promo.libertex.org Open in urlscan Pro
2606:4700::6811:900c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bestnewsonline.net/forlibertexlatam/?lang=es&offer_id=88&aff_id=1205&gcam=857-869-4554&utm_source=bestonlinenews&ut...
Effective URL:
https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c...
Submission: On October 11 via manual (October 11th 2023, 11:11:19 pm UTC) from CO — Scanned from DE

Summary HTTP 128 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 58 IPs in 9 countries across 49 domains to perform 128 HTTP transactions. The main IP is 2606:4700::6811:900c, located in United States and belongs to CLOUDFLARENET, US. The main domain is promo.libertex.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 29th 2023. Valid for: a year.

This is the only time promo.libertex.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3035::ac43:cde2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3036::6815:3dc8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.234.86.61 35.234.86.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
32	2606:4700::68... 2606:4700::6811:900c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2600:9000:223... 2600:9000:223e:6800:7:2bfb:7c00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6811:910c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a04:4e42::300 2a04:4e42::300	54113 (FASTLY) (FASTLY)
1 2	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
3	2400:52e0:1e0... 2400:52e0:1e00::1081:1	200325 (BUNNYCDN) (BUNNYCDN)
5	23.38.98.14 23.38.98.14	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
1	18.66.97.37 18.66.97.37	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
4	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	13.32.27.19 13.32.27.19	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.67 18.66.112.67	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
5	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	193.108.153.24 193.108.153.24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:d::10 2a02:2638:d::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4 5	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1 1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	3.68.49.182 3.68.49.182	16509 (AMAZON-02) (AMAZON-02)
2 3	185.89.210.141 185.89.210.141	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2.18.96.18 2.18.96.18	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	52.29.178.177 52.29.178.177	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.102 185.86.139.102	201081 (SMARTADSE...) (SMARTADSERVER)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1	37.157.6.233 37.157.6.233	198622 (ADFORM) (ADFORM)
1	63.34.140.194 63.34.140.194	16509 (AMAZON-02) (AMAZON-02)
1 2	104.18.26.193 104.18.26.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	52.210.204.82 52.210.204.82	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
1	54.194.37.177 54.194.37.177	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.57.7.25 52.57.7.25	16509 (AMAZON-02) (AMAZON-02)
1	44.194.62.128 44.194.62.128	14618 (AMAZON-AES) (AMAZON-AES)
1	70.42.32.223 70.42.32.223	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2600:1f18:612... 2600:1f18:612b:4216:7b35:6241:9161:5be7	14618 (AMAZON-AES) (AMAZON-AES)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	23.32.185.192 23.32.185.192	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.246.73.161 34.246.73.161	16509 (AMAZON-02) (AMAZON-02)
1	52.31.202.102 52.31.202.102	16509 (AMAZON-02) (AMAZON-02)
1	18.223.127.73 18.223.127.73	16509 (AMAZON-02) (AMAZON-02)
128	58

1 2606:4700:3035::ac43:cde2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

bestnewsonline.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:3dc8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

track.tenxaffiliates.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.234.86.61 (Frankfurt am Main, Germany) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.86.234.35.bc.googleusercontent.com

go.libertex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2606:4700::6811:900c (United States)

ASN13335 (CLOUDFLARENET, US)

promo.libertex.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lib.libertex.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tealium-proxy.libertex.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2600:9000:223e:6800:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:910c (United States)

ASN13335 (CLOUDFLARENET, US)

api-account.libertex.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-geo.libertex.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

11442981.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2400:52e0:1e00::1081:1 (Germany)

ASN200325 (BUNNYCDN, SI)

a.opmnstr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.38.98.14 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-38-98-14.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-37.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-19.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.67 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-67.fra56.r.cloudfront.net

api.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.108.153.24 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-24.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::c (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.68.49.182 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-49-182.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.141 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.96.18 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-96-18.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.178.177 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-178-177.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.102 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.34.140.194 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-140-194.eu-west-1.compute.amazonaws.com

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.26.193 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.210.204.82 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-204-82.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.37.177 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-37-177.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.7.25 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-7-25.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.194.62.128 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-62-128.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.223 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:7b35:6241:9161:5be7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.185.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-192.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.246.73.161 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-73-161.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.202.102 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-202-102.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.223.127.73 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-223-127-73.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	libertex.org promo.libertex.org lib.libertex.org api-account.libertex.org tealium-proxy.libertex.org — Cisco Umbrella Rank: 776667 api-geo.libertex.org	534 KB
15	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1241	66 KB
11	criteo.com 5 redirects dynamic.criteo.com — Cisco Umbrella Rank: 4198 gum.criteo.com — Cisco Umbrella Rank: 478 mug.criteo.com — Cisco Umbrella Rank: 2541 sslwidget.criteo.com — Cisco Umbrella Rank: 2408 widget.us.criteo.com — Cisco Umbrella Rank: 25599 dis.criteo.com — Cisco Umbrella Rank: 648	36 KB
7	google.com adservice.google.com — Cisco Umbrella Rank: 118 region1.analytics.google.com — Cisco Umbrella Rank: 2714 www.google.com — Cisco Umbrella Rank: 2	1 KB
7	doubleclick.net 2 redirects 11442981.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 98 cm.g.doubleclick.net — Cisco Umbrella Rank: 255	2 KB
5	google.de www.google.de — Cisco Umbrella Rank: 6147 adservice.google.de — Cisco Umbrella Rank: 13042	1 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 766	140 KB
4	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 3555	55 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 261	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	282 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 242	2 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1837	1 KB
2	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 363	140 B
2	omappapi.com a.omappapi.com — Cisco Umbrella Rank: 5763 api.omappapi.com — Cisco Umbrella Rank: 6148	4 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 901 script.hotjar.com — Cisco Umbrella Rank: 1101	60 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	21 KB
2	opmnstr.com a.opmnstr.com — Cisco Umbrella Rank: 26645	24 KB
2	taboola.com trc.taboola.com — Cisco Umbrella Rank: 680 sync-t1.taboola.com — Cisco Umbrella Rank: 1598	469 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 187	87 KB
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 2648	268 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 903	338 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2848	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4701	400 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 33274	153 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2985	401 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 959	581 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 900	145 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1252	422 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1304	884 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 10624	265 B
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 761	199 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 470	921 B
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 773	385 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1279	163 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 434	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2637	163 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 898	114 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 621	35 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 409	239 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 780	785 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 387	146 B
1	pangle-ads.com analytics.pangle-ads.com — Cisco Umbrella Rank: 2907	876 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 116	185 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 869	396 B
1	t.co t.co — Cisco Umbrella Rank: 614	377 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 792	15 KB
1	libertex.com 1 redirects go.libertex.com	756 B
1	tenxaffiliates.com 1 redirects track.tenxaffiliates.com	575 B
1	bestnewsonline.net 1 redirects bestnewsonline.net	793 B
128	49

	Domain	Requested by
30	promo.libertex.org	promo.libertex.org
15	tags.tiqcdn.com	promo.libertex.org tags.tiqcdn.com
5	gum.criteo.com	4 redirects dynamic.criteo.com
5	region1.analytics.google.com	www.googletagmanager.com
5	analytics.tiktok.com	tags.tiqcdn.com analytics.tiktok.com
4	www.google.de	promo.libertex.org
4	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
4	dev.visualwebsiteoptimizer.com	tags.tiqcdn.com dev.visualwebsiteoptimizer.com promo.libertex.org
3	ib.adnxs.com	2 redirects
3	www.googletagmanager.com	tags.tiqcdn.com www.google-analytics.com www.googletagmanager.com
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	ups.analytics.yahoo.com
2	dis.criteo.com
2	www.google-analytics.com	tags.tiqcdn.com www.google-analytics.com
2	a.opmnstr.com	tags.tiqcdn.com a.opmnstr.com
2	11442981.fls.doubleclick.net	1 redirects tags.tiqcdn.com
2	connect.facebook.net	tags.tiqcdn.com connect.facebook.net
1	s.thebrighttag.com
1	beacon.krxd.net
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	a.twiago.com
1	criteo-partners.tremorhub.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	jadserve.postrelease.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	ad.360yield.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	contextual.media.net
1	x.bidswitch.net
1	cm.g.doubleclick.net	1 redirects
1	widget.us.criteo.com
1	sslwidget.criteo.com	1 redirects
1	mug.criteo.com
1	api-geo.libertex.org	lib.libertex.org
1	tealium-proxy.libertex.org	promo.libertex.org
1	dynamic.criteo.com	tags.tiqcdn.com
1	adservice.google.de	adservice.google.com
1	analytics.pangle-ads.com	analytics.tiktok.com
1	www.facebook.com	promo.libertex.org
1	www.google.com	promo.libertex.org
1	adservice.google.com	11442981.fls.doubleclick.net
1	api.omappapi.com	a.opmnstr.com
1	a.omappapi.com	a.opmnstr.com
1	script.hotjar.com	static.hotjar.com
1	analytics.twitter.com	promo.libertex.org
1	t.co	promo.libertex.org
1	static.hotjar.com	tags.tiqcdn.com
1	static.ads-twitter.com	tags.tiqcdn.com
1	trc.taboola.com	promo.libertex.org
1	api-account.libertex.org	lib.libertex.org
1	lib.libertex.org	promo.libertex.org
1	go.libertex.com	1 redirects
1	track.tenxaffiliates.com	1 redirects
1	bestnewsonline.net	1 redirects
128	66

This site contains links to these domains. Also see Links.

Domain
app.libertex.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-29` - `2024-04-28`	a year	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M01	`2023-04-18` - `2024-05-17`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-21` - `2023-10-19`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
a.opmnstr.com R3	`2023-10-05` - `2024-01-03`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2023-07-06` - `2024-07-06`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
a.omappapi.com R3	`2023-10-05` - `2024-01-03`	3 months	crt.sh
api.opmnstr.com Amazon RSA 2048 M01	`2023-03-01` - `2024-02-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.pangle-ads.com RapidSSL TLS ECC CA G1	`2023-08-10` - `2024-09-09`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
teads.tv R3	`2023-10-09` - `2024-01-07`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
*.id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
itm.ivitrack.com R3	`2023-08-16` - `2023-11-14`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2023-06-06` - `2024-07-04`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M01	`2023-03-01` - `2023-12-25`	10 months	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2022-11-06` - `2023-11-28`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-28` - `2023-12-29`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2023-09-17` - `2024-09-17`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
Frame ID: F4E5300E80525380CD75D51989D3E22C
Requests: 96 HTTP requests in this frame

Frame: https://11442981.fls.doubleclick.net/activityi;dc_pre=CO7jgIWP74EDFRTE1QodDSwK-Q;src=11442981;type=testb0;cat=pagev0;ord=9611861680289.164
Frame ID: 5AEFA3314207896FE2F4378681889B76
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CO7jgIWP74EDFRTE1QodDSwK-Q;src=11442981;type=testb0;cat=pagev0;ord=9611861680289.164;~oref=https://promo.libertex.org/
Frame ID: 6832AD76E1EBDEABC3B4649C6FBE16BF
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CO7jgIWP74EDFRTE1QodDSwK-Q;src=11442981;type=testb0;cat=pagev0;ord=9611861680289.164;~oref=https://promo.libertex.org/
Frame ID: B3434EC510AC4271EB5BE629B436D887
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=promo.libertex.org&origin=onetag
Frame ID: 86D94E5A54918915E66823CC68417FF2
Requests: 2 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-sOQa-4XMixhZQHxUKrD3pUeHVlgDt3RLEhTRdQ&google_gid=CAESEDak0oq7mAv9mprRuUGndBM&google_cver=1&google_ula=913071,0
Frame ID: D818DE2D8AEF45577C76253CCD302703
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Libertex

Page URL History Show full URLs

https://bestnewsonline.net/forlibertexlatam/?lang=es&offer_id=88&aff_id=1205&gcam=857-869-4554&utm_sour... HTTP 307
https://track.tenxaffiliates.com/track/click/73?lang=es&offer_id=88&aff_id=1205&gcam=857-869-4554&utm_source=... HTTP 301
https://go.libertex.com/visit/?bta=52621&nci=18703&afp=54470f23-b9a0-449a-8ccb-2e8dc15c56fc&afp1=120... HTTP 302
https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a... Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

128
Requests

94 %
HTTPS

32 %
IPv6

49
Domains

66
Subdomains

58
IPs

9
Countries

1337 kB
Transfer

3412 kB
Size

59
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://app.libertex.com/
Title: Continue

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bestnewsonline.net/forlibertexlatam/?lang=es&offer_id=88&aff_id=1205&gcam=857-869-4554&utm_source=bestonlinenews&utm_medium=cpc&utm_campaign=20325641950&campaignid=stocks&kw=account_000_bestonlinenews-857-869-4554_campaign_20325641950keywordiq+option+es+confiabledevicec&gclid=Cj0KCQjwj5mpBhDJARIsAOVjBdqjoAMRnSeXfoyguUwhdliHFNwyuUk5AxQqvdVImv7hfGPjhg0iXyMaAkzBEALw_wcB HTTP 307
https://track.tenxaffiliates.com/track/click/73?lang=es&offer_id=88&aff_id=1205&gcam=857-869-4554&utm_source=bestonlinenews&utm_medium=cpc&utm_campaign=20325641950&campaignid=stocks&kw=account_000_bestonlinenews-857-869-4554_campaign_20325641950keywordiq%20option%20es%20confiabledevicec&gclid=Cj0KCQjwj5mpBhDJARIsAOVjBdqjoAMRnSeXfoyguUwhdliHFNwyuUk5AxQqvdVImv7hfGPjhg0iXyMaAkzBEALw_wcB HTTP 301
https://go.libertex.com/visit/?bta=52621&nci=18703&afp=54470f23-b9a0-449a-8ccb-2e8dc15c56fc&afp1=1205&afp10=Invest_in_Crypto HTTP 302
https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://11442981.fls.doubleclick.net/activityi;src=11442981;type=testb0;cat=pagev0;ord=9611861680289.164 HTTP 302
https://11442981.fls.doubleclick.net/activityi;dc_pre=CO7jgIWP74EDFRTE1QodDSwK-Q;src=11442981;type=testb0;cat=pagev0;ord=9611861680289.164

Request Chain 98

https://gum.criteo.com/sid/json?origin=onetag&domain=libertex.org&sn=ChromeSyncframe&so=0&topUrl=promo.libertex.org&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=yytVn3wyU1RJRWhVakhxOXdOcklXVzJiNXlpS3ZVNDlvQlF4M2tDdGxHbEVOMHZKcFE4bWFmVDVnQUM1M0J2SkRnMStYcHVtMmNmRFdvSWJ5c1U4TnJ1WWdnSHBLL2hYeW9GRkxXSW92UWJxbW9vMC9hcUhRK1Juc01VTVJwS2d0cFNxZ0tLT0RneVdtTDVHSktTZ2FuU2I2dVhHMi96MmVDNS9nQ2FKTnE1aS9tby8vU3YwcmtSMkVRSm8wdnptZzh4ZVQ2WkcybWhBZEFIOUl6amlSRldGUEdWZzFNUUNpbUlCTk9zT0d1TFJKTW96MkY4Y1ZuajA3eHNCMTFvSTRzNHVweGFldi9JeGdwbVpxY2dpRW1ITXRCQT09fA&cppv=2

