&p0=e%3Dce%26m%3D%255B%255D%26h%3Dnone&p1=e%3Dexd%26z%3D%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.2.0&p3=e%3Ddis&adce=1&bundle=Q4E5cV9YaW4wUUt4S2NFa3VpT292MzZZalBUWnd0M2d1VVVNM1RFcmZFaDJ0WnNpWmxrdklhdTNQSEw5MzYyTERWUWRzbXl0S25rVGNwJTJGJTJCNVhxWFZTdmdqU2JpZmpWa1lBQkZEa3VPRDV0M2lNVGZTS1pJWHNyVFp0UmZCQWtCRTVIeiUyQnpuaTJuUmI4U0RacGVjMG8weGJYOXclM0QlM0Q&tld=redmagic.gg&dy=1&fu=https%253A%252F%252Feu.redmagic.gg%252F&dtycbr=27078

Protocol

Server

2620:100:a001::17 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

8ab222994fb9b239f4fe91bcff0dcbdb58045093b99a4e432c35ca70151fe5a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Oct 2022 09:23:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 8952956
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 24 Oct 2022 09:23:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://widget.us.criteo.com/event?a=95521&v=5.12.1&p0=e%3Dce%26m%3D%255B%255D%26h%3Dnone&p1=e%3Dexd%26z%3D%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.2.0&p3=e%3Ddis&adce=1&bundle=Q4E5cV9YaW4wUUt4S2NFa3VpT292MzZZalBUWnd0M2d1VVVNM1RFcmZFaDJ0WnNpWmxrdklhdTNQSEw5MzYyTERWUWRzbXl0S25rVGNwJTJGJTJCNVhxWFZTdmdqU2JpZmpWa1lBQkZEa3VPRDV0M2lNVGZTS1pJWHNyVFp0UmZCQWtCRTVIeiUyQnpuaTJuUmI4U0RacGVjMG8weGJYOXclM0QlM0Q&tld=redmagic.gg&dy=1&fu=https%253A%252F%252Feu.redmagic.gg%252F&dtycbr=27078
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 36210280
timing-allow-origin: *
content-length: 0
expires: 0

POST
H2 204 collect Show response
k.clarity.ms/ 0
158 B 541ms
210ms XHR
text/plain 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://eu.redmagic.gg/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: https://eu.redmagic.gg
date: Mon, 24 Oct 2022 09:23:17 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H3 200 REDMAGIC_7_Banner-PC_1920x.jpg
cdn.shopify.com/s/files/1/0013/1235/8460/files/ 57 KB
57 KB 35ms
35ms Image
image/webp 162.159.135.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0013/1235/8460/files/REDMAGIC_7_Banner-PC_1920x.jpg?v=1646807369

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.135.68 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0b6c1bd71b1382d5188db485fbcfbb8129797c47ecc797a8d8ebdb7bf80753b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-dc: gcp-us-east1,us-east1
age: 88320
server-timing: imagery;dur=602.637, imageryFetch;dur=41.120, imageryProcess;dur=560.900;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 58002
x-xss-protection: 1; mode=block
x-request-id: 3ce4abd3-c888-442b-80b5-fe0f3005b925
last-modified: Fri, 26 Aug 2022 07:09:03 GMT
server: cloudflare
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0013/1235/8460/files/REDMAGIC_7_Banner-PC_1920x.jpg>; rel="canonical"
cf-ray: 75f1a7275d93b791-AMS

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 660c6519d91af540602b10d86b594fc2c1f936316419779b25915081355b19cd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 / Show response
www.facebook.com/plugins/customer_chat/SDK/ 0
31 B 101ms
66ms XHR
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1075af00b11d68%26domain%3Deu.redmagic.gg%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Feu.redmagic.gg%252Ff98995c921bf9c%26relation%3Dparent.parent&current_url=https%3A%2F%2Feu.redmagic.gg%2F&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=en_US&log_id=441075f8-4830-4364-8b5d-513b85cb5e3a&page_id=951914514968661&request_time=1666603398502&sdk=joey&should_use_new_domain=false&suppress_http_code=1

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://eu.redmagic.gg/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
date: Mon, 24 Oct 2022 09:23:18 GMT
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: stkl6lqBWzyu5b3DVozeT8KEcWjcDi8W0eLq1QV0/yunk8QJ8OSdSM/ks1W1mR/Gsw9jH+vziWyVGROvFAejGQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://eu.redmagic.gg
cache-control: private, no-cache, no-store, must-revalidate
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 / Show response
www.facebook.com/plugins/customer_chat/facade/ 1 KB
791 B 199ms
165ms XHR
application/json 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/customer_chat/facade/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1075af00b11d68%26domain%3Deu.redmagic.gg%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Feu.redmagic.gg%252Ff98995c921bf9c%26relation%3Dparent.parent&current_url=https%3A%2F%2Feu.redmagic.gg%2F&is_loaded_by_facade=true&locale=en_US&log_id=441075f8-4830-4364-8b5d-513b85cb5e3a&page_id=951914514968661&request_time=1666603398502&sdk=joey&should_use_new_domain=false&suppress_http_code=1

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b901e3c83deb592678dd64604057877f96e35b45060ed74477f1f1819797dffc

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://eu.redmagic.gg/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Mon, 24 Oct 2022 09:23:18 GMT
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: +T7CVJ2SpHDbVbrIUNo5ve68+GMfgTVyUQuX8o57XNDgJLnwPP6t27Apsw/wL7M4OTAmk4OcAF83g62fnbryzQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://eu.redmagic.gg
cache-control: private, no-cache, no-store, must-revalidate
x-frame-options: DENY
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H3 200 /
cdn.pushowl.com/config/api/v1/redmagic-gaming/subscriber/config/widget/ Frame 0
0 66ms
32ms Preflight 2600:9000:2240:3800:7:6365:89c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushowl.com/config/api/v1/redmagic-gaming/subscriber/config/widget/?guid=955186ad-b19b-4fee-91fe-d14752f588ec&platform=shopify
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2240:3800:7:6365:89c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://eu.redmagic.gg
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
age: 181869
alt-svc: h3=":443"; ma=86400
cache-control: public, s-maxage=15552000, max-age=15552000
content-length: 0
date: Sat, 22 Oct 2022 06:52:09 GMT
via: 1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront)
x-amz-cf-id: m_cU8nDUK3R4P01zbdfEc_VHHanpTx5tbbjjWHHslmf6fzZ3_jiqYg==
x-amz-cf-pop: FRA60-P1
x-cache: Hit from cloudfront
x-request-id: 8812c6d4-f778-41f9-836a-3940f0b05814

GET
H3 200 / Show response
cdn.pushowl.com/config/api/v1/redmagic-gaming/subscriber/config/widget/ 3 KB
3 KB 32ms
32ms XHR
application/json 2600:9000:2240:3800:7:6365:89c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushowl.com/config/api/v1/redmagic-gaming/subscriber/config/widget/?guid=955186ad-b19b-4fee-91fe-d14752f588ec&platform=shopify
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2240:3800:7:6365:89c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: fb9c3576c246ccc12635261805a62bc0d99bd51841277e88f4d92f6ef8adea80

Request headers

Accept: application/json
Referer: https://eu.redmagic.gg/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 22 Oct 2022 06:52:10 GMT
via: 1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront)
age: 181868
x-amz-cf-pop: FRA60-P1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 2936
x-request-id: 69331707-fad1-48d0-a36c-b46a137560eb
etag: W/"b78-qzuSQPYHl0zJMgES0O83wrVrL9g"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
x-amz-cf-id: zsf0wnOTEC_ZC7Orpe39Oi3lz_f7CvFH7TPvnYKCKS35NbAuEBxoFw==

GET
H2 200 shopify.css
manychat.com/static/ 33 KB
8 KB 31ms
30ms Stylesheet
text/css 18.185.191.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://manychat.com/static/shopify.css?1666603398579
Requested by: Host: manychat.com
URL: https://manychat.com/static/js/shopify.js?account_id=951914514968661&shop=redmagic-gaming.myshopify.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.185.191.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-191-84.eu-central-1.compute.amazonaws.com
Software: openresty/1.19.9.1 /
Resource Hash: d2b60a4023ee76ae459f972575b63c9033bf568773862e278e479b91577856e3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:18 GMT
content-encoding: gzip
last-modified: Wed, 12 Oct 2022 15:39:55 GMT
server: openresty/1.19.9.1
etag: W/"6346dfcb-8334"
content-type: text/css
cache-control: max-age=432000
expires: Sat, 29 Oct 2022 09:23:18 GMT

GET
H3 200 config.liquid.js Show response
eu.redmagic.gg/apps/langshop/store/ 34 KB
4 KB 432ms
432ms XHR
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://eu.redmagic.gg/apps/langshop/store/config.liquid.js

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8987fab769dc12a7adc515e1cb28a29870d2e70dd296beb79b61d399f16d2391

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:19 GMT
strict-transport-security: max-age=7889238
x-content-type-options: nosniff
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west4,gcp-europe-west4,europe-west1,gcp-europe-west1
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 1312358460
x-request-id: c2d09890-258f-48ca-8938-861d1179541e
x-shardid: 199
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding, Accept
x-frame-options: DENY
content-type: text/javascript; charset=utf-8
content-language: en
x-shopid: 1312358460
cf-ray: 75f1a7294d40b767-AMS
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-sorting-hat-podid: 199

GET
H3 200 css
fonts.googleapis.com/ 1 KB
408 B 40ms
40ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:600,500,400,300&display=swap

Requested by

Host: manychat.com
URL: https://manychat.com/static/shopify.css?1666603398579

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d73f9d83affe674000559d4bd566b7509d85e7cd3c0856410f3b08f242e102a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://manychat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 24 Oct 2022 09:23:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 07:50:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Oct 2022 09:23:18 GMT

OPTIONS
H2 200 events
api.pushowl.com/event/v1/ Frame 0
0 334ms
102ms Preflight
text/html 52.73.81.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pushowl.com/event/v1/events

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.73.81.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-73-81-232.compute-1.amazonaws.com

Software

gunicorn/20.0.4 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://eu.redmagic.gg
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
content-type: text/html; charset=utf-8
date: Mon, 24 Oct 2022 09:23:18 GMT
server: gunicorn/20.0.4
vary: Origin
x-content-type-options: nosniff

POST
H2 204 events Show response
api.pushowl.com/event/v1/ 0
161 B 105ms
104ms XHR
text/plain 52.73.81.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pushowl.com/event/v1/events

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.73.81.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-73-81-232.compute-1.amazonaws.com

Software

gunicorn/20.0.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: text/plain
Referer: https://eu.redmagic.gg/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Mon, 24 Oct 2022 09:23:19 GMT
allow: POST, OPTIONS
x-content-type-options: nosniff
server: gunicorn/20.0.4
x-frame-options: DENY
vary: Accept, Origin, Cookie

GET
H/1.1 200 profile.json Show response
usafp.tongdun.net/fp3/ 254 B
1 KB 539ms
105ms Script
text/javascript 52.205.170.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://usafp.tongdun.net/fp3/profile.json?partner=shopify&app_name=shopify_web_not_checkout&token_id=shopify-1666603398317-848a76d15c81b&a=UVJVjIbXKVJjIUXSHe4tPSIP25FE5NKUh4jL2kHqhzsxMi328VJvDRl7DbuGrmygBO17croKxIokc%2FqZgC%2BNMMmKoy%2B82UxiOjZPXtU2Alst7kVSv3SZ4OsieIB3oGh8%2B5YfPyHwXhnhvsBeyJOpOw%3D%3D&b=bqw64Q7uklwDvunbZUJ1jtmApwjRxOrL4LnPLqXH%2FgKvdhnZDj56%2FkjawLFNd4uOmfaiupjLDplwIP2cK69a3%2BKras7bYi3TIPKlr8jAzH5kkLS48VhCvw%2B16YwPyHqtmMGWs6ut2vj%2FQHjPEW8N%2BXOAEf2%2BjXw%2FyCkLbm1rWnoCoqeaKdmPEpW5lFlmM12kIbm5c5YIcE%2F%2B5qnzmzTTuvm%2Bgl58LUU5&c=GXJtsjrAEbmZMn%2BBxHoxXpUPqAjfwhK%2BIR78osNpiGqg%2BKKv7RhJrKQbnn%2FJKLFlmFRmEOMqoNZ%2BF3MSUEWugcPHpKwdSWowIMuLIy3WQ1gqcSiy9lCzZUMXeqhWmaLM5JPfZALmzak%3D&d=14UAQdqB1Vk6JyBKocfHYnwPoCip0bFUg34GKHF5rdVY6Cdq2toRZvS2iZDYNjFb9ExXv8qaIDzbSs0qFrz32gtTUaE3MU101qZh31JV818V2lWzi%2FxtpGHIlvvsNnmGmJflFIbmqtORYyS4R7Cf4XmkGPCWniArpOuJQ2TedAS%2FZo1YYZbJYQ5QpVjKhLXgiEqxUnDRVmoODUvzQ8U9T1XtqN2drRZr7RU3YGfmA120wLWW24YzSOgt4RtomQFtAQG3LI26ZxInqIPDFRxLQisRzCvfqSRXoWHlCoxrhyUVKUVSNzm%2BOZlDBXhV2vH1PbMmBOSSIIrkWdyMaXhFLAVmQE1BL5bl1s%2FYr4j6YKMzXwHlG%2ByPTYFO7o1EUtrdKIqlzY9gQgrW%2FIlVAUX4eb5l8nXvxFbyRKim0%2B6WuHwRL4g%2BZ2NlogIUcinLUkWH&g=NVr0iC8Qo6l8jMqmAN%2B7P%2BrIVtqRsKDe0EA1ctBphkkERvbTEsbbbDwnxtKuY5Hsau6v12mPaUfDUcLkWO9W9GmwIH5BOC%2Bno7gyxptRkZykukSSMs6U5SM59wIxCS9uB90opNgXfRbyq36EmdjjEfm22Ks%2BZdwYpSp1gt3ut8%2Fb1WK6D0EhQmIsdmSPjpy8rhRLOKmJ2TbMh9JkWVWwTwDA3hyFhDyxCokEYK9UJiZnLuvhdO3UKnyLfwtJCa%2FFcnJNGmxOtm%2FnA2h%2FDXm5%2FotaRJ%2FiwlALJCNVJ%2Bz%2FR%2BtL3A8xHnPW%2BV%2BD5T8BuQiRdZ8Prcpnx8KhmBvvFBxz%2F5n6sW5tKvh11FtO0E4CijEeW7QJOBN6wJzqEQukyHsRtURFuv4ej16ZK%2BCdGYZMy7Dw%2BjrY1gBFOaJrp0cddGHp7r7TXI8KdQ%3D%3D&f=sJfYpdQoZ5WMODpEhl78V%2BDsQc28EqN1&e=Lii4Nvu4iX7C3XjSSGxjxl9jB5ZL2UJril7d81%5C7A0ssvt7stoCwUUNGU4yWCs21vLdtPR6GDpbyTdHR5Q9z9XHKZnC5TIt148jHL64t7TTeEqjAV9Mr2T75c0JdRw72&q=vWR8MH9Qw1y3qPIsmNHTvCqI5BrNkgvfN3ZUuVLdKPDRpP5MOaefa3dL6weBjoCVaRmPc27vVmca7ByJs9FLC1kCdGZqPsBB6S0JHDbrdyBan2C16s8K9sy0xx%2BQeaMQQTiBbhgC8qY%3D&v=DPlJQGpzJxiYGA%2B7oaRZ7KshBbdPEmJI&idf=1666603398401-17121325554&w=qVpxBeiIK4cV6HykpBoida0IfsIJko%2F8xgCb7A4sNuiWXC5Wy9tPbg%3D%3D&ct=9N8TeFJl0B8%3D&_callback=_1666603398628_3931&p=sdrTtW880nwGdeZwE02ThA%3D%3D&h=bd278023229f0e6e2b5a27c1bd0b5607

Requested by

Host: eu.redmagic.gg
URL: https://eu.redmagic.gg/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

52.205.170.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-205-170-131.compute-1.amazonaws.com