Request Chain 99

https://sslwidget.criteo.com/event?a=%5B101568%2C61968%2C61966%2C101569%2C61967%2C101570%5D&v=5.20.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Ddis&adce=1&bundle=I-_52V9kclRXdWJPNjNuWmNZanM2ZFRmWjZ1VkxuJTJGSmZqU1ZIWXdqYnpJbGElMkYzQiUyRlU3MndiZFhJeXNEa0M4aFFDRTBXTkZ0ZjZHYVlrZHNBbWhySkhzM0tPQTA1RXAySm10VHAxRlo4YzRaM3RxS0JBekZlbElkaUo4OHNxdDlla0J4Y1FaZXJld2VGTm9xd0xUeFloZW85RWclM0QlM0Q&tld=libertex.org&dy=1&fu=https%253A%252F%252Fpromo.libertex.org%252Flp%252Fen-en%252Fultimate-platform%252F%253Faff_id%253D52621%2526cxd%253D52621_582613_%257Cafp0%253A54470f23-b9a0-449a-8ccb-2e8dc15c56fc%257Cafp1%253A1205%257Cafp10%253AInvest_in_Crypto&ceid=e6c8aaed-d275-4bcc-8252-cab3234b59d0&dtycbr=96515 HTTP 302
https://widget.us.criteo.com/event?a=%5B101568%2C61968%2C61966%2C101569%2C61967%2C101570%5D&v=5.20.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Ddis&adce=1&bundle=I-_52V9kclRXdWJPNjNuWmNZanM2ZFRmWjZ1VkxuJTJGSmZqU1ZIWXdqYnpJbGElMkYzQiUyRlU3MndiZFhJeXNEa0M4aFFDRTBXTkZ0ZjZHYVlrZHNBbWhySkhzM0tPQTA1RXAySm10VHAxRlo4YzRaM3RxS0JBekZlbElkaUo4OHNxdDlla0J4Y1FaZXJld2VGTm9xd0xUeFloZW85RWclM0QlM0Q&tld=libertex.org&dy=1&fu=https%253A%252F%252Fpromo.libertex.org%252Flp%252Fen-en%252Fultimate-platform%252F%253Faff_id%253D52621%2526cxd%253D52621_582613_%257Cafp0%253A54470f23-b9a0-449a-8ccb-2e8dc15c56fc%257Cafp1%253A1205%257Cafp10%253AInvest_in_Crypto&ceid=e6c8aaed-d275-4bcc-8252-cab3234b59d0&dtycbr=96515

Request Chain 100

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-sOQa-4XMixhZQHxUKrD3pUeHVlgDt3RLEhTRdQ&google_cm&google_hm=ay1zT1FhLTRYTWl4aFpRSHhVS3JEM3BVZUhWbGdEdDNSTEVoVFJkUQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-sOQa-4XMixhZQHxUKrD3pUeHVlgDt3RLEhTRdQ&google_gid=CAESEDak0oq7mAv9mprRuUGndBM&google_cver=1&google_ula=913071,0

Request Chain 102

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2345519259286942837

Request Chain 113

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-N-Ggv4XMixhZQHxUKrD3pUeHVliR8wkiyq1NWQ HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-N-Ggv4XMixhZQHxUKrD3pUeHVliR8wkiyq1NWQ&C=1

Request Chain 114

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=hgdn0vG3Ap8nO7mM8q9uYOsZay8fjZTl HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=hgdn0vG3Ap8nO7mM8q9uYOsZay8fjZTl

Request Chain 128

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Z6eyP-zc93pOLi_hyHW3D7-Rm0uoOUgp

Request Chain 129

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=UayQaOUlQv2tz6ucxwgtgdMayWebaa2h

128 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
promo.libertex.org/lp/en-en/ultimate-platform/
Redirect Chain

https://bestnewsonline.net/forlibertexlatam/?lang=es&offer_id=88&aff_id=1205&gcam=857-869-4554&utm_source=bestonlinenews&utm_medium=cpc&utm_campaign=20325641950&campaignid=stocks&kw=account_000_bes...
https://track.tenxaffiliates.com/track/click/73?lang=es&offer_id=88&aff_id=1205&gcam=857-869-4554&utm_source=bestonlinenews&utm_medium=cpc&utm_campaign=20325641950&campaignid=stocks&kw=account_000_...
https://go.libertex.com/visit/?bta=52621&nci=18703&afp=54470f23-b9a0-449a-8ccb-2e8dc15c56fc&afp1=1205&afp10=Invest_in_Crypto
https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto

13 KB
4 KB

216ms
104ms

Document
text/html

2606:4700::6811:900c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:900c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efe859b78a5300ed10d1a16cba8ff1cc8dfb3ede610acafa8b1f01cabaa47a11

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 814ac7efaff465ab-FRA
content-encoding: br
content-type: text/html
date: Wed, 11 Oct 2023 23:11:13 GMT
last-modified: Wed, 11 Oct 2023 09:17:09 GMT
server: cloudflare
vary: Accept-Encoding
x-amz-id-2: THu8gDUSACkXxYTd6oLcDdvvjVy92bSrCerfAVQcnRCXesZjTQjZf9HbrLNgdjlBFs3GcOWYfvA=
x-amz-request-id: J4WYEFKWSJEZA1H9

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: private,no-cache
Connection: keep-alive
Content-Length: 285
Content-Type: text/html; Charset=UTF-8
Date: Wed, 11 Oct 2023 23:11:13 GMT
Expires: Tue, 10 Oct 2023 23:11:12 GMT
Location: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Pragma: no-cache
Server: rhino-core-shield
X-Cache-Status: MISS

GET
H2 200 main.css
promo.libertex.org/lp/en-en/ultimate-platform/css/ 22 KB
6 KB 137ms
136ms Stylesheet
text/css 2606:4700::6811:900c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promo.libertex.org/lp/en-en/ultimate-platform/css/main.css
Requested by: Host: promo.libertex.org
URL: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:900c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84b57e93d318b29205e6795cbd58d0d456459cce57700527bf5815202f85c785

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 11 Oct 2023 09:17:09 GMT
server: cloudflare
x-amz-request-id: 03RDJREMZMRK19EG
etag: W/"f37a898bc4c63c01c4d7404fa31ce4b8"
vary: Accept-Encoding
content-type: text/css
cf-ray: 814ac7f0587765ab-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: wzdnYF9qrYnui9amWs0nPspqDuPJqnkOXCdjJl/UcD4EHXDcALvOmdksGih8ZGZ5YXvEZSSSnz0=

GET
H2 200 cosm.png
promo.libertex.org/lp/en-en/ultimate-platform/img/content/ 57 KB
58 KB 110ms
109ms Image
image/png 2606:4700::6811:900c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.org/lp/en-en/ultimate-platform/img/content/cosm.png
Requested by: Host: promo.libertex.org
URL: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:900c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 175e2b2ebbc83084d6a5ff04f74684db4e58984baf1c8eb8dbefea240284bc8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:14 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 11 Oct 2023 09:17:09 GMT
server: cloudflare
x-amz-request-id: 03R2BV2N1PGW37K5
etag: "6bce653421d81bbbffa687fca0c1e010"
vary: Accept-Encoding
content-type: image/png
cf-ray: 814ac7f0587965ab-FRA
alt-svc: h3=":443"; ma=86400
content-length: 58717
x-amz-id-2: NdMAlpLvQxlLCgQg1cpUkhYe/Tl3JrqNwlbAT9eOQ/6eX8RJhvW0y5hqY3D2BpGjGaJYNiDOW4Q=

GET
H3 200 ben1.png
promo.libertex.org/lp/en-en/ultimate-platform/img/content/ 4 KB
4 KB 138ms
137ms Image
image/png 2606:4700::6811:900c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.org/lp/en-en/ultimate-platform/img/content/ben1.png
Requested by: Host: promo.libertex.org
URL: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:900c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8eeebe7876a439fd3ca3d3d12c94d5b450c6a0405bdcfb993a5227029b9818b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:14 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 11 Oct 2023 09:17:09 GMT
server: cloudflare
x-amz-request-id: 03R8YK9PN3CGGX5K
etag: "b890ea276b58611c3d12269d07401337"
vary: Accept-Encoding
content-type: image/png
cf-ray: 814ac7f16d804d26-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3614
x-amz-id-2: we03xiPRxIZs9ywYwCA1qd8SC97bDDFg4Nj4gZMSJCcdRON7xXsXzpvllCrCWrSlVpW/YERy1nM=

GET
H3 200 ben2.png
promo.libertex.org/lp/en-en/ultimate-platform/img/content/ 7 KB
7 KB 176ms
172ms Image
image/png 2606:4700::6811:900c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.org/lp/en-en/ultimate-platform/img/content/ben2.png
Requested by: Host: promo.libertex.org
URL: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:900c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 052a8f54ae05b425b45ee78250bb12c7aa4d3d365074d12a979f65777ce1e9e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:14 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 11 Oct 2023 09:17:09 GMT
server: cloudflare
x-amz-request-id: 03RFFAEACGWPYTXS
etag: "e7571aa9955b588c4a5a3938d262251e"
vary: Accept-Encoding
content-type: image/png
cf-ray: 814ac7f17d844d26-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7317
x-amz-id-2: JvMCQLbuROwIMlvjagFp0fy3SfB1WZmYPYSriV3ccOZnzAovgxK5iywOENpG9xpKGg1Ttv5JsBw=

GET
H3 200 ben3.png
promo.libertex.org/lp/en-en/ultimate-platform/img/content/ 2 KB
3 KB 138ms
134ms Image
image/png 2606:4700::6811:900c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.org/lp/en-en/ultimate-platform/img/content/ben3.png
Requested by: Host: promo.libertex.org
URL: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:900c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7f1a4032e0c19760186a9d48538c13b89f2e486a33e313f17d5d2781ea7c19c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:14 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 11 Oct 2023 09:17:09 GMT
server: cloudflare
x-amz-request-id: 03R5523KY61EYPPM
etag: "0b5983a99ae97e5fede32e8f663cbb5c"
vary: Accept-Encoding
content-type: image/png
cf-ray: 814ac7f17d864d26-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2384
x-amz-id-2: sIFIXVsQ9lFznXBRUlQ8e9yWpecC1Rpoib22V0nRMASLl4OL1Mwv+UwYcSA0jGT+fyZDyuvzsWc=

GET
H3 200 ben4.png
promo.libertex.org/lp/en-en/ultimate-platform/img/content/ 6 KB
6 KB 138ms
134ms Image
image/png 2606:4700::6811:900c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.org/lp/en-en/ultimate-platform/img/content/ben4.png
Requested by: Host: promo.libertex.org
URL: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:900c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3c45eb86f22cb2c82ded322f8fb7bf595b5cc8028cc62edc76d39ee5b0aabd3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:14 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 11 Oct 2023 09:17:09 GMT
server: cloudflare
x-amz-request-id: 03R5XCQP3G159N03
etag: "ea0106ef1317eb740881b962c8ec543f"
vary: Accept-Encoding
content-type: image/png
cf-ray: 814ac7f17d874d26-FRA
alt-svc: h3=":443"; ma=86400
content-length: 5632
x-amz-id-2: AxnNUBjeSd8jWveq8lVPdg/nnTOzFkNbaSrE+TvtX+1+TcZXS4YCqD4jzwyzbOtbmSW5Uq1rUpU=

GET
H3 200 r1.png
promo.libertex.org/lp/en-en/ultimate-platform/img/content/ 5 KB
5 KB 176ms
172ms Image
image/png 2606:4700::6811:900c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.org/lp/en-en/ultimate-platform/img/content/r1.png
Requested by: Host: promo.libertex.org
URL: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:900c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6c525338ef2af0322e448f81e1f7c54cfd0cf3bb05ac544c65a89b3a44cf4d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:14 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 11 Oct 2023 09:17:09 GMT
server: cloudflare
x-amz-request-id: 03R78VAYAR4F1WJK
etag: "17e9e261b5d0ddad0d792af6b1787b56"
vary: Accept-Encoding
content-type: image/png
cf-ray: 814ac7f17d894d26-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4831
x-amz-id-2: 2Ky23hdjh7GK9TJdOVPiDUKkm//Kfw2/lAJR9nNa6AgHmQHx0XN5pMbipuCrGC6q5x/e9gNPlvg=

GET
H3 200 r2.png
promo.libertex.org/lp/en-en/ultimate-platform/img/content/ 7 KB
7 KB 138ms
135ms Image
image/png 2606:4700::6811:900c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.org/lp/en-en/ultimate-platform/img/content/r2.png
Requested by: Host: promo.libertex.org
URL: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:900c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1a053fac62cbacd925dabb3756652808d1e6c81866113667225f8254b972bb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:14 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 11 Oct 2023 09:17:09 GMT
server: cloudflare
x-amz-request-id: 03RF1RD8T5TQPQDJ
etag: "ca64083035079f9999a5303a77cd8392"
vary: Accept-Encoding
content-type: image/png
cf-ray: 814ac7f17d8a4d26-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7317
x-amz-id-2: m1v+8fJ9QnhzHFRpa6EFMc6wv7j+g7SkdKZIsN9eGOI8IDITkzJi+FvIrp0OYQxCStYCnX/Sp30=

GET
H3 200 r3.png
promo.libertex.org/lp/en-en/ultimate-platform/img/content/ 3 KB
4 KB 213ms
210ms Image
image/png 2606:4700::6811:900c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.org/lp/en-en/ultimate-platform/img/content/r3.png
Requested by: Host: promo.libertex.org
URL: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:900c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb5ce98a3cb9423316a6058477111a5a5fe51696af415b5b78dad487ac090143

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:14 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 11 Oct 2023 09:17:09 GMT
server: cloudflare
x-amz-request-id: 03R38Q9EYGA0ZFNG
etag: "2894a69aa9949d4439a30d91e447d8f2"
vary: Accept-Encoding
content-type: image/png
cf-ray: 814ac7f17d8c4d26-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3504
x-amz-id-2: IuoWwyL2/adq4gSw+uaJXYtbwHb5gPg/QUC+kvmRDfrn1rHektRoXoSW01vUqEuR2hxueAZBpRU=

GET
H3 200 r4.png
promo.libertex.org/lp/en-en/ultimate-platform/img/content/ 4 KB
5 KB 138ms
135ms Image
image/png 2606:4700::6811:900c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.org/lp/en-en/ultimate-platform/img/content/r4.png
Requested by: Host: promo.libertex.org
URL: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:900c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbc058783babd6cdac1f8d581b82495fdbc200c38958b98635c96f3c9a6fb4f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:14 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 11 Oct 2023 09:17:09 GMT
server: cloudflare
x-amz-request-id: 03R7ZW201D575M6W
etag: "b8921122694a545e1488a1ecc9dcae39"
vary: Accept-Encoding
content-type: image/png
cf-ray: 814ac7f17d8d4d26-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4548
x-amz-id-2: EDKC2fl4af3Bph8CAgHMDfEuFK6bWF2Y31aLJkqKkhwDCsSNR9gmzEdZEE7uFCzb11pGFvnbWjo=

GET
H3 200 r5.png
promo.libertex.org/lp/en-en/ultimate-platform/img/content/ 5 KB
5 KB 176ms
173ms Image
image/png 2606:4700::6811:900c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.org/lp/en-en/ultimate-platform/img/content/r5.png
Requested by: Host: promo.libertex.org
URL: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:900c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c08bb009ce527fa0bd46e30391226b2a0540e9dc7ec31e27227e468569a3ee56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:14 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 11 Oct 2023 09:17:09 GMT
server: cloudflare
x-amz-request-id: 03R3661Z1KM2YG2T
etag: "a66af591cc586f550753f7bec195cc6e"
vary: Accept-Encoding
content-type: image/png
cf-ray: 814ac7f17d8e4d26-FRA
alt-svc: h3=":443"; ma=86400
content-length: 5185
x-amz-id-2: 3E3b9qnwwwhG3HL4KMqB63LT031VPdsF/4qY0MBJ3A4EJnGNFMu/iCMZfUTB5Z+8XdWCn3TnGXM=