Software

openresty /

Resource Hash

4f0fb38fe566d6fde0a67fc1c73371fc07083fd97ba90b241f02950884f63bbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 24 Oct 2022 09:23:19 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
P3P: CP=IVAa PSAa, CP=IVAa PSAa, CP=IVAa PSAa
Content-Type: text/javascript;charset=utf-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=180
X-XSS-Protection: 1; mode=block
Expires: 0

OPTIONS
H2 204 logEvent
manychat.com/pixel/ Frame 0
0 94ms
31ms Preflight
text/plain 18.185.191.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://manychat.com/pixel/logEvent
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.185.191.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-191-84.eu-central-1.compute.amazonaws.com
Software: openresty/1.19.9.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://eu.redmagic.gg
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://eu.redmagic.gg
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Mon, 24 Oct 2022 09:23:18 GMT
server: openresty/1.19.9.1

POST
H2 200 logEvent Show response
manychat.com/pixel/ 15 B
146 B 32ms
31ms XHR
application/json 18.185.191.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://manychat.com/pixel/logEvent
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.185.191.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-191-84.eu-central-1.compute.amazonaws.com
Software: openresty/1.19.9.1 /
Resource Hash: 52cea2e63fec4f8589406792b5194db66255cfb26b6a33b7971260a3852c7ba5

Request headers

Referer: https://eu.redmagic.gg/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Mon, 24 Oct 2022 09:23:18 GMT
content-encoding: gzip
server: openresty/1.19.9.1
content-type: application/json

GET
H2 200 load Show response
widget.manychat.com/ 2 KB
2 KB 103ms
31ms XHR
application/javascript 18.185.191.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.manychat.com/load?account_id=951914514968661&hash=
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.185.191.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-191-84.eu-central-1.compute.amazonaws.com
Software: openresty/1.19.9.1 /
Resource Hash: 1e8ec7d7b9c38d0f958c28ba6ded0d0a5e7d07fe9db92882bacd57c9d0d597f7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 24 Oct 2022 09:23:18 GMT
server: openresty/1.19.9.1
accept-ranges: bytes
content-length: 1734
content-type: application/javascript; charset=utf-8

POST
H2 204 collect Show response
k.clarity.ms/ 0
48 B 323ms
322ms XHR
text/plain 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://eu.redmagic.gg/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: https://eu.redmagic.gg
date: Mon, 24 Oct 2022 09:23:18 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H3 200 / Show response
www.facebook.com/plugins/customer_chat/SDK/ 0
25 B 70ms
70ms XHR
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1075af00b11d68%26domain%3Deu.redmagic.gg%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Feu.redmagic.gg%252Ff98995c921bf9c%26relation%3Dparent.parent&current_url=https%3A%2F%2Feu.redmagic.gg%2F&event_name=chat_plugin_sdk_facade_load&is_loaded_by_facade=true&loading_time=251&locale=en_US&log_id=441075f8-4830-4364-8b5d-513b85cb5e3a&page_id=951914514968661&request_time=1666603398753&sdk=joey&should_use_new_domain=false&suppress_http_code=1

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://eu.redmagic.gg/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
date: Mon, 24 Oct 2022 09:23:18 GMT
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: Jvn4w4UppF45rwoavenQTc93mDFfYm3bnokC7YX/1YhiRq/+o87wB9nOUXvbHKUtAEn0MOtlHfhh6Rgd5nBajA==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://eu.redmagic.gg
cache-control: private, no-cache, no-store, must-revalidate
priority: u=1
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 33ms
32ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=532160876956612&ev=fb_page_view&dl=https%3A%2F%2Feu.redmagic.gg%2F&rl=&if=false&ts=1666603398789&sw=1600&sh=1200&at=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 24 Oct 2022 09:23:18 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

OPTIONS
H2 204 logEvent
manychat.com/pixel/ Frame 0
0 31ms
31ms Preflight
text/plain 18.185.191.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://manychat.com/pixel/logEvent
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.185.191.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-191-84.eu-central-1.compute.amazonaws.com
Software: openresty/1.19.9.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://eu.redmagic.gg
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://eu.redmagic.gg
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Mon, 24 Oct 2022 09:23:18 GMT
server: openresty/1.19.9.1

POST
H2 200 logEvent Show response
manychat.com/pixel/ 15 B
146 B 32ms
32ms XHR
application/json 18.185.191.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://manychat.com/pixel/logEvent
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.185.191.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-191-84.eu-central-1.compute.amazonaws.com
Software: openresty/1.19.9.1 /
Resource Hash: 52cea2e63fec4f8589406792b5194db66255cfb26b6a33b7971260a3852c7ba5

Request headers

Referer: https://eu.redmagic.gg/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Mon, 24 Oct 2022 09:23:18 GMT
content-encoding: gzip
server: openresty/1.19.9.1
content-type: application/json

GET
H3 200 .json Show response
eu.redmagic.gg/ 205 KB
44 KB 328ms
328ms XHR
application/json 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://eu.redmagic.gg/.json

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8c983742d070d8f19602123c0afd3b1222fc3ad2cfc9c397bd6aede4f253d2d

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:19 GMT
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=7889238
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west4,europe-west1,gcp-europe-west1
content-encoding: br
x-cache: miss
x-alternate-cache-key: cacheable:fd3dbc401018b97cadadfd889d4809cd
server-timing: processing;dur=274, db;dur=70, parse;dur=10
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 1312358460
x-request-id: 9fb25fea-e9ca-4275-912b-e4081402b630
x-shardid: 199
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
x-shopid: 1312358460
x-frame-options: DENY
vary: Accept
content-type: application/json; charset=utf-8
content-language: en
x-download-options: noopen
cf-ray: 75f1a72a9f74b767-AMS
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-sorting-hat-podid: 199

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame D250
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-1lH1rR2xx5TlxHWaVwjOU7Nz6CuK13mUnl8byg&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-1lH1rR2xx5TlxHWaVwjOU7Nz6CuK13mUnl8byg&expires=30

43 B
495 B

35ms
34ms

Image
image/gif

18.193.243.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-1lH1rR2xx5TlxHWaVwjOU7Nz6CuK13mUnl8byg&expires=30
Protocol: HTTP/1.1
Server: 18.193.243.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-243-10.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 24 Oct 2022 09:23:19 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-1lH1rR2xx5TlxHWaVwjOU7Nz6CuK13mUnl8byg&expires=30
Date: Mon, 24 Oct 2022 09:23:19 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame D250
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-XFFPtx2xx5TlxHWaVwjOU7Nz6Csz71h1q45ksg&google_cm&google_hm=ay1YRkZQdHgyeHg1VGx4SFdhVndqT1U3Tno2Q3N6NzFoM...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-XFFPtx2xx5TlxHWaVwjOU7Nz6Csz71h1q45ksg&google_gid=CAESEJURkwXhpc-dFkSH3blsMxk&google_cver=1&google_ula=913071,0

43 B
370 B

35ms
35ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-XFFPtx2xx5TlxHWaVwjOU7Nz6Csz71h1q45ksg&google_gid=CAESEJURkwXhpc-dFkSH3blsMxk&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Oct 2022 09:23:18 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1235313
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 24 Oct 2022 09:23:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-XFFPtx2xx5TlxHWaVwjOU7Nz6Csz71h1q45ksg&google_gid=CAESEJURkwXhpc-dFkSH3blsMxk&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame D250
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8033697424269524293

43 B
370 B

37ms
36ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8033697424269524293

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Oct 2022 09:23:18 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2372377
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 24 Oct 2022 09:23:18 GMT
AN-X-Request-Uuid: 3d1c4344-4946-423d-a5ca-40fa926918fe
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8033697424269524293
Connection: keep-alive
X-Proxy-Origin: 31.204.153.100; 31.204.153.100; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame D250
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-g1ZgMx2xx5TlxHWaVwjOU7Nz6CsBxM-YyPcMJg
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-g1ZgMx2xx5TlxHWaVwjOU7Nz6CsBxM-YyPcMJg&C=1

43 B
766 B

32ms
32ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-g1ZgMx2xx5TlxHWaVwjOU7Nz6CsBxM-YyPcMJg&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 24 Oct 2022 09:23:19 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 24 Oct 2022 09:23:19 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=20&external_user_id=k-g1ZgMx2xx5TlxHWaVwjOU7Nz6CsBxM-YyPcMJg&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame D250
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-HfFjrB2xx5TlxHWaVwjOU7Nz6CsWer0CUH9r6g
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-HfFjrB2xx5TlxHWaVwjOU7Nz6CsWer0CUH9r6g