GET
H3 200 r6.png
promo.libertex.org/lp/en-en/ultimate-platform/img/content/ 3 KB
3 KB 216ms
213ms Image
image/png 2606:4700::6811:900c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.org/lp/en-en/ultimate-platform/img/content/r6.png
Requested by: Host: promo.libertex.org
URL: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:900c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c1972740b53217a38091a3cbecdd640700ceb66923a475a5b8a08faee3d05e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:14 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 11 Oct 2023 09:17:09 GMT
server: cloudflare
x-amz-request-id: 03R2TPMPCN02CGCP
etag: "88363b8b578a6a41e7db6c3d4fef3d3f"
vary: Accept-Encoding
content-type: image/png
cf-ray: 814ac7f17d8f4d26-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3206
x-amz-id-2: qUye2G+WqyoflrfK91pNZNBzvUkEFLsfF23EZEh5iHw3Er8Q1qhCveDo8PyYjD3RlR4v6vmmmhI=

GET
H3 200 assets-img.jpg
promo.libertex.org/lp/en-en/ultimate-platform/img/content/ 65 KB
65 KB 176ms
172ms Image
image/jpeg 2606:4700::6811:900c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.org/lp/en-en/ultimate-platform/img/content/assets-img.jpg
Requested by: Host: promo.libertex.org
URL: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:900c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b289431ca332b9ac7a66ee7b3fe5559005a653cb17c6b28e2a6c924b02583960

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:14 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 11 Oct 2023 09:17:09 GMT
server: cloudflare
x-amz-request-id: 03R587PZXQZ2P3N5
etag: "6f0d365b76455d857e09dddcc739fb2b"
vary: Accept-Encoding
content-type: image/jpeg
cf-ray: 814ac7f17d904d26-FRA
alt-svc: h3=":443"; ma=86400
content-length: 66695
x-amz-id-2: Cm9e7WfJibD5V3R9KZPXQtMjX+JkCpnYPx2/Ais81g5gFy2hXQ7vtAeowXNhPiJD1XcJWDM1mbU=

GET
H3 200 c1.png
promo.libertex.org/lp/en-en/ultimate-platform/img/content/ 1 KB
2 KB 255ms
252ms Image
image/png 2606:4700::6811:900c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.org/lp/en-en/ultimate-platform/img/content/c1.png
Requested by: Host: promo.libertex.org
URL: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:900c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d400e20fd203a5d4cf8cbdbd000fed44529048d366b709d2be2a14db1de1467

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:14 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 11 Oct 2023 09:17:09 GMT
server: cloudflare
x-amz-request-id: 03R8N7J2J9J3W130
etag: "919072dd38b0af475dc4b1c0f381b1df"
vary: Accept-Encoding
content-type: image/png
cf-ray: 814ac7f17d914d26-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1525
x-amz-id-2: 4l8TY6M1Pxw0QN+7DNbDF2cgB6wqV6tjGePG/tpXMZ/mwfPK2YwCncqNqRnI0n65gugPxmOSoDw=

GET
H3 200 graph.png
promo.libertex.org/lp/en-en/ultimate-platform/img/content/ 2 KB
2 KB 255ms
252ms Image
image/png 2606:4700::6811:900c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.org/lp/en-en/ultimate-platform/img/content/graph.png
Requested by: Host: promo.libertex.org
URL: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:900c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1bf12b1cb0f9cde077e9e54dbc0731d1b5b466ff4f998dbad25090db4869b99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:14 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 11 Oct 2023 09:17:09 GMT
server: cloudflare
x-amz-request-id: 03RCAEWK6RK6ET07
etag: "b9bcbe013e1f34bf7d49d88b2b235dca"
vary: Accept-Encoding
content-type: image/png
cf-ray: 814ac7f17d924d26-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1707
x-amz-id-2: HyoqrqZ32fauq981XTmUC4W/ZcPcNILlMeBP0lp9mU3CqcAchF/5/EUoocVMWeK2eEFiXyFNmV0=

GET
H3 200 c2.png
promo.libertex.org/lp/en-en/ultimate-platform/img/content/ 1 KB
1 KB 255ms
252ms Image
image/png 2606:4700::6811:900c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.org/lp/en-en/ultimate-platform/img/content/c2.png
Requested by: Host: promo.libertex.org
URL: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:900c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec20452f7bce8430cc17d46575c6eae16e2b8b1f72796beb6c5d86a7f319236f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:14 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 11 Oct 2023 09:17:09 GMT
server: cloudflare
x-amz-request-id: 03R8X3B09RZPZZ5M
etag: "9b6f55c2870aa0a69e261e392101eafc"
vary: Accept-Encoding
content-type: image/png
cf-ray: 814ac7f17d934d26-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1203
x-amz-id-2: WL1QZvfCmDT4jQoauXmHbM2uvOzMjpj3HbWOz/T02PnHBaH3wUpevZvAOyDSeqQyvCjwbK+FNHU=

GET
H3 200 c3.png
promo.libertex.org/lp/en-en/ultimate-platform/img/content/ 2 KB
2 KB 256ms
252ms Image
image/png 2606:4700::6811:900c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.org/lp/en-en/ultimate-platform/img/content/c3.png
Requested by: Host: promo.libertex.org
URL: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:900c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ada875e7565af403288267125fe26cb546f7059b1e1e507a59e31485c4f2716a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:14 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 11 Oct 2023 09:17:09 GMT
server: cloudflare
x-amz-request-id: 03R6D6C9FWKTJV65
etag: "5febe04c85738fc6a27082215ab4c1d8"
vary: Accept-Encoding
content-type: image/png
cf-ray: 814ac7f17d954d26-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1574
x-amz-id-2: L6hM9hRh0LIqTzmx9D8Tub+BcrlzDwMnxL9fbrdYgFP9Jn3FhaA0PW78jCHR2L9wRk9HxfkoVNQ=

GET
H3 200 c4.png
promo.libertex.org/lp/en-en/ultimate-platform/img/content/ 1 KB
1 KB 256ms
252ms Image
image/png 2606:4700::6811:900c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.org/lp/en-en/ultimate-platform/img/content/c4.png
Requested by: Host: promo.libertex.org
URL: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:900c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5244faa4151436106849a22c5b0f3ee52038ae3eaba9631380ecfec2bf36c2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:14 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 11 Oct 2023 09:17:09 GMT
server: cloudflare
x-amz-request-id: 03RFP2H40ZYHM1CA
etag: "891379a6696ea387400a4cbef34e3122"
vary: Accept-Encoding
content-type: image/png
cf-ray: 814ac7f17d964d26-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1104
x-amz-id-2: IHw7of4tUk4jWgQTAuV3vmj9YE24J1I5ZD3byKfaSYRX6JRW6oUj2W4bPh60bfp2jbGCJPGUmrQ=

GET
H3 200 c5.png
promo.libertex.org/lp/en-en/ultimate-platform/img/content/ 1 KB
2 KB 256ms
252ms Image
image/png 2606:4700::6811:900c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.org/lp/en-en/ultimate-platform/img/content/c5.png
Requested by: Host: promo.libertex.org
URL: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:900c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 374c3b8d9dbf45146ab60c00cd8259087e7eacd3ce5540e61f20ab4fb0c900c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:14 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 11 Oct 2023 09:17:09 GMT
server: cloudflare
x-amz-request-id: 03R5QCTRMRF4318A
etag: "4d3d8a7a4db20287b2d132892aaed793"
vary: Accept-Encoding
content-type: image/png
cf-ray: 814ac7f17d974d26-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1474
x-amz-id-2: HFHp50XMtCA8JqVgVQtJfsi+VV6HXk33gMeyFfPs//qT9MujYIUFI7ToaF9I4lSgcPUXghCWwqk=

GET
H3 200 e-img.png
promo.libertex.org/lp/en-en/ultimate-platform/img/content/ 25 KB
25 KB 256ms
252ms Image
image/png 2606:4700::6811:900c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.org/lp/en-en/ultimate-platform/img/content/e-img.png
Requested by: Host: promo.libertex.org
URL: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:900c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e9cbf86d27fc2e45f72a8651ff8d4fbc22862eb9004c4b575c4b794c7795383

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:14 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 11 Oct 2023 09:17:09 GMT
server: cloudflare
x-amz-request-id: 03RB4HK3RGTYZMCY
etag: "7da789b0c16d49448082cbb266b9a722"
vary: Accept-Encoding
content-type: image/png
cf-ray: 814ac7f17d994d26-FRA
alt-svc: h3=":443"; ma=86400
content-length: 25497
x-amz-id-2: Q0HmFo3HjaxlZGWwoFJaJr3EItVXOon33TtdUNwYluwDQ7Qofbdm4ioaSPGQJLqTD2VwmGDl+v4=

GET
H3 200 office.jpg
promo.libertex.org/lp/en-en/ultimate-platform/img/content/ 37 KB
37 KB 257ms
253ms Image
image/jpeg 2606:4700::6811:900c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.org/lp/en-en/ultimate-platform/img/content/office.jpg
Requested by: Host: promo.libertex.org
URL: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:900c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1013d724db30e360a47b8d3dd621b50996d39a2bce18e2e5f6aa042518a3ce80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:14 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 11 Oct 2023 09:17:09 GMT
server: cloudflare
x-amz-request-id: 03R05NGJA63TKA65
etag: "41d5ed2d4df00fb3767d473e088d3c49"
vary: Accept-Encoding
content-type: image/jpeg
cf-ray: 814ac7f17d9a4d26-FRA
alt-svc: h3=":443"; ma=86400
content-length: 37651
x-amz-id-2: FTjOzpRTQ3Z7eROwl4M82ePakgHHp00EVAz2hZ/ihPB6k+27dN9n7Xce2us5AtEkt5Utz1ExIBU=

GET
H2 200 landing-api.min.2.2.2.js Show response
lib.libertex.org/landing/js/ 74 KB
23 KB 337ms
134ms Script
application/javascript 2606:4700::6811:900c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lib.libertex.org/landing/js/landing-api.min.2.2.2.js
Requested by: Host: promo.libertex.org
URL: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:900c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: facf08c34d30087f6e5280647dbfedc416da8be80594547d3e3ff23fe2ab28e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 25 Nov 2021 10:54:30 GMT
server: cloudflare
x-amz-request-id: 03R52NT4YJ6CB8KQ
etag: W/"882bba95952c9d849e36f426d7379554"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 814ac7f25a1d65ab-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: ALMSk5k/CUQhidZNsW+Qa2FRHWi5Q3DxgLMWjZiWouPcGlVHF8tmX5H5UcB/MNzrAi5PjT4QySE=

GET
H3 200 interface.js Show response
promo.libertex.org/lp/en-en/ultimate-platform/js/ 824 B
676 B 157ms
157ms Script
application/javascript 2606:4700::6811:900c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promo.libertex.org/lp/en-en/ultimate-platform/js/interface.js
Requested by: Host: promo.libertex.org
URL: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:900c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82afa4dc7f8791bb434f4661591baee0cc502a90540afdf3798a17f86512ae43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 11 Oct 2023 09:17:09 GMT
server: cloudflare
x-amz-request-id: 03RF29JMK39GWRGS
etag: W/"75ee5ebfe1880c03e2185180812013bc"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 814ac7f14d654d26-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: YMcmpYLImB8YD2M+piCLXhvLRMyLp9bZ0UImTDB267MmwxXhZmThEFQ0lq3q9nFeCdWaVgk7GdQ=

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/fxclub/main/prod/ 186 KB
29 KB 270ms
45ms Script
application/javascript 2600:9000:223e:6800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js
Requested by: Host: promo.libertex.org
URL: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:6800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9846622bfe6a8e328c40898bc43ab107b601ac01ee5263cce3b8cd90b201ab58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: Wp6w1tEeY34rX6aPDDbMFFA2rsiMHndb
content-encoding: br
via: 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
date: Wed, 11 Oct 2023 23:09:23 GMT
last-modified: Fri, 06 Oct 2023 11:38:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 112
x-amz-server-side-encryption: AES256
etag: W/"98cd336ba86ec922d739c7348de2d57c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: VQoIGXkIkOK0oLVj_AjhtLYUYKxGx3XFTV3rPnjWfgwN0DOutqeKxA==

GET
H3 200 top-bg.jpg
promo.libertex.org/lp/en-en/ultimate-platform/img/content/ 21 KB
21 KB 94ms
89ms Image
image/jpeg 2606:4700::6811:900c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.org/lp/en-en/ultimate-platform/img/content/top-bg.jpg
Requested by: Host: promo.libertex.org
URL: https://promo.libertex.org/lp/en-en/ultimate-platform/css/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:900c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 341af2fc06eee052067c75b7c0b07e8ec1a3b17f428e9716d4c97501b7afdc44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/lp/en-en/ultimate-platform/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:14 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 11 Oct 2023 09:17:09 GMT
server: cloudflare
x-amz-request-id: 03RDHX33SBTTJ4AW
etag: "fdb9ce51857510b5afa55bd171c01972"
vary: Accept-Encoding
content-type: image/jpeg
cf-ray: 814ac7f17d9b4d26-FRA
alt-svc: h3=":443"; ma=86400
content-length: 21508
x-amz-id-2: RVSfFm8q84+ySOhyp1K9nAuNKEgNEzlYQ8CKDMbCXB2X5G6ShsvMgHajemv1guYM4DGvOl27eXM=

GET
DATA 200
OK truncated
/ 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8575164dd295f049ffc5957dd86c94e41026c1b00a3eba89128aab4ff49ff186

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 r-bg.jpg
promo.libertex.org/lp/en-en/ultimate-platform/img/content/ 15 KB
15 KB 290ms
287ms Image
image/jpeg 2606:4700::6811:900c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.org/lp/en-en/ultimate-platform/img/content/r-bg.jpg
Requested by: Host: promo.libertex.org
URL: https://promo.libertex.org/lp/en-en/ultimate-platform/css/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:900c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd036daa6d1b9be50306748643cf6d435ccbc236a3dbb5a039178454835ac8c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/lp/en-en/ultimate-platform/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:14 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 11 Oct 2023 09:17:09 GMT
server: cloudflare
x-amz-request-id: 03R45F94D1C1HZ5T
etag: "f577efcc6ac0de8c115cc76b3b635d51"
vary: Accept-Encoding
content-type: image/jpeg
cf-ray: 814ac7f17d9c4d26-FRA
alt-svc: h3=":443"; ma=86400
content-length: 14906
x-amz-id-2: 6QK5GVgTUlbwCYaFZUNuV5t13thZoweZXz7Mce9s4rINRCm+I9f0qh6ygCUmtrtgDSMqYm2qaKY=

GET
H3 200 c-bg.jpg
promo.libertex.org/lp/en-en/ultimate-platform/img/content/ 18 KB
19 KB 290ms
288ms Image
image/jpeg 2606:4700::6811:900c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.org/lp/en-en/ultimate-platform/img/content/c-bg.jpg
Requested by: Host: promo.libertex.org
URL: https://promo.libertex.org/lp/en-en/ultimate-platform/css/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:900c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a6da95881ea410c15b66bf599e8da32315eedf8667854459d1fa93ca6f89537