43 B
446 B

52ms
49ms

Image
image/gif

54.76.243.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-HfFjrB2xx5TlxHWaVwjOU7Nz6CsWer0CUH9r6g
Protocol: H2
Server: 54.76.243.127 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-243-127.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 24 Oct 2022 09:23:19 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-HfFjrB2xx5TlxHWaVwjOU7Nz6CsWer0CUH9r6g
date: Mon, 24 Oct 2022 09:23:19 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 cksync.php
contextual.media.net/ Frame D250 45 B
787 B 166ms
77ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-2P8GXx2xx5TlxHWaVwjOU7Nz6CsXWGUZP7NX2g

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 24 Oct 2022 09:23:19 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 45
x-mnet-hl2: E
expires: Mon, 24 Oct 2022 09:23:19 GMT

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame D250 0
885 B 117ms
37ms Image
text/html 18.198.129.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-Fzm76R2xx5TlxHWaVwjOU7Nz6CsBRPDOHDSD7w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.129.196 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-129-196.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:18 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame D250 0
145 B 430ms
96ms Image
text/plain 64.202.112.63
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-cmOpoh2xx5TlxHWaVwjOU7Nz6CuCu68ATWSi7Q
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 24 Oct 2022 09:23:19 GMT
Cache-Control: no-cache
X-TraceId: 841229fef9d2e47d4ef68862dfa0cb07
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame D250 0
225 B 249ms
29ms Image
text/html 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-7Y3GbR2xx5TlxHWaVwjOU7Nz6CuA-4DcYjrHvw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Mon, 24 Oct 2022 09:23:19 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame D250 0
239 B 132ms
34ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-mRawJB2xx5TlxHWaVwjOU7Nz6CtIgRFhItV95g&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame D250 0
35 B 132ms
32ms Image
text/plain 18.198.155.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-Eil5ex2xx5TlxHWaVwjOU7Nz6CsW8z_hAmp3HA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.155.96 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-155-96.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:19 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame D250 43 B
163 B 170ms
31ms Image
image/gif 185.86.137.133
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-q2T6Kx2xx5TlxHWaVwjOU7Nz6Cs65zWJGxTqfw
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:18 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame D250 0
99 B 96ms
23ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-nMpSaR2xx5TlxHWaVwjOU7Nz6CtwJQNdEIAg4w
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:19 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 22693

GET
H2 200 um
criteo-sync.teads.tv/ Frame D250 23 B
172 B 194ms
53ms Image
image/gif 104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-6QjBRx2xx5TlxHWaVwjOU7Nz6Csvwd2EhrPYww
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires: Mon, 24 Oct 2022 09:23:19 GMT
pragma: no-cache
date: Mon, 24 Oct 2022 09:23:19 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame D250 37 B
140 B 130ms
31ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-LOj8ax2xx5TlxHWaVwjOU7Nz6CteG6Z2RbFEJQ&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame D250
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-MVqZbR2xx5TlxHWaVwjOU7Nz6Cv-nIdGNSmW9A
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-MVqZbR2xx5TlxHWaVwjOU7Nz6Cv-nIdGNSmW9A&verify=true

0
121 B

34ms
34ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-MVqZbR2xx5TlxHWaVwjOU7Nz6Cv-nIdGNSmW9A&verify=true

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:19 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-MVqZbR2xx5TlxHWaVwjOU7Nz6Cv-nIdGNSmW9A&verify=true
date: Mon, 24 Oct 2022 09:23:19 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame D250 43 B
162 B 122ms
37ms Image
image/gif 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-YPrQrB2xx5TlxHWaVwjOU7Nz6CubRAWDZowofQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:19 GMT
last-modified: Thu, 28 Jul 2022 12:09:37 GMT
server: nginx
accept-ranges: bytes
etag: "62e27c81-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame D250 49 B
235 B 107ms
32ms Image
image/gif 185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-8bBwRx2xx5TlxHWaVwjOU7Nz6Csi3U5leOwOFw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Oct 2022 09:23:18 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
content-length: 49
expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame D250
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=_bagcjP2s0RIMaWaMEtah6vr29jdYjWq
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=_bagcjP2s0RIMaWaMEtah6vr29jdYjWq

42 B
943 B

50ms
50ms

Image
image/gif

54.229.34.254
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=_bagcjP2s0RIMaWaMEtah6vr29jdYjWq

Protocol

HTTP/1.1

Server

54.229.34.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-229-34-254.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v044-066fbe967.edge-irl1.demdex.com 10 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 2aXKBSyuSZ8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v044-03c2552b2.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: tCtUAczbQrg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=_bagcjP2s0RIMaWaMEtah6vr29jdYjWq
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame D250 43 B
1 KB 107ms
32ms Image
image/gif 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-rwD3eh2xx5TlxHWaVwjOU7Nz6Ctghyf24dNNbA

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Mon, 24 Oct 2022 09:23:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2 200 sync
matching.ivitrack.com/ Frame D250 42 B
274 B 114ms
32ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-uCTn6R2xx5TlxHWaVwjOU7Nz6Cu8dFQZDvPX8w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:18 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame D250 43 B
183 B 322ms
100ms Image
image/gif 2600:1f18:612b:4264:66bb:59e8:78b3:92f5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-Ep7S_h2xx5TlxHWaVwjOU7Nz6CvGucqiy8eczQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:66bb:59e8:78b3:92f5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Mon, 24 Oct 2022 09:23:19 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame D250 0
360 B 110ms
39ms Image
text/plain 184.24.4.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-JZ9kPx2xx5TlxHWaVwjOU7Nz6CsWn9VtQK3VIA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.24.4.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-4-64.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 24 Oct 2022 09:23:19 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Sun, 23 Oct 2022 09:23:19 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame D250 43 B
220 B 171ms
40ms Image
image/gif 99.80.140.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-sd8vOh2xx5TlxHWaVwjOU7Nz6CvFTBE2oOOjiQ&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.140.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-140-177.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 24 Oct 2022 09:23:19 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

OPTIONS
H2 204 /
api.rudderstack.com/sourceConfig/ Frame 0
0 173ms
64ms Preflight 108.138.36.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rudderstack.com/sourceConfig/?p=cdn&v=2.17.0&writeKey=27BbHNFQswxOZIJ3E5PWcaBRWWe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-81.muc50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://eu.redmagic.gg
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin: *
access-control-max-age: 900
age: 143
date: Mon, 24 Oct 2022 09:20:56 GMT
vary: Origin
via: 1.1 ba1081cbdcd39cc4928b65493cb81558.cloudfront.net (CloudFront)
x-amz-cf-id: ICioZiySP85hV-ofux2U1pV-Yp-7yUDpjqoM9f4gf2cjRc_FKWnmSw==
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
x-request-id: 2a24ddf0-537d-11ed-a5f8-0f29a8a8ea20

GET
H2 200 / Show response
api.rudderstack.com/sourceConfig/ 2 KB
2 KB 74ms
73ms XHR
application/json 108.138.36.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rudderstack.com/sourceConfig/?p=cdn&v=2.17.0&writeKey=27BbHNFQswxOZIJ3E5PWcaBRWWe

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-81.muc50.r.cloudfront.net

Software

Resource Hash

59a0bc3dfd9f7f7a07767c3a1217c24a4d0ea05a3b4ecc115fca19ba69d39a6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eu.redmagic.gg/
accept-language: nl-NL,nl;q=0.9
Authorization: Basic MjdCYkhORlFzd3hPWklKM0U1UFdjYUJSV1dlOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:20:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 ba1081cbdcd39cc4928b65493cb81558.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 143
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
content-length: 1811
x-xss-protection: 1; mode=block
x-request-id: 2a5a93f0-537d-11ed-8f70-5989ba812739
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
x-amz-cf-id: aSOwjp_Dhkp_-twzA84TZbdiF2o1zFGfiyAwHWe3r2b-t_R0vhqDyA==

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 153ms
34ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: rudder-tracking.rudderstack.com
URL: https://rudder-tracking.rudderstack.com/load?writeKey=27BbHNFQswxOZIJ3E5PWcaBRWWe&dataPlaneUrl=fstlnlevamfhl.dataplane.rudderstack.com&shop=redmagic-gaming.myshopify.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 08:06:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4604
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 08:06:35 GMT

POST
H3 200 produce
eu.redmagic.gg/.well-known/shopify/monorail/v1/ 0
561 B 166ms
164ms Ping
text/plain 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://eu.redmagic.gg/.well-known/shopify/monorail/v1/produce

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eu.redmagic.gg/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 24 Oct 2022 09:23:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west4,us-east1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 1312358460
x-request-id: 7cae851c-4809-4625-88a3-d6ba61354332
server: cloudflare
x-download-options: noopen
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://eu.redmagic.gg
access-control-allow-credentials: true
cf-ray: 75f1a72c09b0b767-AMS
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
x-sorting-hat-podid: 199

POST
H2 200 page Show response
fstlnlevamfhl.dataplane.rudderstack.com/v1/ 2 B
176 B 110ms
110ms XHR
text/plain 3.213.5.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fstlnlevamfhl.dataplane.rudderstack.com/v1/page
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.5.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-5-165.compute-1.amazonaws.com
Software: openresty/1.21.4.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://eu.redmagic.gg/
accept-language: nl-NL,nl;q=0.9
Authorization: Basic MjdCYkhORlFzd3hPWklKM0U1UFdjYUJSV1dlOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
AnonymousId: NjBmZWU0MTgtZWUzNC00MDI0LTkwMjItZDY2Y2I0M2U5Yzdj
Content-Type: application/json

Response headers

access-control-allow-origin: https://eu.redmagic.gg
date: Mon, 24 Oct 2022 09:23:19 GMT
access-control-allow-credentials: true
server: openresty/1.21.4.1
content-length: 2
vary: Origin
content-type: text/plain; charset=utf-8

OPTIONS
H2 200 page
fstlnlevamfhl.dataplane.rudderstack.com/v1/ Frame 0
0 342ms
101ms Preflight 3.213.5.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fstlnlevamfhl.dataplane.rudderstack.com/v1/page
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.5.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-5-165.compute-1.amazonaws.com
Software: openresty/1.21.4.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: anonymousid,authorization,content-type
Access-Control-Request-Method: POST
Origin: https://eu.redmagic.gg
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Anonymousid, Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://eu.redmagic.gg
access-control-max-age: 900
content-length: 0
date: Mon, 24 Oct 2022 09:23:19 GMT
server: openresty/1.21.4.1
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame D250
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=U2hXC9YtmwalG6yIzXkGsSVMMufsIMmK

0
338 B

262ms
40ms

Image
text/plain

52.48.197.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=U2hXC9YtmwalG6yIzXkGsSVMMufsIMmK
Protocol: H2
Server: 52.48.197.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-197-119.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by: beacon-n007-dub-prod.krxd.net
date: Mon, 24 Oct 2022 09:23:19 GMT
cache-control: private, no-cache, no-store
x-request-time: D=36 t=1666603399
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=U2hXC9YtmwalG6yIzXkGsSVMMufsIMmK
date: Mon, 24 Oct 2022 09:23:18 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1198472
content-length: 0

GET
H2

200

cs
s.thebrighttag.com/ Frame D250
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=8BGQbmfjCSK1VmlDRRBSlVd12AzIx6FB

35 B
268 B

350ms
115ms

Image
image/gif

3.143.128.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=8BGQbmfjCSK1VmlDRRBSlVd12AzIx6FB
Protocol: H2
Server: 3.143.128.248 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-143-128-248.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Oct 2022 09:23:19 GMT
x-bt-requestid: 7fcf8fc0-537d-11ed-9904-0000ac1700b3
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=8BGQbmfjCSK1VmlDRRBSlVd12AzIx6FB
date: Mon, 24 Oct 2022 09:23:19 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1172574
content-length: 0

POST
H2 204 collect Show response
k.clarity.ms/ 0
48 B 107ms
107ms XHR
text/plain 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://eu.redmagic.gg/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: https://eu.redmagic.gg
date: Mon, 24 Oct 2022 09:23:20 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

HEAD
H3 200 service-worker.js
eu.redmagic.gg/apps/pushowl/sdks/ 0
0 283ms
282ms Fetch
application/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://eu.redmagic.gg/apps/pushowl/sdks/service-worker.js?v=2&subdomain=redmagic-gaming

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eu.redmagic.gg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 09:23:23 GMT
via: 1.1 ac979e099d122e39d3a8fac95688a69a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west4,gcp-europe-west4
x-amz-cf-pop: AMS50-C1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 1312358460
x-request-id: 54283b0d-2aca-4d5c-8c0b-cb2f35a9cb39
server: cloudflare
etag: W/"13b2-fPGhGTu2u86jDzVp/t6Anr/jeN4"
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
x-server: ImageKit.io
timing-allow-origin: *
cf-ray: 75f1a748de5eb767-AMS
x-amz-cf-id: KcEQzZwduh5zcIFOFG2c7Wf15Phgc7FJ43k6xlH_roXwvV_hCl8BvA==
x-sorting-hat-podid: 199

POST events
api.pushowl.com/event/v1/ 0
0

OPTIONS
H2 200 events
api.pushowl.com/event/v1/ Frame 0
0 102ms
101ms Preflight
text/html 52.73.81.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pushowl.com/event/v1/events

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.73.81.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-73-81-232.compute-1.amazonaws.com

Software

gunicorn/20.0.4 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://eu.redmagic.gg
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
content-type: text/html; charset=utf-8
date: Mon, 24 Oct 2022 09:23:23 GMT
server: gunicorn/20.0.4
vary: Origin
x-content-type-options: nosniff

OPTIONS
H2 200 events
api.pushowl.com/event/v1/ Frame 0
0 102ms
102ms Preflight
text/html 52.73.81.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pushowl.com/event/v1/events

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.73.81.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-73-81-232.compute-1.amazonaws.com

Software

gunicorn/20.0.4 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://eu.redmagic.gg
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
content-type: text/html; charset=utf-8
date: Mon, 24 Oct 2022 09:23:23 GMT
server: gunicorn/20.0.4
vary: Origin
x-content-type-options: nosniff

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.pushowl.com
URL: https://api.pushowl.com/event/v1/events