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/lp/en-en/ultimate-platform/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:14 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 11 Oct 2023 09:17:09 GMT
server: cloudflare
x-amz-request-id: 03RBJMZQMXFE6RXF
etag: "de09925bfabd0db97936b8772a00af11"
vary: Accept-Encoding
content-type: image/jpeg
cf-ray: 814ac7f17d9e4d26-FRA
alt-svc: h3=":443"; ma=86400
content-length: 18855
x-amz-id-2: IHtskaiJpb+ctvsashrSq2DvkQsUmXOOst+8wfwqqh1UcSZ0zI6yrLfW0Zqp6+8txKlNCJCOnt4=

GET
H3 200 e-bg.jpg
promo.libertex.org/lp/en-en/ultimate-platform/img/content/ 53 KB
53 KB 290ms
288ms Image
image/jpeg 2606:4700::6811:900c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.org/lp/en-en/ultimate-platform/img/content/e-bg.jpg
Requested by: Host: promo.libertex.org
URL: https://promo.libertex.org/lp/en-en/ultimate-platform/css/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:900c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e82d625dad5940f7aedcf8d8ea0d302350b455b1ba7aea8d83a9a08cb025e4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/lp/en-en/ultimate-platform/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:14 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 11 Oct 2023 09:17:09 GMT
server: cloudflare
x-amz-request-id: 03R8M2QHXVXJE55J
etag: "b72acddd7cfbb3b6fd33da40052e067d"
vary: Accept-Encoding
content-type: image/jpeg
cf-ray: 814ac7f17d9f4d26-FRA
alt-svc: h3=":443"; ma=86400
content-length: 54278
x-amz-id-2: OUJipDKLL8iD8D6WYgGU4Fk4SjVz6r8K3c+TxAepiDS/OWwSM5vyPwDc2vK8MY1rT1ExO3UuIgs=

GET
H3 200 mont-semibold.woff2
promo.libertex.org/lp/en-en/ultimate-platform/fonts/mont/mont-semibold/ 42 KB
43 KB 293ms
291ms Font
binary/octet-stream 2606:4700::6811:900c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promo.libertex.org/lp/en-en/ultimate-platform/fonts/mont/mont-semibold/mont-semibold.woff2
Requested by: Host: promo.libertex.org
URL: https://promo.libertex.org/lp/en-en/ultimate-platform/css/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:900c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e377670313d0df5aea0827e47e513ec1faf566945296b9e50b2eca7c1e048527

Request headers

Referer: https://promo.libertex.org/lp/en-en/ultimate-platform/css/main.css
Origin: https://promo.libertex.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:14 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 11 Oct 2023 09:17:09 GMT
server: cloudflare
x-amz-request-id: 03R7GQYR4BH644CF
etag: "a22974a265089b8d96a0b9969289e444"
vary: Accept-Encoding
content-type: binary/octet-stream
cf-ray: 814ac7f17da04d26-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43364
x-amz-id-2: INLMpS13Fq4hN+VJeCA9kaFa4c9QzwySSP8Bbxu3izJ1RLt8pfCeg1PkE73h9UKoLTCGNEYZRrU=

GET
H3 200 mont-regular.woff2
promo.libertex.org/lp/en-en/ultimate-platform/fonts/mont/mont-regular/ 41 KB
41 KB 299ms
298ms Font
binary/octet-stream 2606:4700::6811:900c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promo.libertex.org/lp/en-en/ultimate-platform/fonts/mont/mont-regular/mont-regular.woff2
Requested by: Host: promo.libertex.org
URL: https://promo.libertex.org/lp/en-en/ultimate-platform/css/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:900c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51b613344f05c6eb7fab6733e8ec2d10a2a0b2ec981e1c4647416d60eac72a81

Request headers

Referer: https://promo.libertex.org/lp/en-en/ultimate-platform/css/main.css
Origin: https://promo.libertex.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:14 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 11 Oct 2023 09:17:09 GMT
server: cloudflare
x-amz-request-id: 03R1CNQRTCQRVF3Q
etag: "bdcff66d9e4d966e3a3e9627056046ff"
vary: Accept-Encoding
content-type: binary/octet-stream
cf-ray: 814ac7f17da24d26-FRA
alt-svc: h3=":443"; ma=86400
content-length: 42020
x-amz-id-2: qpR1yVkqx08TBOAUfkSwHidASauHc3B6aavq1TZiOKCHF6lLWzerasypXJYkQEwTo5AZlmIahjI=

GET
H3 200 mont-bold.woff2
promo.libertex.org/lp/en-en/ultimate-platform/fonts/mont/mont-bold/ 42 KB
42 KB 327ms
325ms Font
binary/octet-stream 2606:4700::6811:900c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promo.libertex.org/lp/en-en/ultimate-platform/fonts/mont/mont-bold/mont-bold.woff2
Requested by: Host: promo.libertex.org
URL: https://promo.libertex.org/lp/en-en/ultimate-platform/css/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:900c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d9e0e4b6636bab12f4f0e583c231a6504e0d243c57774554c1397a43ab292c5

Request headers

Referer: https://promo.libertex.org/lp/en-en/ultimate-platform/css/main.css
Origin: https://promo.libertex.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:14 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 11 Oct 2023 09:17:09 GMT
server: cloudflare
x-amz-request-id: 03R2CW3ZYN7YGMJS
etag: "22d74a57af7e4c8524c6cb27cb37cfca"
vary: Accept-Encoding
content-type: binary/octet-stream
cf-ray: 814ac7f17da34d26-FRA
alt-svc: h3=":443"; ma=86400
content-length: 42992
x-amz-id-2: h2GrBClCHOYJF8BAX6gmFtVkDqMTlSnfA//Ym7W4649pOnkMicm3jIuS5p/0aBciQq18/IP1NE4=

GET
H2 200 c27a80e3805039b3605d11064ab4fa179e669a0b Show response
api-account.libertex.org/v1/init/ 10 KB
5 KB 688ms
588ms XHR
application/json 2606:4700::6811:910c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-account.libertex.org/v1/init/c27a80e3805039b3605d11064ab4fa179e669a0b?sdk=javascript&v=1697065874556
Requested by: Host: lib.libertex.org
URL: https://lib.libertex.org/landing/js/landing-api.min.2.2.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:910c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97b3ae177871dfb8bdc362e30a6b4e0217fab3e5bfd1ef3d58be4f594b2642d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cf-ray: 814ac7f4b9491e4f-FRA
access-control-allow-headers: X-Forwarded-For
alt-svc: h3=":443"; ma=86400

GET
H2 200 utag.505.js Show response
tags.tiqcdn.com/utag/fxclub/main/prod/ 20 KB
5 KB 51ms
49ms Script
application/javascript 2600:9000:223e:6800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.505.js?utv=ut4.46.202102051128
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:6800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 60144c2a5b02a2741f57d2a09ed68c9a3057ca25ae32352c8af6880c6175f9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: SH4Tbp1uL9zs.eGd2lRFzuFxaObUt_0O
content-encoding: br
via: 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
date: Wed, 11 Oct 2023 23:11:14 GMT
last-modified: Fri, 06 Oct 2023 11:38:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 298
x-amz-server-side-encryption: AES256
etag: W/"9a65b81bb1a7b9897b031c35bac10a87"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: Fv_1Ceih3R0--5nvn1N6t65xDg6GLlR7TFqlR6HA8I2ps2_mDtNUJQ==

GET
H2 200 utag.503.js Show response
tags.tiqcdn.com/utag/fxclub/main/prod/ 9 KB
3 KB 46ms
43ms Script
application/javascript 2600:9000:223e:6800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.503.js?utv=ut4.46.202111081405
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:6800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d02f8a71aa35475e17b2831993919be61477740ec69db85e02912ee19be99afb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: SA.Kh0TKdU84tTWXWJd6J.5aPcItyrCM
content-encoding: br
via: 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
date: Wed, 11 Oct 2023 23:07:48 GMT
last-modified: Fri, 06 Oct 2023 11:38:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 213
x-amz-server-side-encryption: AES256
etag: W/"79c8fe9fdc8a32b95e934d7ec0d57d55"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: uK8xtjwyU8FUBU-x72iJyIfbq2lqV7ba4FQgprOXMYZKfixw-DLUWA==

GET
H2 200 utag.596.js Show response
tags.tiqcdn.com/utag/fxclub/main/prod/ 7 KB
2 KB 47ms
44ms Script
application/javascript 2600:9000:223e:6800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.596.js?utv=ut4.46.201907011259
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:6800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 48f550b7c658813b33f56518e7b05d48a3e539fb0189a86c9afc8651493a5cf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: VlHRJg1ZZrl5UOlvt6niXmTAVeLQNkRp
content-encoding: br
via: 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
date: Wed, 11 Oct 2023 23:11:10 GMT
last-modified: Fri, 06 Oct 2023 11:38:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 52
x-amz-server-side-encryption: AES256
etag: W/"df25754b86d72ef9251a675c9cccc2ba"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: m-Kq3XB7gNTHb6fMpSsg6j8KafTJSLNGnulg6Yqt3V9vmaGG-Ivs4g==

GET
H2 200 utag.541.js Show response
tags.tiqcdn.com/utag/fxclub/main/prod/ 3 KB
2 KB 46ms
44ms Script
application/javascript 2600:9000:223e:6800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.541.js?utv=ut4.46.202304110819
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:6800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f35ee9cad8e8c5110c4e6e7af90d5b38aaa9dcbe3d37f90dbc1b283d2568bb34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: BvEEaZVqRnGtnARlH_QK23TjOmNAfWO3
content-encoding: br
via: 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
date: Wed, 11 Oct 2023 23:08:41 GMT
last-modified: Fri, 06 Oct 2023 11:38:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 213
x-amz-server-side-encryption: AES256
etag: W/"dea231c7eaa2faa022a5a721ba7bcd9e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: SPU_OuJO9Qt-KfKcw33VMAvBCP3o6N1gzlbpaO1sj4Ut-xjlx02T9w==

GET
H2 200 utag.548.js Show response
tags.tiqcdn.com/utag/fxclub/main/prod/ 10 KB
3 KB 51ms
49ms Script
application/javascript 2600:9000:223e:6800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.548.js?utv=ut4.46.201804170814
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:6800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8444a7cebfdb808652c51388240a5a6458291ebee7602fce9e288f80df603617

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: SeWh71iErbRpr8_POGQWuJOdwLOQJ.uE
content-encoding: br
via: 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
date: Wed, 11 Oct 2023 23:11:14 GMT
last-modified: Fri, 06 Oct 2023 11:38:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 297
x-amz-server-side-encryption: AES256
etag: W/"f17fae1a3b86777d20d0cab55f0021ad"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: lxbvBlNj1cXX94tsLnY4B48ydLD70DOVzeinE3DKLRP4NnPqptRlQw==

GET
H2 200 utag.607.js Show response
tags.tiqcdn.com/utag/fxclub/main/prod/ 4 KB
2 KB 46ms
44ms Script
application/javascript 2600:9000:223e:6800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.607.js?utv=ut4.46.202201100844
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:6800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a476dac78a26e869b0f7760270533bc7bd510e11824c00961fde137c8277ee25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: jGnkCoGg1DTf0AAN29ZAlT68IL5HxAst
content-encoding: br
via: 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
date: Wed, 11 Oct 2023 23:08:32 GMT
last-modified: Fri, 06 Oct 2023 11:38:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 213
x-amz-server-side-encryption: AES256
etag: W/"e8e51f954f63c3d4f59580e0530ac7be"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: RGwBd-_ZGDgnRWVyhxRfAtLhaz80fbY58ZhFsXUDJiB4TTahHDmLVA==

GET
H2 200 utag.654.js Show response
tags.tiqcdn.com/utag/fxclub/main/prod/ 3 KB
2 KB 51ms
49ms Script
application/javascript 2600:9000:223e:6800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.654.js?utv=ut4.46.202309060926
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:6800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd57c5cd2208832638472dfd15136a4a448c513a3c2b4019dc3a6d9ab56ee932

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: ab4SDI5t5fieK1U9R22.aQb5uLQx3NE8
content-encoding: br
via: 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
date: Wed, 11 Oct 2023 23:11:14 GMT
last-modified: Fri, 06 Oct 2023 11:38:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 196
x-amz-server-side-encryption: AES256
etag: W/"d4f0b839fa1d64d51cc0a9168804b7b0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: ykLMHkrf1pW9wCvpBq37QwNCxmMOEICHc5cebMt6qQqilUsL0co40g==

GET
H2 200 utag.657.js Show response
tags.tiqcdn.com/utag/fxclub/main/prod/ 8 KB
3 KB 50ms
48ms Script
application/javascript 2600:9000:223e:6800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.657.js?utv=ut4.46.202309071326
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:6800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d3861246270f9d62b1b8e677ee0b558fced40660bdec3c459ffcbcefb7492aa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: Qy3wlK5YlelocKBJUDNdEa4wm_xEKF7I
content-encoding: br
via: 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
date: Wed, 11 Oct 2023 23:11:14 GMT
last-modified: Fri, 06 Oct 2023 11:38:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 297
x-amz-server-side-encryption: AES256
etag: W/"f5e7fc8a3cf0bcf688f320c941c0496f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: hMiEfvh6ihaqJTz4hGjMyC3d_XS1Xy6jDXMT8j_h4G0U_k397GJuwg==

GET
H2 200 utag.692.js Show response
tags.tiqcdn.com/utag/fxclub/main/prod/ 4 KB
2 KB 49ms
47ms Script
application/javascript 2600:9000:223e:6800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.692.js?utv=ut4.46.202110210846
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:6800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7e47fa3ff552ed682396032c37798589958b07075e37cf2a99f9169f1d5a0784

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: Gbloz7Ou7DYZdthq0.UqNyf5Bm6Jtw0s
content-encoding: br
via: 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
date: Wed, 11 Oct 2023 23:07:48 GMT
last-modified: Fri, 06 Oct 2023 11:38:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 213
x-amz-server-side-encryption: AES256
etag: W/"5cbb35c889d51beed7440e1f24e3008c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: A5mWqucPG4hm2_3lQuTWe7toVD8TP7PiYGfvioHV6cQtZXYjE6R4jQ==

GET
H2 200 utag.705.js Show response
tags.tiqcdn.com/utag/fxclub/main/prod/ 16 KB
6 KB 50ms
48ms Script
application/javascript 2600:9000:223e:6800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.705.js?utv=ut4.46.202205050828
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:6800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: df96d1fbb9b33fd658567bd8b9a2e54cb5819e11ef5b0fa2de69b02744fa2531

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: 0zVzUXUiiPUbWp7wFbRI6URtZucQqR6H
content-encoding: br
via: 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
date: Wed, 11 Oct 2023 23:11:14 GMT
last-modified: Fri, 06 Oct 2023 11:38:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 297
x-amz-server-side-encryption: AES256
etag: W/"b92655dfc16ffc8127010db1ba04dbb7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: m0dIC-wm4UWU0JsQRLGdeAAs_VVHvIcP9Tdp0-yb1FNMj8PbElVvJQ==