Domain: api.pushowl.com
URL: https://api.pushowl.com/event/v1/events

Verdicts & Comments Add Verdict or Comment

203 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

85 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
eu.redmagic.gg/	1970-01-20 15:42:19	Name: secure_customer_sig Value:
eu.redmagic.gg/	1970-01-20 15:42:19	Name: localization Value: DE
eu.redmagic.gg/	1970-01-20 07:16:52	Name: cart_currency Value: EUR
.redmagic.gg/	1970-01-20 07:16:52	Name: _orig_referrer Value:
.redmagic.gg/	1970-01-20 07:16:52	Name: _landing_page Value: %2F
.redmagic.gg/	1970-01-20 15:42:19	Name: _y Value: 68863e81-35d1-4c5b-86e4-33641cee999e
.redmagic.gg/	1970-01-20 06:56:45	Name: _s Value: 9780e8f6-2d19-4d28-a336-237891ac2199
.redmagic.gg/	1970-01-20 15:42:19	Name: _shopify_y Value: 68863e81-35d1-4c5b-86e4-33641cee999e
.redmagic.gg/	1970-01-20 06:56:45	Name: _shopify_s Value: 9780e8f6-2d19-4d28-a336-237891ac2199
.redmagic.gg/	1970-01-20 06:56:45	Name: _shopify_sa_t Value: 2022-10-24T09%3A23%3A17.195Z
.redmagic.gg/	1970-01-20 06:56:45	Name: _shopify_sa_p Value:
.redmagic.gg/	1970-01-20 06:58:09	Name: _gid Value: GA1.2.153939631.1666603397
.redmagic.gg/	1970-01-20 09:06:19	Name: _gcl_au Value: 1.1.1880089170.1666603397
.redmagic.gg/	1970-01-20 09:06:19	Name: _fbp Value: fb.1.1666603397626.903735886
.bing.com/	1970-01-20 16:18:19	Name: MUID Value: 2E80D374D7F86C6B0B17C133D6386D19
.redmagic.gg/	1970-01-20 15:42:19	Name: _hjSessionUser_2975253 Value: eyJpZCI6IjQzZjFmYjk1LTFkODYtNTk0MC1hM2M3LWRjNTMwMjM1ZTNlNyIsImNyZWF0ZWQiOjE2NjY2MDMzOTc1ODksImV4aXN0aW5nIjpmYWxzZX0=
.redmagic.gg/	1970-01-20 06:56:45	Name: _hjFirstSeen Value: 1
eu.redmagic.gg/	1970-01-20 06:56:43	Name: _hjIncludedInSessionSample Value: 0
.redmagic.gg/	1970-01-20 06:56:45	Name: _hjSession_2975253 Value: eyJpZCI6IjkxZmRlMzgzLTllYjUtNDU0ZC05NTRjLTEzMmI2YmE3NDgxZiIsImNyZWF0ZWQiOjE2NjY2MDMzOTc2MzQsImluU2FtcGxlIjpmYWxzZX0=
eu.redmagic.gg/	1970-01-20 06:56:43	Name: _hjIncludedInPageviewSample Value: 1
.redmagic.gg/	1970-01-20 06:56:45	Name: _hjAbsoluteSessionInProgress Value: 1
.redmagic.gg/	1970-01-20 06:58:09	Name: _uetsid Value: 7e7d72c0537d11eda7739b4dced09e47
.redmagic.gg/	1970-01-20 16:18:19	Name: _uetvid Value: 7e7d94c0537d11edaa366b5b23edc058
.redmagic.gg/	1970-01-20 06:56:43	Name: _gat Value: 1
.redmagic.gg/	1970-01-20 16:32:43	Name: _ga_TYNV4XZPCD Value: GS1.1.1666603397.1.0.1666603397.60.0.0
.redmagic.gg/	1970-01-20 16:32:43	Name: _ga Value: GA1.1.1037914529.1666603397
.redmagic.gg/	1970-01-20 09:06:19	Name: _rdt_uuid Value: 1666603397812.a8ca0622-b827-4ae1-9a0b-8da0dd661a7f
.twitter.com/	1970-01-20 16:32:43	Name: personalization_id Value: "v1_/5nnw5k8R30Ea2DESfRdew=="
.t.co/	1970-01-20 16:32:43	Name: muc_ads Value: 96166702-948b-45d8-8867-9a1b0d640b31
.criteo.com/	1970-01-20 16:18:19	Name: uid Value: a05b4595-9479-406e-a50c-80836ace78a7
www.clarity.ms/	1970-01-20 15:42:19	Name: CLID Value: bc6d1a2f6fc546a1a8d0a1fd225fb2df.20221024.20231024
.redmagic.gg/	1970-01-20 16:26:07	Name: cto_bundle Value: Q4E5cV9YaW4wUUt4S2NFa3VpT292MzZZalBUWnd0M2d1VVVNM1RFcmZFaDJ0WnNpWmxrdklhdTNQSEw5MzYyTERWUWRzbXl0S25rVGNwJTJGJTJCNVhxWFZTdmdqU2JpZmpWa1lBQkZEa3VPRDV0M2lNVGZTS1pJWHNyVFp0UmZCQWtCRTVIeiUyQnpuaTJuUmI4U0RacGVjMG8weGJYOXclM0QlM0Q
.redmagic.gg/	1970-01-20 15:42:19	Name: _clck Value: 1ptjyjm\|1\|f5z\|0
eu.redmagic.gg/	1970-01-20 15:42:19	Name: affclick Value: null
eu.redmagic.gg/	1970-01-20 15:42:19	Name: c Value: 0Nue93g8-1666603398478-50772d842140e-1355774412
eu.redmagic.gg/	1970-01-20 15:42:19	Name: po_visitor Value: AC9fpV3T31Wj
.c.bing.com/	1970-01-20 16:18:19	Name: SRM_B Value: 2E80D374D7F86C6B0B17C133D6386D19
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 16:18:19	Name: MUID Value: 2E80D374D7F86C6B0B17C133D6386D19
.c.clarity.ms/	1970-01-20 06:56:43	Name: ANONCHK Value: 0
.redmagic.gg/	1970-01-20 06:58:09	Name: _clsk Value: 17fw0a\|1666603398817\|1\|1\|k.clarity.ms/collect
.redmagic.gg/	1970-01-20 15:42:19	Name: rl_user_id Value: RudderEncrypt%3AU2FsdGVkX1%2BvPEodzFIEtWm65m5eDLnQj4fJGE4J8xQ%3D
.redmagic.gg/	1970-01-20 15:42:19	Name: rl_trait Value: RudderEncrypt%3AU2FsdGVkX1%2B7sKmRP7xdfa9HEvcgiRsnxqfrHJUg9bg%3D
.redmagic.gg/	1970-01-20 15:42:19	Name: rl_group_id Value: RudderEncrypt%3AU2FsdGVkX1%2BtKETyyYe%2BUmUCtmlkHlQUmEKoW%2FFr6Xs%3D
.redmagic.gg/	1970-01-20 15:42:19	Name: rl_group_trait Value: RudderEncrypt%3AU2FsdGVkX184QJnnuWa8P50%2B8uWbIr40KArwek6rWJs%3D
.redmagic.gg/	1970-01-20 15:42:19	Name: rl_anonymous_id Value: RudderEncrypt%3AU2FsdGVkX19Hm33KPHn0HUNeK5bIOI2%2Bwj7BOtCxa1N%2BsNB1oG4jfaROIT%2FYoZz5vWiwZLKo1iw%2BQci%2BOrg7UA%3D%3D
.redmagic.gg/	1970-01-20 15:42:19	Name: rl_page_init_referrer Value: RudderEncrypt%3AU2FsdGVkX18uOB1ztgrDak2PH2QpbQpbAMPI1esgoBs%3D
.redmagic.gg/	1970-01-20 15:42:19	Name: rl_page_init_referring_domain Value: RudderEncrypt%3AU2FsdGVkX1867mF9lVAOI4g4NK%2F%2FSuKvFgG4616Ma%2Fs%3D
.adnxs.com/	1970-01-20 09:06:19	Name: uuid2 Value: 8033697424269524293
exchange.mediavine.com/	1970-01-20 07:16:52	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%227f461470-537d-11ed-b830-e7e0e062f6cb%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 07:16:52	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%227f461470-537d-11ed-b830-e7e0e062f6cb%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 07:16:52	Name: am_tokens Value: %7B%22mv_uuid%22%3A%227f461470-537d-11ed-b830-e7e0e062f6cb%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 07:16:52	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%227f461470-537d-11ed-b830-e7e0e062f6cb%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 07:16:52	Name: criteo Value: %7B%22id%22%3A%22k-Fzm76R2xx5TlxHWaVwjOU7Nz6CsBRPDOHDSD7w%22%2C%22version%22%3A%22criteo%22%7D
.doubleclick.net/	1970-01-20 16:18:19	Name: IDE Value: AHWqTUmshqc8vRJLNyDNOInHyzvGPeb4wnugrxVmKu5NY6DQjt9ubHJDyExSjSoXlsY
.casalemedia.com/	1970-01-20 15:42:19	Name: CMID Value: Y1ZZh.GafSH7P3.gH66RZgAA
.casalemedia.com/	1970-01-20 09:06:19	Name: CMPS Value: 5285
.casalemedia.com/	1970-01-20 09:06:19	Name: CMPRO Value: 5285
.media.net/	1970-01-20 15:42:19	Name: visitor-id Value: 3096049980230825000V10
.media.net/	1970-01-20 07:39:55	Name: data-c-ts Value: 1666603398
.media.net/	1970-01-20 07:39:55	Name: data-c Value: k-2P8GXx2xx5TlxHWaVwjOU7Nz6CsXWGUZP7NX2g~~3
.360yield.com/	1970-01-20 09:06:19	Name: tuuid Value: 4f53edb0-0fb1-4627-9b20-8813b47d78b0
.360yield.com/	1970-01-20 09:06:19	Name: tuuid_lu Value: 1666603399
.bidswitch.net/	1970-01-20 15:42:19	Name: tuuid Value: 2b98abb4-09f4-4b48-8bda-af7b72b32ad4
.bidswitch.net/	1970-01-20 15:42:19	Name: c Value: 1666603399
.bidswitch.net/	1970-01-20 15:42:19	Name: tuuid_lu Value: 1666603399
.redmagic.gg/	1970-01-20 15:42:19	Name: rl_session Value: RudderEncrypt%3AU2FsdGVkX1%2FJbrUWUBaZbPerlWcDO3ywIoqGG0Dt%2BIbgQLAiZ482gMfnaOmES1m6SVc3QDspmQswKaXKaqqaFUa0t8RgUe1zrOqWU2iTH%2FF9Cl%2BUmuQgQ4SKdg%2Fr%2BfCVHFIzsCUJZdXnOZ9i59Vmgg%3D%3D
.360yield.com/	1970-01-20 09:06:19	Name: um Value: !38,OOmngNUV.8UEAhvac97kSA8pp0gnctE4fGoHTetwl5zJPT3KDahdDIyJS2DcpGUAwN9IliCe,1674379399
.360yield.com/	1970-01-20 09:06:19	Name: umeh Value: !38,0,1728811399,-1
eu.redmagic.gg/	1970-01-20 06:56:45	Name: keep_alive Value: cf2177c0-ea91-4ad5-9f57-3bcf1cf7d8ba
usafp.tongdun.net/	1970-01-20 15:42:19	Name: _fmdata Value: DNGne1LxAIeKCIhn9sM+u8flJ6rxlDq4XCxatFr/fBMS1IDopqLWEmnzaFHhOLPgklKkbRYjEEeyZpbyJR572A==
usafp.tongdun.net/	1970-01-20 15:42:19	Name: c Value: 0Nue93g8-1666603398478-50772d842140e-1355774412
usafp.tongdun.net/	1970-01-20 15:42:19	Name: _xid Value: ftwfFJdGYF3sAgG12qNskhW+beZ7zBfsBu8htWLgGcI=
eu.redmagic.gg/	1970-01-20 15:42:19	Name: _fmdata Value: DNGne1LxAIeKCIhn9sM%2Bu8flJ6rxlDq4XCxatFr%2FfBMS1IDopqLWEmnzaFHhOLPgklKkbRYjEEeyZpbyJR572A%3D%3D
.demdex.net/	1970-01-20 11:15:55	Name: demdex Value: 47828921146804987483159679683296877081
.yahoo.com/	1970-01-20 15:42:40	Name: A3 Value: d=AQABBIdZVmMCEKl5tE4N-cPOJeqQH2Boh-UFEgEBAQGrV2NgYwAAAAAA_eMAAA&S=AQAAApI5HuDlqUQB0Pcr6xFdDVY
.id5-sync.com/	1970-01-20 06:56:43	Name: cf Value:
.id5-sync.com/	1970-01-20 06:56:43	Name: cip Value:
.id5-sync.com/	1970-01-20 06:56:43	Name: cnac Value:
.id5-sync.com/	1970-01-20 06:56:43	Name: car Value:
.id5-sync.com/	1970-01-20 06:56:43	Name: gdpr Value:
.id5-sync.com/	1970-01-20 06:56:43	Name: callback Value:
.analytics.yahoo.com/	1970-01-20 15:42:19	Name: IDSYNC Value: 18zh~27w9
.dpm.demdex.net/	1970-01-20 11:15:55	Name: dpm Value: 47828921146804987483159679683296877081
.krxd.net/	1970-01-20 11:15:55	Name: _kuid_ Value: PKCR4i0R