GET
H2 200 utag.731.js Show response
tags.tiqcdn.com/utag/fxclub/main/prod/ 7 KB
3 KB 473ms
471ms Script
application/javascript 2600:9000:223e:6800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.731.js?utv=ut4.46.202302031206
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:6800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 60644ea28138c7f75bafeca36d5bfcb980edeb72514ce13d821021d6e17c96f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: RHMD0Ml0nPrjkHBUIi1wphcu_YjLMVgv
content-encoding: br
via: 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
date: Wed, 11 Oct 2023 23:11:15 GMT
last-modified: Fri, 06 Oct 2023 11:38:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
etag: W/"05f8ab5c90653518a69dbd25d6887896"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: dR4zQAQfNtmgEcNfewt9YCoCYk77QeGfNZnJ2I9ffHiw2bybuJUq7w==

GET
H2 200 utag.746.js Show response
tags.tiqcdn.com/utag/fxclub/main/prod/ 2 KB
1 KB 82ms
81ms Script
application/javascript 2600:9000:223e:6800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.746.js?utv=ut4.46.202301301117
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:6800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28f42b6fdf8eef21a27178824e615bf23b143cd440f2f3d5ec3274b3d845e9f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: _W8UDUDWP_STPaty2No8zlNfpPre8fUN
content-encoding: br
via: 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
date: Wed, 11 Oct 2023 23:11:14 GMT
last-modified: Fri, 06 Oct 2023 11:38:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 297
x-amz-server-side-encryption: AES256
etag: W/"f375f23f51bc73defc641d8cc926bd89"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 5mkS09vJczEmYar_XuBlu5XYgJafLCUb0xdj95ytVDmLa893l3HpAA==

GET
H2 200 utag.757.js Show response
tags.tiqcdn.com/utag/fxclub/main/prod/ 12 KB
4 KB 79ms
78ms Script
application/javascript 2600:9000:223e:6800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.757.js?utv=ut4.46.202308010749
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:6800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 412d8923455036f8d193eb49e0f547ce894ba9d7d9cc104790c10a7829e88edb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: 2ZbQkQjtmaXsnogGATZALLnpikTNof8c
content-encoding: br
via: 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
date: Wed, 11 Oct 2023 23:07:49 GMT
last-modified: Fri, 06 Oct 2023 11:38:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 206
x-amz-server-side-encryption: AES256
etag: W/"bd70c903cc43c3df808aeffb02b3a666"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: bSakI3qi7Cqnr-IUtMwmj1Pbh7qfXNY0JTp4eYkjQPkR-zc0oqnkhA==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 198 KB
53 KB 119ms
40ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

325fab5a06017764ab5ff18c3e5d6c1625d3524cb2a077e58b902fb8f26d1c9a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 11 Oct 2023 23:11:14 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53364
x-xss-protection: 0
pragma: public
x-fb-debug: JNBK5MOoXQVipUp1MfpzKC0bDOasKZklhwRxttLvhSzmF1JSJWNJq3KL3TYiSxyF7zfFPJ43uLKbKP59/y8Uew==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 mark
trc.taboola.com/forexclub-sc/log/3/ 0
370 B 148ms
50ms Image
image/gif 2a04:4e42::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/forexclub-sc/log/3/mark?marking-type=visitor&item-url=https%3A%2F%2Fpromo.libertex.org%2Flp%2Fen-en%2Fultimate-platform%2F%3Faff_id%3D52621%26cxd%3D52621_582613_%7Cafp0%3A54470f23-b9a0-449a-8ccb-2e8dc15c56fc%7Cafp1%3A1205%7Cafp10%3AInvest_in_Crypto
Requested by: Host: promo.libertex.org
URL: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms: 10
date: Wed, 11 Oct 2023 23:11:14 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7409
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-etou8220106-FRA
pragma: no-cache
server: nginx
x-timer: S1697065875.727058,VS0,VE10
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2

200

activityi;dc_pre=CO7jgIWP74EDFRTE1QodDSwK-Q;src=11442981;type=testb0;cat=pagev0;ord=9611861680289.164 Show response
11442981.fls.doubleclick.net/ Frame 5AEF
Redirect Chain

https://11442981.fls.doubleclick.net/activityi;src=11442981;type=testb0;cat=pagev0;ord=9611861680289.164?
https://11442981.fls.doubleclick.net/activityi;dc_pre=CO7jgIWP74EDFRTE1QodDSwK-Q;src=11442981;type=testb0;cat=pagev0;ord=9611861680289.164?

440 B
401 B

51ms
50ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11442981.fls.doubleclick.net/activityi;dc_pre=CO7jgIWP74EDFRTE1QodDSwK-Q;src=11442981;type=testb0;cat=pagev0;ord=9611861680289.164?

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

b038d89c2fb23ec77314edcb29fde8f37ca0ce6de8c98ec91a3c4246991f5cfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://promo.libertex.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 226
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 23:11:14 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 23:11:14 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11442981.fls.doubleclick.net/activityi;dc_pre=CO7jgIWP74EDFRTE1QodDSwK-Q;src=11442981;type=testb0;cat=pagev0;ord=9611861680289.164?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 api.min.js Show response
a.opmnstr.com/app/js/ 51 KB
18 KB 145ms
39ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/api.min.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 97f42f589e8dc951e4e08d648f931eb0bd8d91bef1f595eb6126d0b82bcaf9fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:14 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-661
cdn-cachedat: 10/11/2023 16:12:28
cdn-pullzone: 293267
last-modified: Mon, 25 Sep 2023 16:44:37 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 599
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"6511b8f5-cb6f"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 1457fdadbb3555a6fd042ef3a1870e5a
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
2 KB 227ms
146ms Script
application/javascript 23.38.98.14
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BVJ114SOLA0CA89TMT5G&lib=ttq
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.14 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-14.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9900212718a88521d561d7a568c96dbf1dde8e045255627ba55709d60ca6c72b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-akamai-request-id: 29aeea99
date: Wed, 11 Oct 2023 23:11:14 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-38-99-78.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
server-timing: inner; dur=2, cdn-cache; desc=MISS, edge; dur=1, origin; dur=100
content-length: 1746
pragma: no-cache
server: nginx
x-tt-logid: 202310112311142F64CF589947E8E715E4
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 101,23.38.99.78
x-tt-trace-host: 0105f3b903c5b53d67435cfcdf98b289ade14d77718ac1aeb2e10c26ff649ad67a500117c9c34dadf8a8511f5295d6618960c5582d5893501618aebf775a4b0baa33489aace8e50e885268d3215f41c1dc8296ba0fa221b71a621abc0f8268b822
expires: Wed, 11 Oct 2023 23:11:14 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 126ms
38ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 11 Oct 2023 21:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4892
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 11 Oct 2023 23:49:42 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 119ms
38ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.548.js?utv=ut4.46.201804170814
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:14 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-etou8220065-FRA

GET
H2 200 hotjar-898554.js Show response
static.hotjar.com/c/ 10 KB
4 KB 150ms
69ms Script
application/javascript 18.66.97.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-898554.js?sv=

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-37.fra56.r.cloudfront.net

Software

Resource Hash

96ebd7ad655c8ed2efd4297202c06f136c98a6c179e3fabe21d6750d9aaaaed9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Wed, 11 Oct 2023 23:11:14 GMT
via: 1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/d1c12d308085ecbf32da592a6a2422e4
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: Q3rYv5Nc4f285Bx1rl7H7Gkb8dyFafJd-Yc2_sNVlVsHrmarCj0Yig==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 271 KB
90 KB 143ms
56ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GGPG0HTS88

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

16b9ce2be2bfbb1b1ddca3c5ccdac3e30c21a3a160b0cc8eb38a080d9e9d559a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91973
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 11 Oct 2023 23:11:14 GMT

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 9 KB
3 KB 126ms
44ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=677842&u=https%3A%2F%2Fpromo.libertex.org%2Flp%2Fen-en%2Fultimate-platform%2F%3Faff_id%3D52621%26cxd%3D52621_582613_%7Cafp0%3A54470f23-b9a0-449a-8ccb-2e8dc15c56fc%7Cafp1%3A1205%7Cafp10%3AInvest_in_Crypto&r=0.21198312924585316
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.746.js?utv=ut4.46.202301301117
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 03100bce7d16ea14a1748bb7783b688842db7239b1b944467410b704b8f66ffa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:14 GMT
content-encoding: gzip
via: 1.1 google
server: gfra1
etag: W/"1697023655"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 adsct
t.co/i/ 43 B
377 B 306ms
223ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=e6bbd07a-8d13-4a0e-8ac5-fab57662983c&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=fabcd36f-768c-41ce-9462-03f737511450&tw_document_href=https%3A%2F%2Fpromo.libertex.org%2Flp%2Fen-en%2Fultimate-platform%2F%3Faff_id%3D52621%26cxd%3D52621_582613_%7Cafp0%3A54470f23-b9a0-449a-8ccb-2e8dc15c56fc%7Cafp1%3A1205%7Cafp10%3AInvest_in_Crypto&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzaqg&type=javascript&version=2.3.29

Requested by

Host: promo.libertex.org
URL: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-response-time: 175
date: Wed, 11 Oct 2023 23:11:14 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 86325125c7d0e442
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 710555ed9e555fc31bd8c3b0f88f2c50c7807226c960d2eacfee51e08720ccc6
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
396 B 307ms
223ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=e6bbd07a-8d13-4a0e-8ac5-fab57662983c&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=fabcd36f-768c-41ce-9462-03f737511450&tw_document_href=https%3A%2F%2Fpromo.libertex.org%2Flp%2Fen-en%2Fultimate-platform%2F%3Faff_id%3D52621%26cxd%3D52621_582613_%7Cafp0%3A54470f23-b9a0-449a-8ccb-2e8dc15c56fc%7Cafp1%3A1205%7Cafp10%3AInvest_in_Crypto&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzaqg&type=javascript&version=2.3.29

Requested by

Host: promo.libertex.org
URL: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-response-time: 178
date: Wed, 11 Oct 2023 23:11:14 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: df55248a74ad6ee1
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 847ce38d6ff7703e30bb0611d38dc92a41b43eef7366d18648fc6b61cb3b8dde
content-length: 43

GET
H3 200 tag-183c401382c37bbbee202fd08b53d1f2.js Show response
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/ 180 KB
50 KB 87ms
45ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-183c401382c37bbbee202fd08b53d1f2.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=677842&u=https%3A%2F%2Fpromo.libertex.org%2Flp%2Fen-en%2Fultimate-platform%2F%3Faff_id%3D52621%26cxd%3D52621_582613_%7Cafp0%3A54470f23-b9a0-449a-8ccb-2e8dc15c56fc%7Cafp1%3A1205%7Cafp10%3AInvest_in_Crypto&r=0.21198312924585316
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: d7bf8d5d3cef884a3c569fed78737516ee9313f56c4314bfc5ef1ef37b429c3f

Request headers

Referer: https://promo.libertex.org/
Origin: https://promo.libertex.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:14 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 11 Oct 2023 11:27:07 GMT
server: gfra1
etag: "6526868b-c8fb"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51451

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/eu01/ 35 B
206 B 51ms
50ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/eu01/v.gif?cd=0&a=677842&d=promo.libertex.org&u=DD29F654350B073AD76181DEEFA372319&h=f3d724632e5eec784892618e9d14ba89&t=false

Requested by

Host: promo.libertex.org
URL: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gbel2c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 23:11:14 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gbel2c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 modules.201a312ebf7d4ba5a863.js Show response
script.hotjar.com/ 226 KB
55 KB 133ms
49ms Script
application/javascript 13.32.27.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.201a312ebf7d4ba5a863.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-898554.js?sv=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-19.fra56.r.cloudfront.net

Software

Resource Hash

6dcb6952adc008e2c353e3200024bd27be736121acccece91802d63850129e6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 11:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 dca6db3c8f31f3cd48bb06d78a8be624.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 40688
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56196
last-modified: Wed, 11 Oct 2023 11:53:03 GMT
etag: "2f69fe4aaadab2b83a71e22913f5c92a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: bWv6Y2r6E4eT3G849jQaHus2YKMvRUOSWZFZMuFl7GPoWDGn42NkwA==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
224 B 46ms
46ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1687291542&t=pageview&_s=1&dl=https%3A%2F%2Fpromo.libertex.org%2Flp%2Fen-en%2Fultimate-platform%2F%3Faff_id%3D52621%26cxd%3D52621_582613_%7Cafp0%3A54470f23-b9a0-449a-8ccb-2e8dc15c56fc%7Cafp1%3A1205%7Cafp10%3AInvest_in_Crypto&ul=en-us&de=UTF-8&dt=Libertex&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACAABBAAAACAAI~&jid=1511808280&gjid=37836922&cid=502758573.1697065875&tid=UA-49381759-1&_gid=842148287.1697065875&_r=1&_slc=1&cd7=en&z=589381785

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e08eda4321af543de4dc033df838e773b20ff7dfe8a895ffb8090cfc0b206cd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://promo.libertex.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 23:11:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promo.libertex.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 api.min.css
a.omappapi.com/app/js/ 10 KB
3 KB 127ms
39ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.css
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 7516f9aff006dced658ced4b577da1425b72add3677466abd9dca6fa4cb10d0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:14 GMT
content-encoding: br
cdn-edgestorageid: 1082
perma-cache: HIT
cdn-storageserver: DE-664
cdn-cachedat: 10/11/2023 16:12:28
cdn-pullzone: 293267
last-modified: Mon, 25 Sep 2023 16:46:01 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 588
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"6511b949-2644"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: cdf408e0e3ceb95764e10d61a92ae7c3
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 8811 Show response
api.omappapi.com/v2/embed/ 227 B
823 B 253ms
135ms XHR
application/json 18.66.112.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/8811?d=promo.libertex.org
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-67.fra56.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: 5aa4142a40b5a1e0cdee8d5416c145c0e3d8b785254a566b5393069dcd2e0de8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:14 GMT
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-cache-config: 0 0
x-amz-cf-pop: FRA56-P5
x-cache-status: HIT
x-cache: Miss from cloudfront
content-length: 227
x-optinmonster-account: 2794
x-user-agent: standard--
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Pagely Gateway/1.5.1
etag: "b91e5dc54e033e761837b7b846da520f"
vary: Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: X-OptinMonster-Account, X-User-Agent
cache-control: public, max-age=30, stale-while-revalidate=1800
access-control-allow-headers: X-CSRF-Token
x-amz-cf-id: sHxJUU9i6Ggwtd0MjYn-sJUiDftc5Lbn8zH_hevLwYrMpTpXtIJn5g==
expires: Wed, 11 Oct 2023 23:01:28 GMT

GET
H2 200 503697863149680 Show response
connect.facebook.net/signals/config/ 131 KB
34 KB 115ms
114ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/503697863149680?v=2.9.133&r=stable&domain=promo.libertex.org

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

56594131f1267d50b46498d7901b1e6f97a7f1571794fd8bcb5e6ca80b3f2b1a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 11 Oct 2023 23:11:14 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: hlLaRIhvnakaMmzYBUBuov3DkrbJ53l8AjLBgNox5aPRM1h9uXEYaqqKSWsDYFqpIyjGuUtetkve+nWRL+/Kzw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
351 B 155ms
48ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-49381759-1&cid=502758573.1697065875&jid=1511808280&gjid=37836922&_gid=842148287.1697065875&_u=YGBACAAABAAAACAAI~&z=249817517

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://promo.libertex.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 11 Oct 2023 23:11:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promo.libertex.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 309 KB
97 KB 63ms
62ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QBJKE0F9ZF&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

da184a324b4955befba709102ad8c9d5aa83d1972a423360d895735c5d3c24d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 99237
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 11 Oct 2023 23:11:14 GMT