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://eu.redmagic.gg/a/fstln_dock/api/promotion/cart Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ad.yieldlab.net
ajax.googleapis.com
alb.reddit.com
analytics.twitter.com
api.pushowl.com
api.rudderstack.com
bat.bing.com
beacon.krxd.net
c.bing.com
c.clarity.ms
cdn.judge.me
cdn.langshop.app
cdn.lenmit.com
cdn.pushowl.com
cdn.shopify.com
chimpstatic.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
eb2.3lift.com
eu.redmagic.gg
exchange.mediavine.com
feed.omegacommerce.com
fonts.googleapis.com
fonts.gstatic.com
fstlnlevamfhl.dataplane.rudderstack.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
in.hotjar.com
k.clarity.ms
manychat.com
match.sharethrough.com
matching.ivitrack.com
monorail-edge.shopifysvc.com
mug.criteo.com
pixel.rubiconproject.com
r.casalemedia.com
redmagic.gg
region1.analytics.google.com
rtb-csync.smartadserver.com
rudder-tracking.rudderstack.com
s.thebrighttag.com
script.hotjar.com
script.tapfiliate.com
simage2.pubmatic.com
socialplugin.facebook.net
sslwidget.criteo.com
static.ads-twitter.com
static.hotjar.com
static.shareasale.com
statics.a8.net
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
t.co
ups.analytics.yahoo.com
usafp.tongdun.net
vars.hotjar.com
vc.hotjar.io
visitor.omnitagjs.com
widget.manychat.com
widget.us.criteo.com
www.artfut.com
www.clarity.ms
www.dwin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
www.redditstatic.com
x.bidswitch.net
z.lenmit.com
api.pushowl.com
104.16.226.72
104.244.42.195
104.244.42.197
104.75.89.75
107.22.52.107
108.138.36.81
108.138.7.31
13.224.189.10
13.32.121.7
141.226.228.48
141.95.98.64
142.250.186.98
143.204.89.36
144.217.255.176
151.101.1.140
162.159.130.71
162.159.135.68
178.250.0.147
178.250.0.163
178.250.2.146
18.185.191.84
18.193.243.10
18.198.129.196
18.198.155.96
18.66.112.110
184.24.2.119
184.24.4.64
185.255.84.153
185.26.99.247
185.64.190.80
185.80.39.216
185.83.142.19
185.86.137.133
188.114.97.3
199.232.136.157
2.18.235.93
20.234.93.27
20.96.88.162
2001:4860:4802:34::36
23.227.38.74
2600:1f18:612b:4264:66bb:59e8:78b3:92f5
2600:9000:2240:3800:7:6365:89c0:93a1
2600:9000:225e:be00:f:8ce2:fb80:93a1
2606:4700:20::681a:6d
2606:4700:20::681a:ed4
2606:4700:3032::6815:1586
2620:100:a001::17
2620:1ec:49::45
2620:1ec:c11::200
2a00:1450:4001:806::200e
2a00:1450:4001:80e::2004
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2003
2a00:1450:400c:c07::9d
2a02:2638:1::13
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:400::396
2a0b:4d07:101::1
3.126.56.137
3.143.128.248
3.213.5.165
34.117.157.22
37.157.2.234
52.17.231.22
52.205.170.131
52.222.214.79
52.48.197.119
52.73.81.232
54.229.34.254
54.76.243.127
64.202.112.63
69.173.144.165
76.223.111.18
99.80.140.177
000f04a739c4ecb3219000e6bf9d00b9032f7840012b5d72002c95e898ca5f27
034af0f6166edfe3a7377552238a4665ea76d8f8105d93b0c4460be2d30140fa
065c3e514d28dd6161d697b6cc57d0511b5309d2bbf7be85788b6ebfb7267981
0a7134aabab87904238351f91e822a5021ad0c0872e06691fb24172e57136381
0c58d9a6a27b21a21825f1e28b75b47bd2a97e782bb2e907d1719ed0775b870a
0f166b9c6386b6fc4d6b73c6f9861d6178a19beaf18180b9e2e08c13b0fc5877
0f5e6f6188ca69fe3e55bf6c1872da4abf101efe766a8317f116b24ceae7fb6b
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
149856d8ae987a270448e87218f4046444d4582f9d1b7c59a1c54e82d157b2e4
159770a84040dbb0036a9690d15ddaa8bea21c3c3e034289dad77af1a2940826
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
167be847bdc2a79ca463b7827b64d35cb59b7cb9fc0f1bba354fb557b3b7488b
1cbfb9fddbe542d5a58e8118d118aa1d6fd938c135af54d8264f6148143c5a9d
1e8ec7d7b9c38d0f958c28ba6ded0d0a5e7d07fe9db92882bacd57c9d0d597f7
1eefac538de89bf8bb22e154cb84cf0b5fd1326d12113b63d30e9a1e2a41ac87
22e859a5c7d07561df58aba864c5c575817994ec08fe96edf769f7167e5ad135
28ce23ce073ab795fc6e49485c0ba2a48db59d46fa14f12f486828769280d76e
2ac90b1915612b2d290323ec0c20ecdfa541e78cbca8c25db7a71d32fd242257
2af7d84324373ac147483647db9a5536005160e4e8bc972316e7f26313ece06d
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
30d31eb6c11df6156d1a8616666104c6d44a53c1b0a8e1b5e09ad693836cface
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
37b4f27bf19fb86a2bf1c1ffc5d7b253fb9720a869908ea82079d4c0aa60d4b8
3d074e9f5ff5b030570394f1a829f19057aace9dedb7d04d09c0d282e14c6e5f
3d4f19e27ee9a32aa646c33e89666ff5b295cfd9d96cb4a983edb4ae3c011dbd
403789936a1cbecc4192554bcb081e7992f19df491b7a9fa52e98c678d54949b
404bb3c18e084729d8a453c805656c0ac6d4ee0680eebdecbd119adb41e68644
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d
44798a517a7c8d28c1e371a1b8b869bae1608bd48df7ed50800cbed8703612c1
45997e05e4d2f3b83cd54cedfec7162c55a9c64f660a1025f4468abe3343b98c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f0fb38fe566d6fde0a67fc1c73371fc07083fd97ba90b241f02950884f63bbf
52cea2e63fec4f8589406792b5194db66255cfb26b6a33b7971260a3852c7ba5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
59a0bc3dfd9f7f7a07767c3a1217c24a4d0ea05a3b4ecc115fca19ba69d39a6a
5b7d26f78ff30d6f3b51fbc4d0f2552524fddfa03a3da4bbf5b76a1d86a7148c
5f27f32f932651c06b1a5b5932ec8f37c82b93e4968ff65ac52a7ec05ce5979b
5f51c31795f6f7cf4fe436ef75f73fc490d3ca3a4dd6028b815518b50bf4f316
606713e2a08b30b6b17368722dcfb327e6c8cd2649e2c5820e5a9d537becc880
61e6d4f2146225de9230d4e0756082be120ddf650b57ea54c5760bf0f9c830f7
639785aa0d683a5d24bcbe96629d8d07fd8eefd12499bd97606e65f9373a5112
65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f
660c6519d91af540602b10d86b594fc2c1f936316419779b25915081355b19cd
7037e6cfd6d77a4a274818449c2aaff2faa211b6d746334a89573bf5e49239f7
790b307dc5bf04ac8407a9c65625b28bc7ee04487eebf9473ae7438b7cd18647
7e6da53eb83f5a1a41f316900196d17d90eaaac778c4309f86df807d45fcf7a2
7f64deb3b5a61396ff3261326ee0cc226d964df9f0aff07cff0bd8a138876d93
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
87164479c8b2da402db3ba52a30233dda0cc3625a6466668f597a38815406589
87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae
8987fab769dc12a7adc515e1cb28a29870d2e70dd296beb79b61d399f16d2391
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ab222994fb9b239f4fe91bcff0dcbdb58045093b99a4e432c35ca70151fe5a7
8b5087bba6022fa1fc16ff07f9d44ea987ca7811d324a61711cbfed6800f2e99
90db753cd662ca613f41d7a515753a3a3c29350d9caccec85ed67fa8c29c7c15
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b04c16db1e9c77d18a7fc289032814463aadec19425c5b9864c47900591277b
9dde290518ca88ed8e0ba23350560cef9f4081ed78fc718125c4a32dcd92c227
9ec35dd74587fa332c653eb89cd221cc9f087e68c59af297d1086ca38e2f8c82
9fffd275f2b69d3f0a5cc883d22aa3de16e90f537b40bf4105a98571d5232ca7
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4fd5eabc1dae6f943b1a9a1975d4dd51c7069639eb422de5f6c79da7e5841e5
a75759d1e9d34d1fdf3cdd64d3a1e7736a858c9c8eaad95b12b5b6e1ef652c2e
a9106f8201be70decee33d6db0ed15214e640fb5760a3ee0492dcfb6ca7b8ad0
ab38017af3cf759db0af0bbd1e75229f6a189f5bf1f2db42169630998b969021
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af53d114f9149ed441c512d5f7a285a8e8cec5a1e643df9aeb73e17b8994c974
b0b6c1bd71b1382d5188db485fbcfbb8129797c47ecc797a8d8ebdb7bf80753b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b34a7582863d7a2d824f3b18a4c4df040fa1a3313720cf9d4370e6670f5146fd
b367b67e71f695a3fe13096d2e5b7d52221641f32df30227a9716e88c1fe11a2
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b61286559f378b8a2dafc14e7976b34a5d1bd0a0e466588e8c26124d43c412c1
b901e3c83deb592678dd64604057877f96e35b45060ed74477f1f1819797dffc
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be0fe87e4c742c12286fb3d9d161a9918fa9279b57c678f102f8f1160bfd37dc
bef476ec3cca40a08e1dff35c707c24d5774e788c57febdb54874e90402a6af2
bf4776d550bba4dd534ec14b8f6724f5e719372f879541853fa8a44b786f0070
c0a4830af55fb7faabcbe34e804d186959aac83e6832495817e0e62122d2748f
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c3423e2830e0e8512380b5995774e5d31c763daf4acf434d145a6c2e2fbbfa35
c6c30d97f9c9013accd8af8a64de2b09e09a0c2f6fb668e23b5a6ef33882ff54
cbc4947c10294821006c9752cf325c1038d3172c533510c0822b0c23282bc4b1
cc8a16ce849d72f106bd67187e4b60c20da3093375202bf0b53f23e8f40a8b11
cdaab024c0121953419a4a1094ffe2ee9a902df55ee79d792e411bac835b9134
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d142acfef8da1b404752886698d01217bc13f57c83bea3d8008ee2b638c0c940
d2b60a4023ee76ae459f972575b63c9033bf568773862e278e479b91577856e3
d73f9d83affe674000559d4bd566b7509d85e7cd3c0856410f3b08f242e102a7
d8c983742d070d8f19602123c0afd3b1222fc3ad2cfc9c397bd6aede4f253d2d
d96016d112189c25f59f156c345b0442cd4bcd2cb0637f3e1f0bf5a97176171b
d9fbe6f01fab522ccf5e5da9f91027c248907710ca8464f45c5274ca208d0b7b
dbc57c5c552d1131081720d4b51bfb500a176dfa100f892a12f3ebf32929bc8d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6dd7454d8e29517c68bdc52eb3595aafeaecdf047169b3b3058edc8aaa1f29f
e90b0b8e7b426e816f5fd2798e2adc38bc1d4d2cc9f59aa06eea006fa58bdfed
e9a1d1e6ce35321fcae0d375d7882bc63f86ceb8a94be3948d6aaed013562128
ec3c885acb0bb9b18ea84c2be03870856af8138051e3986ce202f7577522f553
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f433122da8de4f7e86aaa0422f1a1a782729938a6cf58632a1f591178b5b91f8
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6b1300d909d9777dd97614dc1778aaa570ea95e65a9d63958c716f599b8f400
f8486cf55c57486f26236be045e02ada380d1ee0378008375cf54295c23954c8
f9886d01aef8bff0e2c37cf6d7ecd24386a2cdd3da054e2fe3ca11c2f9ac456f
faa07cc8277b2637e78b1984917145a224dbd8ec28be3f16bdc2fc5df059daec
fb2962eae920b1ce8712642eea20121f0c4dcd0ca0f55c963888c94ec6b405b8
fb9c3576c246ccc12635261805a62bc0d99bd51841277e88f4d92f6ef8adea80

eu.redmagic.gg Open in urlscan Pro 23.227.38.74 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

163 Requests

91 %HTTPS

31 %IPv6

61 Domains

83 Subdomains

78 IPs

11 Countries

2115 kBTransfer

6174 kBSize

85 Cookies

14 Outgoing links

Page URL History

Redirected requests

163 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

eu.redmagic.gg Open in urlscan Pro
23.227.38.74 Public Scan

Screenshot
Live screenshot

Full Image

163
Requests

91 %
HTTPS

31 %
IPv6

61
Domains

83
Subdomains

78
IPs

11
Countries

2115 kB
Transfer

6174 kB
Size

85
Cookies

163 HTTP transactions
4 data transactions