GET
H2 200 main.MWQ0NWRkZTlhMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 389 KB
101 KB 43ms
43ms Script
application/javascript 23.38.98.14
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BVJ114SOLA0CA89TMT5G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.14 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-14.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 986333a99c0309f940f3cd10c2846221feaefe70f96f9005553eb85fb83ec875

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-akamai-request-id: 29aeeae4
date: Wed, 11 Oct 2023 23:11:14 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202309211238193D00C1DBC5E216CF896C
vary: Accept-Encoding
x-cache: TCP_HIT from a23-38-99-78.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 015aa300b64d785990c83dcaa08303863393fe5a93f8f176e21ec52e836288657038923ce0bd83247061fbfc8cfb2b441f89ba2702d5b9f834c6793011f7146d57de3bb9b2085a974f0f3d438138b5eaeb3d9095ff8355dd557701f1cfca7d5ab5
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=18
content-length: 102823

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CO7jgIWP74EDFRTE1QodDSwK-Q;src=11442981;type=testb0;cat=pagev0;ord=9611861680289.164;~oref=https://promo.libertex.org/ Frame 6832 439 B
600 B 182ms
81ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CO7jgIWP74EDFRTE1QodDSwK-Q;src=11442981;type=testb0;cat=pagev0;ord=9611861680289.164;~oref=https://promo.libertex.org/

Requested by

Host: 11442981.fls.doubleclick.net
URL: https://11442981.fls.doubleclick.net/activityi;dc_pre=CO7jgIWP74EDFRTE1QodDSwK-Q;src=11442981;type=testb0;cat=pagev0;ord=9611861680289.164?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d93dd68db355129c1796580e9fe22cf781ff62693183da6f6fc0fb5ad9121a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11442981.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 226
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 23:11:14 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
256 B 149ms
50ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-GGPG0HTS88&gtm=45je3ab0&_p=1687291542&_gaz=1&gdid=dYmQxMT&cid=502758573.1697065875&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697065874&sct=1&seg=0&dl=https%3A%2F%2Fpromo.libertex.org%2Flp%2Fen-en%2Fultimate-platform%2F%3Faff_id%3D52621%26cxd%3D52621_582613_%7Cafp0%3A54470f23-b9a0-449a-8ccb-2e8dc15c56fc%7Cafp1%3A1205%7Cafp10%3AInvest_in_Crypto&dt=Libertex&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GGPG0HTS88
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 23:11:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promo.libertex.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 85ms
49ms Ping
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GGPG0HTS88&cid=502758573.1697065875&gtm=45je3ab0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GGPG0HTS88
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 23:11:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promo.libertex.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 295 KB
95 KB 69ms
67ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8FE0VJVQNC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GGPG0HTS88

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8b11e2b4e0f51bb944831d4b379b9dd807584c45180947f80aa8c17b43548de1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97136
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 11 Oct 2023 23:11:14 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 144ms
51ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GGPG0HTS88&cid=502758573.1697065875&gtm=45je3ab0&aip=1&z=1492789769

Requested by

Host: promo.libertex.org
URL: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 23:11:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 3 KB
1 KB 62ms
62ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=677842&settings_type=1&vn=7.0
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-183c401382c37bbbee202fd08b53d1f2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 0bf5b6c0bb4ef077bf6cf0ae1dfdf053d9725cc9b8ba96951caf65d487fa5eba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:14 GMT
content-encoding: gzip
via: 1.1 google
server: gfra1
etag: W/"1697023655"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 48ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-QBJKE0F9ZF&gtm=45je3ab0&_p=1687291542&_gaz=1&gdid=dYmQxMT&ul=en-us&sr=1600x1200&cid=502758573.1697065875&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fpromo.libertex.org%2Flp%2Fen-en%2Fultimate-platform%2F%3Faff_id%3D52621%26cxd%3D52621_582613_%7Cafp0%3A54470f23-b9a0-449a-8ccb-2e8dc15c56fc%7Cafp1%3A1205%7Cafp10%3AInvest_in_Crypto&dt=Libertex&sid=1697065875&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_7=en
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QBJKE0F9ZF&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 23:11:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promo.libertex.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 49ms
48ms Ping
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-QBJKE0F9ZF&cid=502758573.1697065875&gtm=45je3ab0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QBJKE0F9ZF&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 23:11:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promo.libertex.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 51ms
51ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QBJKE0F9ZF&cid=502758573.1697065875&gtm=45je3ab0&aip=1&z=1768653983

Requested by

Host: promo.libertex.org
URL: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 23:11:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 138ms
50ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-49381759-1&cid=502758573.1697065875&jid=1511808280&_u=YGBACAAABAAAACAAI~&z=928798584

Requested by

Host: promo.libertex.org
URL: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 23:11:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 50ms
50ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-49381759-1&cid=502758573.1697065875&jid=1511808280&_u=YGBACAAABAAAACAAI~&z=928798584

Requested by

Host: promo.libertex.org
URL: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 23:11:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5.77298452.min.js Show response
a.opmnstr.com/app/js/ 16 KB
6 KB 39ms
39ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/5.77298452.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 283ce4fc2baa0dfd2324b05b14d0530fc385ee92fea03e1bd0891aa8593bdff2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:15 GMT
content-encoding: br
cdn-edgestorageid: 1082
perma-cache: HIT
cdn-storageserver: DE-679
cdn-cachedat: 10/11/2023 16:12:28
cdn-pullzone: 293267
last-modified: Mon, 18 Sep 2023 16:47:42 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 599
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65087f2e-4140"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 86ce71b35c4aa113e0fc6fc55946e6d5
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 131ms
39ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=503697863149680&ev=PageView&dl=https%3A%2F%2Fpromo.libertex.org&rl=&if=false&ts=1697065875129&sw=1600&sh=1200&v=2.9.133&r=stable&a=tmtealium&ec=0&o=28&fbp=fb.1.1697065875123.868869984&pm=1&hrl=394e5b&ler=empty&it=1697065874822&coo=false&cs_cc=1&cas=6273894476057018%2C5094943807283399%2C7016671628347093%2C6114683308657450%2C6304183952948766%2C4072965789423402%2C2637853976292105%2C2575376645847063%2C2350195398431807%2C2193917490719856%2C6237468092959149%2C8899137436794725%2C5899200673473631%2C6359067434143548%2C8982884845085560%2C5790359031019920%2C6089879401129885%2C2670283422998568&rqm=GET

Requested by

Host: promo.libertex.org
URL: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 11 Oct 2023 23:11:15 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 identify_7dd78.js Show response
analytics.tiktok.com/i18n/pixel/static/ 134 KB
36 KB 43ms
43ms Script
application/javascript 23.38.98.14
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_7dd78.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.14 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-14.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7afaa861788cfa4b943b9a78a597edb2e73dcf6cf15cb34ce9a02c72373d9abe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-akamai-request-id: 29aeeb82
date: Wed, 11 Oct 2023 23:11:15 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230907110710A3E17FF6BA90138D5F3A
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-38-99-78.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 018c2c88748710049b87b86c06511915036ae1509453e71224c1fc91378c16d101c5c9dc7d92ac9759f01aa2115b0d4be90b450d8c4f2cbb404e2358047aeedb2e683765dd1d4569cb7282425028a0c4eb7c7e1d64bec1036323fc3073cfe197be
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 35923

POST
H2 200 pangle_pixel
analytics.pangle-ads.com/api/v2/ 0
876 B 258ms
134ms Ping
text/plain 193.108.153.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.pangle-ads.com/api/v2/pangle_pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-24.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://promo.libertex.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 10a549fb.18ffd7c
date: Wed, 11 Oct 2023 23:11:15 GMT
x-bytefaas-request-id: 202310112311159B54DFBED1BD56B2C656
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-54-206-24.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51620215) (-)
x-parent-response-time: 95,23.54.206.24
server-timing: cdn-cache; desc=MISS, edge; dur=86, origin; dur=9, inner; dur=6
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202310112311159B54DFBED1BD56B2C656
x-cache-remote: TCP_MISS from a23-222-3-141.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51620215) (-)
access-control-max-age: 86400
access-control-allow-methods: *
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-bytefaas-execution-duration: 3.69
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-origin-response-time: 9,23.222.3.141
x-tt-trace-host: 0105f3b903c5b53d67435cfcdf98b289ad355c41939eed9ef6f61015bd462bc53ba168fb3f4eb0ac32d3b3f729c1a78f5864bba31124dcecfb63c9aedfdb4ca09111947f37681a4ea76f919b6d2ca0aca8552a83113c5e514438f92143e7d231ccbb7b209e87292d4e7eac1a76aa6b5815
access-control-allow-headers: *
expires: Wed, 11 Oct 2023 23:11:15 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
790 B 170ms
170ms Ping
text/plain 23.38.98.14
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.14 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-14.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://promo.libertex.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: ade49cb4.29aeeb91
date: Wed, 11 Oct 2023 23:11:15 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-38-99-78.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
x-parent-response-time: 122,23.38.99.78
server-timing: cdn-cache; desc=MISS, edge; dur=93, origin; dur=35, inner; dur=32
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231011231115DB21A626372C08B1F679
x-cache-remote: TCP_MISS from a23-220-106-22.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 36,23.220.106.22
x-tt-trace-host: 0105f3b903c5b53d67435cfcdf98b289adf185fc1edf7ee5675ff29559657c65bb33ee53cb67ce38c02f2258663f44651786f81fa4898f079ee03cccf7084daad5b5065cfbe7f30a666988cf6035edb6acad94183f5019025ccbac9158669ce06424c59f74d5c254b9a9cc9b93391fd1a3
access-control-allow-headers: Authorization,*
expires: Wed, 11 Oct 2023 23:11:15 GMT

GET
H2 200 / Show response
adservice.google.de/ddm/fls/i/dc_pre=CO7jgIWP74EDFRTE1QodDSwK-Q;src=11442981;type=testb0;cat=pagev0;ord=9611861680289.164;~oref=https://promo.libertex.org/ Frame B343 194 B
515 B 207ms
78ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CO7jgIWP74EDFRTE1QodDSwK-Q;src=11442981;type=testb0;cat=pagev0;ord=9611861680289.164;~oref=https://promo.libertex.org/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CO7jgIWP74EDFRTE1QodDSwK-Q;src=11442981;type=testb0;cat=pagev0;ord=9611861680289.164;~oref=https://promo.libertex.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 23:11:15 GMT
expires: Wed, 11 Oct 2023 23:11:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 46 KB
20 KB 151ms
50ms Script
application/javascript 2a02:2638:d::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=101568,61968,61966,101569,61967,101570

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3a4213af26ce5037c21c4e9cde463ea4afd4fa9bed86502ff7e3391c21d32efc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
432 B 40ms
39ms Script
application/javascript 2600:9000:223e:6800:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=fxclub/main/202310061135&cb=1697065875217
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:6800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date: Wed, 11 Oct 2023 23:05:04 GMT
via: 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 372
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
server: AmazonS3
etag: "7bc0ee636b3b83484fc3b9348863bd22"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: O6BcJ6firoY5PSjGzF9RIL2-bIMyLGJb1bHKQ7Cqj_xTHlx52xh0Wg==

GET
H2 200 /
tealium-proxy.libertex.org/ 19 B
19 B 126ms
108ms Image
text/plain 2606:4700::6811:900c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tealium-proxy.libertex.org/?t_profile=main&abtest_experiments_bucket=&abtest_experiments_name=&client_browser=Chrome&client_id=&customer_accounts_info_code=&customer_cur_account_balance_available=&customer_cur_account_count_of_deals_total=&customer_cur_account_deposit_init_value=&customer_cur_account_deposit_total_value=&customer_cur_account_id=&customer_cur_account_info_code=&customer_cur_account_is_deposit=&customer_cur_account_type=&customer_email=&customer_id=&customer_login=&customer_profile_broker=&customer_profile_business_unit=&customer_profile_country=&customer_profile_is_first_launch_open=&customer_profile_lifecycle=&customer_profile_network=&customer_profile_network_name=&event_account_id=&event_account_name=&event_currency=&event_date=&event_date_utc=2023-10-11+23%3A11%3A15&event_id=&event_ref=&event_type=&event_value=&fbp=&fbclid=&fx_visitor_id=&ga_cid=&gclid=&icid_sf=&mixlib=undefined&page_activitytime=&page_category=&page_channel=&page_dom_referrer=&page_dom_url=https%3A%2F%2Fpromo.libertex.org%2Flp%2Fen-en%2Fultimate-platform%2F%3Faff_id%3D52621%26cxd%3D52621_582613_%7Cafp0%3A54470f23-b9a0-449a-8ccb-2e8dc15c56fc%7Cafp1%3A1205%7Cafp10%3AInvest_in_Crypto&page_environment=prod&page_language=en&page_loadingtime=&page_loadingtime_tti=&page_name=&page_path=&page_referrer_long=&page_system=promo&page_type=&product_category=&product_id=&product_name=&product_subcategory=&segment_web=b&session_id=1697065874416&sf_campaignId=&user_agent=mozilla%2F5.0+%28windows+nt+10.0%3B+win64%3B+x64%29+applewebkit%2F537.36+%28khtml%2C+like+gecko%29+chrome%2F117.0.5938.149+safari%2F537.36&visitor_id=018b210233ee000575f1557e38e80307400a006c00b08
Requested by: Host: promo.libertex.org
URL: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:900c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:15 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
cf-ray: 814ac7f85ed565ab-FRA
alt-svc: h3=":443"; ma=86400
content-length: 19

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 49ms
48ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-8FE0VJVQNC&gtm=45je3ab0&_p=1687291542&_gaz=1&gdid=dYmQxMT&cid=502758573.1697065875&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697065875&sct=1&seg=0&dl=https%3A%2F%2Fpromo.libertex.org%2Flp%2Fen-en%2Fultimate-platform%2F%3Faff_id%3D52621%26cxd%3D52621_582613_%7Cafp0%3A54470f23-b9a0-449a-8ccb-2e8dc15c56fc%7Cafp1%3A1205%7Cafp10%3AInvest_in_Crypto&dt=Libertex&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8FE0VJVQNC&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 23:11:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promo.libertex.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 49ms
49ms Ping
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8FE0VJVQNC&cid=502758573.1697065875&gtm=45je3ab0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8FE0VJVQNC&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 23:11:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promo.libertex.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 52ms
52ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8FE0VJVQNC&cid=502758573.1697065875&gtm=45je3ab0&aip=1&z=817471019

Requested by

Host: promo.libertex.org
URL: https://promo.libertex.org/lp/en-en/ultimate-platform/?aff_id=52621&cxd=52621_582613_|afp0:54470f23-b9a0-449a-8ccb-2e8dc15c56fc|afp1:1205|afp10:Invest_in_Crypto

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 23:11:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 all Show response
api-geo.libertex.org/v1/ 81 KB
17 KB 140ms
123ms XHR
application/json 2606:4700::6811:910c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-geo.libertex.org/v1/all?locale=en&v=1697065875276

Requested by

Host: lib.libertex.org
URL: https://lib.libertex.org/landing/js/landing-api.min.2.2.2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:910c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ac6c7bd937b62a9cd8160508cd01323c2c42b8beb77ad303d808e74034b764c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cf-ray: 814ac7f8bc221e4f-FRA
access-control-allow-headers: Accept, Accept-Language, Origin, Content-Type, Content-Language, X-Forwarded-For
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10b6970e9db42c5e69178f09b402d39f7624d7a9b8fb23f6825f45b28dba1f53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e192cbcb235019c7129b5e9ee56d6f48b4615c6e16c8452fbbe560bfbc6ddab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
649 B 164ms
164ms Ping
text/plain 23.38.98.14
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.14 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-14.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://promo.libertex.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 29aeec05
date: Wed, 11 Oct 2023 23:11:15 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-38-99-78.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
server-timing: inner; dur=23, cdn-cache; desc=MISS, edge; dur=6, origin; dur=116
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231011231115CD7D7DC89B081D553B09
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 116,23.38.99.78
x-tt-trace-host: 0105f3b903c5b53d67435cfcdf98b289ade14d77718ac1aeb2e10c26ff649ad67afedda16395058ce39e034b3c02980cb52296dfcfc56d15dc53416e638edd83d61da22bcba483a697acc2df4d0c5090f2070c888f1af3502e6483d28909b41236
access-control-allow-headers: Authorization,*
expires: Wed, 11 Oct 2023 23:11:15 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 46ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-GGPG0HTS88&gtm=45je3ab0&_p=1687291542&gdid=dYmQxMT&cid=502758573.1697065875&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1697065874&sct=1&seg=0&dl=https%3A%2F%2Fpromo.libertex.org%2Flp%2Fen-en%2Fultimate-platform%2F%3Faff_id%3D52621%26cxd%3D52621_582613_%7Cafp0%3A54470f23-b9a0-449a-8ccb-2e8dc15c56fc%7Cafp1%3A1205%7Cafp10%3AInvest_in_Crypto&dt=Libertex&en=view&_ee=1&ep.visitor_id=018b210233ee000575f1557e38e80307400a006c00b08&ep.page_system=promo&_et=25
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GGPG0HTS88
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 23:11:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promo.libertex.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 46ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-8FE0VJVQNC&gtm=45je3ab0&_p=1687291542&gdid=dYmQxMT&cid=502758573.1697065875&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1697065875&sct=1&seg=0&dl=https%3A%2F%2Fpromo.libertex.org%2Flp%2Fen-en%2Fultimate-platform%2F%3Faff_id%3D52621%26cxd%3D52621_582613_%7Cafp0%3A54470f23-b9a0-449a-8ccb-2e8dc15c56fc%7Cafp1%3A1205%7Cafp10%3AInvest_in_Crypto&dt=Libertex&en=view&_ee=1&ep.visitor_id=018b210233ee000575f1557e38e80307400a006c00b08&ep.page_system=promo&_et=5
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8FE0VJVQNC&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 23:11:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promo.libertex.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 86D9 15 KB
6 KB 130ms
45ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=promo.libertex.org&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=101568,61968,61966,101569,61967,101570

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://promo.libertex.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 23:11:15 GMT
server: Kestrel
server-processing-duration-in-ticks: 246030
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 86D9
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=libertex.org&sn=ChromeSyncframe&so=0&topUrl=promo.libertex.org&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=yytVn3wyU1RJRWhVakhxOXdOcklXVzJiNXlpS3ZVNDlvQlF4M2tDdGxHbEVOMHZKcFE4bWFmVDVnQUM1M0J2SkRnMStYcHVtMmNmRFdvSWJ5c1U4TnJ1WWdnSHBLL2hYeW9GRkxXSW92UWJxbW9vMC9hcUhRK1Juc01VTV...

430 B
655 B

153ms
49ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=yytVn3wyU1RJRWhVakhxOXdOcklXVzJiNXlpS3ZVNDlvQlF4M2tDdGxHbEVOMHZKcFE4bWFmVDVnQUM1M0J2SkRnMStYcHVtMmNmRFdvSWJ5c1U4TnJ1WWdnSHBLL2hYeW9GRkxXSW92UWJxbW9vMC9hcUhRK1Juc01VTVJwS2d0cFNxZ0tLT0RneVdtTDVHSktTZ2FuU2I2dVhHMi96MmVDNS9nQ2FKTnE1aS9tby8vU3YwcmtSMkVRSm8wdnptZzh4ZVQ2WkcybWhBZEFIOUl6amlSRldGUEdWZzFNUUNpbUlCTk9zT0d1TFJKTW96MkY4Y1ZuajA3eHNCMTFvSTRzNHVweGFldi9JeGdwbVpxY2dpRW1ITXRCQT09fA&cppv=2

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e398b0073c6fff54d30a9642fdafb2ae3b6330301fa1a19fce631043086f09c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 23:11:14 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1072017
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 11 Oct 2023 23:11:14 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=yytVn3wyU1RJRWhVakhxOXdOcklXVzJiNXlpS3ZVNDlvQlF4M2tDdGxHbEVOMHZKcFE4bWFmVDVnQUM1M0J2SkRnMStYcHVtMmNmRFdvSWJ5c1U4TnJ1WWdnSHBLL2hYeW9GRkxXSW92UWJxbW9vMC9hcUhRK1Juc01VTVJwS2d0cFNxZ0tLT0RneVdtTDVHSktTZ2FuU2I2dVhHMi96MmVDNS9nQ2FKTnE1aS9tby8vU3YwcmtSMkVRSm8wdnptZzh4ZVQ2WkcybWhBZEFIOUl6amlSRldGUEdWZzFNUUNpbUlCTk9zT0d1TFJKTW96MkY4Y1ZuajA3eHNCMTFvSTRzNHVweGFldi9JeGdwbVpxY2dpRW1ITXRCQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 256008
content-length: 0
expires: 0

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=%5B101568%2C61968%2C61966%2C101569%2C61967%2C101570%5D&v=5.20.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Ddis&adce=1&bundle=I-_52V9kclRXdWJPNjNuWmNZanM2ZFRmWjZ1VkxuJTJG...
https://widget.us.criteo.com/event?a=%5B101568%2C61968%2C61966%2C101569%2C61967%2C101570%5D&v=5.20.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Ddis&adce=1&bundle=I-_52V9kclRXdWJPNjNuWmNZanM2ZFRmWjZ1VkxuJTJG...

42 KB
6 KB

408ms
156ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=%5B101568%2C61968%2C61966%2C101569%2C61967%2C101570%5D&v=5.20.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Ddis&adce=1&bundle=I-_52V9kclRXdWJPNjNuWmNZanM2ZFRmWjZ1VkxuJTJGSmZqU1ZIWXdqYnpJbGElMkYzQiUyRlU3MndiZFhJeXNEa0M4aFFDRTBXTkZ0ZjZHYVlrZHNBbWhySkhzM0tPQTA1RXAySm10VHAxRlo4YzRaM3RxS0JBekZlbElkaUo4OHNxdDlla0J4Y1FaZXJld2VGTm9xd0xUeFloZW85RWclM0QlM0Q&tld=libertex.org&dy=1&fu=https%253A%252F%252Fpromo.libertex.org%252Flp%252Fen-en%252Fultimate-platform%252F%253Faff_id%253D52621%2526cxd%253D52621_582613_%257Cafp0%253A54470f23-b9a0-449a-8ccb-2e8dc15c56fc%257Cafp1%253A1205%257Cafp10%253AInvest_in_Crypto&ceid=e6c8aaed-d275-4bcc-8252-cab3234b59d0&dtycbr=96515

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

f8ea5f6528d193e4d441015c1e61e6aa2322b04b224d6ab5c0e9ef18c7f67d50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 23:11:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 23878700
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 11 Oct 2023 23:11:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-origin: *
location: https://widget.us.criteo.com/event?a=%5B101568%2C61968%2C61966%2C101569%2C61967%2C101570%5D&v=5.20.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Ddis&adce=1&bundle=I-_52V9kclRXdWJPNjNuWmNZanM2ZFRmWjZ1VkxuJTJGSmZqU1ZIWXdqYnpJbGElMkYzQiUyRlU3MndiZFhJeXNEa0M4aFFDRTBXTkZ0ZjZHYVlrZHNBbWhySkhzM0tPQTA1RXAySm10VHAxRlo4YzRaM3RxS0JBekZlbElkaUo4OHNxdDlla0J4Y1FaZXJld2VGTm9xd0xUeFloZW85RWclM0QlM0Q&tld=libertex.org&dy=1&fu=https%253A%252F%252Fpromo.libertex.org%252Flp%252Fen-en%252Fultimate-platform%252F%253Faff_id%253D52621%2526cxd%253D52621_582613_%257Cafp0%253A54470f23-b9a0-449a-8ccb-2e8dc15c56fc%257Cafp1%253A1205%257Cafp10%253AInvest_in_Crypto&ceid=e6c8aaed-d275-4bcc-8252-cab3234b59d0&dtycbr=96515
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2999699
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame D818
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-sOQa-4XMixhZQHxUKrD3pUeHVlgDt3RLEhTRdQ&google_cm&google_hm=ay1zT1FhLTRYTWl4aFpRSHhVS3JEM3BVZUhWbGdEdDNST...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-sOQa-4XMixhZQHxUKrD3pUeHVlgDt3RLEhTRdQ&google_gid=CAESEDak0oq7mAv9mprRuUGndBM&google_cver=1&google_ula=913071,0

43 B
370 B

137ms
44ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-sOQa-4XMixhZQHxUKrD3pUeHVlgDt3RLEhTRdQ&google_gid=CAESEDak0oq7mAv9mprRuUGndBM&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 23:11:16 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 834767
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 11 Oct 2023 23:11:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-sOQa-4XMixhZQHxUKrD3pUeHVlgDt3RLEhTRdQ&google_gid=CAESEDak0oq7mAv9mprRuUGndBM&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame D818 43 B
146 B 157ms
40ms Image
image/gif 3.68.49.182
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-H2EzdIXMixhZQHxUKrD3pUeHVlh4-dhNwcphJg&expires=30
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.68.49.182 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-68-49-182.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame D818
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2345519259286942837

43 B
370 B

56ms
44ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2345519259286942837

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 23:11:16 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1176269
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 11 Oct 2023 23:11:16 GMT
an-x-request-uuid: 4f5b3a06-d7cf-4564-815d-b38fffb7f7d4
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2345519259286942837
x-proxy-origin: 80.255.7.102; 80.255.7.102; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame D818 53 B
785 B 186ms
68ms Image
image/gif 2.18.96.18
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-N2x8rIXMixhZQHxUKrD3pUeHVlhP2Gl18zglZQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.96.18 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-96-18.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 11 Oct 2023 23:11:16 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Wed, 11 Oct 2023 23:11:16 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame D818 0
239 B 229ms
42ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-dAuyL4XMixhZQHxUKrD3pUeHVlgwU2Go6CiLwA&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame D818 0
35 B 154ms
43ms Image
text/plain 52.29.178.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-Hf4mzoXMixhZQHxUKrD3pUeHVljnhgjIvJVHjQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.178.177 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-178-177.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:16 GMT

GET
H2 200 /
rtb-csync.smartadserver.com/redir/ Frame D818 43 B
114 B 256ms
50ms Image
image/gif 185.86.139.102
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-lQnniIXMixhZQHxUKrD3pUeHVlhexbmwwp7_mw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:16 GMT
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame D818 0
99 B 183ms
44ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-91N654XMixhZQHxUKrD3pUeHVliUCTrHqBW7fA
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:16 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 45019

GET
H2 200 um
criteo-sync.teads.tv/ Frame D818 23 B
163 B 229ms
64ms Image
image/gif 2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-GpH3OoXMixhZQHxUKrD3pUeHVliRALejwdFLdQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires: Wed, 11 Oct 2023 23:11:16 GMT
pragma: no-cache
date: Wed, 11 Oct 2023 23:11:16 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame D818 37 B
140 B 140ms
41ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-ipF3aYXMixhZQHxUKrD3pUeHVlhz28Cry4pW6w&dongle=013b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame D818 0
125 B 189ms
44ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-_XrHW4XMixhZQHxUKrD3pUeHVli9jsyLyq7kXA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:16 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame D818 43 B
163 B 137ms
39ms Image
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-qY30XYXMixhZQHxUKrD3pUeHVlidnXadveGA-Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:16 GMT
last-modified: Mon, 14 Nov 2022 09:52:50 GMT
server: nginx
accept-ranges: bytes
etag: "63720ff2-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame D818 49 B
385 B 231ms
63ms Image
image/gif 63.34.140.194
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-KQLLKYXMixhZQHxUKrD3pUeHVljYteL4AQYbrQ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.34.140.194 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-34-140-194.eu-west-1.compute.amazonaws.com

Software

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 23:11:16 GMT
via: kong/2.8.4
x-content-type-options: nosniff
x-kong-proxy-latency: 0
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
x-kong-upstream-latency: 5
cache-control: no-cache, no-store, must-revalidate
content-length: 49
expires: 0

GET
H2

200

rum
r.casalemedia.com/ Frame D818
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-N-Ggv4XMixhZQHxUKrD3pUeHVliR8wkiyq1NWQ
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-N-Ggv4XMixhZQHxUKrD3pUeHVliR8wkiyq1NWQ&C=1

43 B
322 B

52ms
51ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-N-Ggv4XMixhZQHxUKrD3pUeHVliR8wkiyq1NWQ&C=1
Protocol: H2
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 23:11:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aB%2B0eSnG57znJ68kcnpgAQ0cHnRa9%2BWpplC3NArYGuGjTH1oTS%2BD1gC1o0vvsaio8u8jPBj422akE5yLn9C1hCxTfQJ2qO6uDQljs6DUghydsgjSIsBzKmEunuNOxkHJMr2l"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 814ac801bbdf910c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 11 Oct 2023 23:11:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2zzg%2BNLdVqDzTtHHer0gOG9bfjYFa%2B6ArDFnqPrQxhB0L7qjjQX2QqwzoQ%2F%2BtQECDD15Yn3trRPIALdMAHFGQCYevWQQRQe3H6tbdhdsRqSHUWURyx9wvLOsWZL3vLs37J6Z"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-N-Ggv4XMixhZQHxUKrD3pUeHVliR8wkiyq1NWQ&C=1
cache-control: no-cache
cf-ray: 814ac8015baf910c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame D818
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=hgdn0vG3Ap8nO7mM8q9uYOsZay8fjZTl
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=hgdn0vG3Ap8nO7mM8q9uYOsZay8fjZTl

42 B
942 B

58ms
57ms

Image
image/gif

52.210.204.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=hgdn0vG3Ap8nO7mM8q9uYOsZay8fjZTl

Protocol

HTTP/1.1

Server

52.210.204.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-204-82.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v052-02efd948f.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 7PJQAiEhQcQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v052-014118428.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: IrBpquAsSBw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=hgdn0vG3Ap8nO7mM8q9uYOsZay8fjZTl
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 9.gif
id5-sync.com/s/966/ Frame D818 43 B
921 B 146ms
41ms Image
image/gif 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-JRmxAoXMixhZQHxUKrD3pUeHVlgTl1BZM3-U7w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Wed, 11 Oct 2023 23:11:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2 200 match
ad.360yield.com/ Frame D818 43 B
199 B 220ms
57ms Image
image/gif 54.194.37.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-uL3NE4XMixhZQHxUKrD3pUeHVlg1IOEoimXaJA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.194.37.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-37-177.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 11 Oct 2023 23:11:16 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame D818 42 B
265 B 140ms
49ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-rk8Kk4XMixhZQHxUKrD3pUeHVlisQADsoBZRvg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:16 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame D818 0
884 B 141ms
41ms Image
text/html 52.57.7.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-vN7PIoXMixhZQHxUKrD3pUeHVliviJPe6Hm2vA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.7.25 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-7-25.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:16 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame D818 43 B
422 B 397ms
119ms Image
image/gif 44.194.62.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-p282HIXMixhZQHxUKrD3pUeHVlhySncuE6JWzg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.194.62.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-62-128.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 23:11:17 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame D818 0
145 B 499ms
120ms Image
text/plain 70.42.32.223
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-WwG3OIXMixhZQHxUKrD3pUeHVlj25EHqeFmXIw&initiator=partner
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.223 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Wed, 11 Oct 2023 23:11:17 GMT
Cache-Control: no-cache
X-TraceId: ff3dbbe44001135e5f3f992a1cca4554
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame D818 42 B
581 B 171ms
48ms Image
image/gif 185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-R4-VaYXMixhZQHxUKrD3pUeHVlji8ld06vTpCA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 11 Oct 2023 23:11:16 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame D818 43 B
401 B 396ms
118ms Image
image/gif 2600:1f18:612b:4216:7b35:6241:9161:5be7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-TgvIZYXMixhZQHxUKrD3pUeHVljWUxCbDFUW5g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:7b35:6241:9161:5be7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Wed, 11 Oct 2023 23:11:17 GMT
server: nginx
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame D818 43 B
153 B 118ms
36ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-FtFwrIXMixhZQHxUKrD3pUeHVlhH5slPulEMew
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.29
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 11 Oct 2023 23:11:16 GMT
server: Apache
x-powered-by: PHP/7.3.29
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame D818 0
400 B 145ms
50ms Image
text/plain 23.32.185.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-YP2gu4XMixhZQHxUKrD3pUeHVljZ3s7IdIwLNw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.185.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-192.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 Oct 2023 23:11:16 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Tue, 10 Oct 2023 23:11:16 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame D818 0
38 B 233ms
57ms Image
text/plain 34.246.73.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-Chv0jIXMixhZQHxUKrD3pUeHVljNrX_unjQ-6g&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.73.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-73-161.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:16 GMT
content-length: 0

GET
H2 200 setuid
ib.adnxs.com/ Frame D818 43 B
852 B 63ms
63ms Image
image/gif 185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=52&code=k-8csZr4XMixhZQHxUKrD3pUeHVlhyk1N6O8-nNw

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 23:11:16 GMT
an-x-request-uuid: 9a89317d-0b63-451f-8159-123b070ab1db
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.102; 80.255.7.102; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame D818 0
15 B 42ms
42ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-_XrHW4XMixhZQHxUKrD3pUeHVli9jsyLyq7kXA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 23:11:16 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame D818
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Z6eyP-zc93pOLi_hyHW3D7-Rm0uoOUgp

0
338 B

199ms
55ms

Image
text/plain

52.31.202.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Z6eyP-zc93pOLi_hyHW3D7-Rm0uoOUgp
Protocol: H2
Server: 52.31.202.102 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-202-102.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-served-by: beacon-n020-dub-prod.krxd.net
date: Wed, 11 Oct 2023 23:11:16 GMT
cache-control: private, no-cache, no-store
x-request-time: D=33 t=1697065876
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Z6eyP-zc93pOLi_hyHW3D7-Rm0uoOUgp
date: Wed, 11 Oct 2023 23:11:16 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 970434
content-length: 0

GET
H2

200

cs
s.thebrighttag.com/ Frame D818
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=UayQaOUlQv2tz6ucxwgtgdMayWebaa2h

35 B
268 B

400ms
127ms

Image
image/gif

18.223.127.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=UayQaOUlQv2tz6ucxwgtgdMayWebaa2h
Protocol: H2
Server: 18.223.127.73 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-223-127-73.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 23:11:17 GMT
x-bt-requestid: 7b4f6e11-688b-11ee-9ea6-0000ac170193
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=UayQaOUlQv2tz6ucxwgtgdMayWebaa2h
date: Wed, 11 Oct 2023 23:11:16 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 770762
content-length: 0

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

59 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
go.libertex.com/	1970-01-20 16:09:07	Name: libertex Value: afp=%7Cafp0%3A54470f23%2Db9a0%2D449a%2D8ccb%2D2e8dc15c56fc%7Cafp1%3A1205%7Cafp10%3AInvest%5Fin%5FCrypto&bta=52621&Visitors=q&cid=582613
.libertex.org/	1970-01-20 15:24:27	Name: __cf_bm Value: 9F7xoFQ16QrqVSizRl3AJtvpksrHa.WgrC89xwAMgZ8-1697065873-0-AUMhZlh7/3xTF+mMJWHq/WJG9iRTvtG++8LS9TL9TVLWhJ4pBlyn8/diYatWJiF4b0N/WT4+x7ixxJse/+WPbWA=
.libertex.org/	1969-12-31 23:59:59	Name: _cfuvid Value: syfJ1xlgJbC0oK3AkVodO9s6JqyzXmDhkG4.2SPIhOg-1697065873933-0-604800000
.libertex.org/	1970-01-21 01:00:25	Name: segment Value: 2
.libertex.org/	1970-01-21 00:10:01	Name: utag_main Value: v_id:018b210233ee000575f1557e38e80307400a006c00b08$_sn:1$_se:1$_ss:1$_st:1697067674416$ses_id:1697065874416%3Bexp-session$_pn:1%3Bexp-session$_prevpage:undefined%3Bexp-1697069474444
.libertex.org/	1969-12-31 23:59:59	Name: cookie_conversion_utm Value: undefined
.libertex.org/	1970-01-21 01:00:25	Name: segment_web Value: b
.promo.libertex.org/	1970-01-21 00:11:28	Name: _vwo_uuid_v2 Value: DD29F654350B073AD76181DEEFA372319\|f3d724632e5eec784892618e9d14ba89
.libertex.org/	1970-01-20 15:25:52	Name: _gid Value: GA1.2.842148287.1697065875
.libertex.org/	1970-01-20 15:24:25	Name: _gat_tealium_0 Value: 1
promo.libertex.org/	1970-01-21 01:00:25	Name: _omappvp Value: EIvwOwGQ7YTGiPfaibYuQFq6BdF5yo7YwEuhW81P1e6GCP1AYEkNapRsigwHjWM8onnRlFp0pf2E36zvBsiKcpOkCAuefGSj
promo.libertex.org/	1970-01-20 15:24:27	Name: _omappvs Value: 1697065874804
.tiktok.com/	1970-01-21 00:46:01	Name: _ttp Value: 2WdcPf5ZHJEPNBPlEhsFxBghCMX
.libertex.org/	1970-01-21 01:00:25	Name: _ga Value: GA1.1.502758573.1697065875
.libertex.org/	1970-01-20 17:48:25	Name: _vis_opt_s Value: 1%7C
.libertex.org/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.libertex.org/	1970-01-20 15:24:27	Name: _hjFirstSeen Value: 1
.libertex.org/	1970-01-20 15:24:25	Name: _hjIncludedInSessionSample_898554 Value: 1
.libertex.org/	1970-01-20 15:24:27	Name: _hjSession_898554 Value: eyJpZCI6IjM3MGVlNzBmLWZmMzgtNGUyNy1hZTdhLTc0N2Y4YjQwNzBkMSIsImNyZWF0ZWQiOjE2OTcwNjU4NzUwMzMsImluU2FtcGxlIjp0cnVlLCJzZXNzaW9uaXplckJldGFFbmFibGVkIjpmYWxzZX0=
.libertex.org/	1970-01-21 00:10:01	Name: _hjSessionUser_898554 Value: eyJpZCI6IjdhNjA0NjUyLWRjZWItNWQwNi04ZWQ0LWNlZTQwMDk4Zjg2ZiIsImNyZWF0ZWQiOjE2OTcwNjU4NzUwMTgsImV4aXN0aW5nIjp0cnVlfQ==
.libertex.org/	1970-01-20 15:24:27	Name: _hjAbsoluteSessionInProgress Value: 0
.t.co/	1970-01-21 01:00:25	Name: muc_ads Value: 51cd7aaa-5c93-4bc8-b849-f8c9c1ff751a
.twitter.com/	1970-01-21 01:00:25	Name: personalization_id Value: "v1_tWrC0BFZmdTblXsp0YGNow=="
.libertex.org/	1970-01-21 01:00:25	Name: _ga_QBJKE0F9ZF Value: GS1.2.1697065875.1.0.1697065875.60.0.0
.libertex.org/	1970-01-20 17:34:01	Name: _fbp Value: fb.1.1697065875123.868869984
.libertex.org/	1970-01-21 00:46:01	Name: _tt_enable_cookie Value: 1
.libertex.org/	1970-01-21 00:46:01	Name: _ttp Value: 1NGCczzBVcKZyqf10n3teaEayIu
.libertex.org/	1970-01-21 01:00:25	Name: _vwo_uuid Value: DD29F654350B073AD76181DEEFA372319
.libertex.org/	1970-01-20 17:34:01	Name: _vwo_ds Value: 3%241697065874%3A83.32109139%3A%3A
.libertex.org/	1970-01-20 15:24:27	Name: _vwo_sn Value: 0%3A1
tealium-proxy.libertex.org/	1970-01-20 15:34:30	Name: AWSALB Value: RSffk/TIvc7ZwCL8iSiTuxTppGLztwMb8kneT8PeqUHcCrBmMFVatMKmofGYttWNnUdQbITp1/k6pGVbVBUj3EPDbwXOZT+6OHIip4lSyz/DbetOCIJCs8S/5UFQ
tealium-proxy.libertex.org/	1970-01-20 15:34:30	Name: AWSALBCORS Value: RSffk/TIvc7ZwCL8iSiTuxTppGLztwMb8kneT8PeqUHcCrBmMFVatMKmofGYttWNnUdQbITp1/k6pGVbVBUj3EPDbwXOZT+6OHIip4lSyz/DbetOCIJCs8S/5UFQ
.libertex.org/	1970-01-21 01:00:25	Name: _ga_GGPG0HTS88 Value: GS1.1.1697065874.1.0.1697065875.59.0.0
.libertex.org/	1970-01-21 01:00:25	Name: _ga_8FE0VJVQNC Value: GS1.1.1697065875.1.0.1697065875.60.0.0
.criteo.com/	1970-01-21 00:46:01	Name: uid Value: 4ca586ea-f53c-4d7a-a16f-c73ff4e651ae
.libertex.org/	1970-01-21 00:53:49	Name: cto_bundle Value: I-_52V9kclRXdWJPNjNuWmNZanM2ZFRmWjZ1VkxuJTJGSmZqU1ZIWXdqYnpJbGElMkYzQiUyRlU3MndiZFhJeXNEa0M4aFFDRTBXTkZ0ZjZHYVlrZHNBbWhySkhzM0tPQTA1RXAySm10VHAxRlo4YzRaM3RxS0JBekZlbElkaUo4OHNxdDlla0J4Y1FaZXJld2VGTm9xd0xUeFloZW85RWclM0QlM0Q
.adnxs.com/	1970-01-20 17:34:01	Name: uuid2 Value: 2345519259286942837
.doubleclick.net/	1970-01-21 00:46:01	Name: IDE Value: AHWqTUlXKnajFGmtI7y1qhNBYgE-LNZXG_OnO3snpIbAsSAdUdgWAUJRYbSDyYsegfQ
.media.net/	1970-01-21 00:10:01	Name: visitor-id Value: 3400674769085413000V10
.media.net/	1970-01-20 16:07:37	Name: data-c-ts Value: 1697065876
.media.net/	1970-01-20 16:07:37	Name: data-c Value: k-N2x8rIXMixhZQHxUKrD3pUeHVlhP2Gl18zglZQ~~3
.demdex.net/	1970-01-20 19:43:37	Name: demdex Value: 77306801781734971490662229360222992576
.casalemedia.com/	1970-01-21 00:10:01	Name: CMID Value: ZScrlD4-LZTUTtYIb9QpcgAA
.casalemedia.com/	1970-01-20 17:34:01	Name: CMPS Value: 5168
.casalemedia.com/	1970-01-20 17:34:01	Name: CMPRO Value: 5168
.dpm.demdex.net/	1970-01-20 19:43:37	Name: dpm Value: 77306801781734971490662229360222992576
.adnxs.com/	1970-01-20 17:34:01	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2GTtm=N^Y!]tbPl@/D!9hy6]/CwgHaR%Z4/k5PL.xWWfYIa7#fQp^64y@l'0dnLSi-Ovs9=!8tB`^dM6Dnh1bpRzqF1`*bb<`+TV66
.omnitagjs.com/	1970-01-20 16:07:37	Name: ayl_visitor Value: 06220b707d11ef972893a793f86ca8a6
exchange.mediavine.com/	1970-01-20 15:44:35	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%227af56730-688b-11ee-83b9-b563a01836b5%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 15:44:35	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%227af56730-688b-11ee-83b9-b563a01836b5%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 15:44:35	Name: am_tokens Value: %7B%22mv_uuid%22%3A%227af56730-688b-11ee-83b9-b563a01836b5%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 15:44:35	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%227af56730-688b-11ee-83b9-b563a01836b5%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 15:44:35	Name: criteo Value: %7B%22id%22%3A%22k-vN7PIoXMixhZQHxUKrD3pUeHVliviJPe6Hm2vA%22%2C%22version%22%3A%22criteo%22%7D
.pubmatic.com/	1970-01-20 16:07:37	Name: KRTBCOOKIE_97 Value: 3385-uid:k-R4-VaYXMixhZQHxUKrD3pUeHVlji8ld06vTpCA&KRTB&23144-uid:k-R4-VaYXMixhZQHxUKrD3pUeHVlji8ld06vTpCA&KRTB&23286-uid:k-R4-VaYXMixhZQHxUKrD3pUeHVlji8ld06vTpCA&KRTB&23287-uid:k-R4-VaYXMixhZQHxUKrD3pUeHVlji8ld06vTpCA
.pubmatic.com/	1970-01-20 16:07:37	Name: PugT Value: 1697065876
.krxd.net/	1970-01-20 19:43:37	Name: _kuid_ Value: P2XUZelu
.postrelease.com/	1970-01-21 00:10:01	Name: opt_out Value: 1
.tremorhub.com/	1970-01-21 00:10:22	Name: tvid Value: 2d6dbe9bdc794548aafd0e54f15498d1
.tremorhub.com/	1970-01-20 16:07:37	Name: tv_UICR Value: k-TgvIZYXMixhZQHxUKrD3pUeHVljWUxCbDFUW5g

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11442981.fls.doubleclick.net
a.omappapi.com
a.opmnstr.com
a.twiago.com
ad.360yield.com
ad.yieldlab.net
adservice.google.com
adservice.google.de
analytics.pangle-ads.com
analytics.tiktok.com
analytics.twitter.com
api-account.libertex.org
api-geo.libertex.org
api.omappapi.com
beacon.krxd.net
bestnewsonline.net
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dev.visualwebsiteoptimizer.com
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
eb2.3lift.com
exchange.mediavine.com
go.libertex.com
gum.criteo.com
ib.adnxs.com
id5-sync.com
jadserve.postrelease.com
lib.libertex.org
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
pixel.rubiconproject.com
promo.libertex.org
r.casalemedia.com
region1.analytics.google.com
rtb-csync.smartadserver.com
s.thebrighttag.com
script.hotjar.com
simage2.pubmatic.com
sslwidget.criteo.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
t.co
tags.tiqcdn.com
tealium-proxy.libertex.org
track.tenxaffiliates.com
trc.taboola.com
ups.analytics.yahoo.com
visitor.omnitagjs.com
widget.us.criteo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
x.bidswitch.net
104.18.26.193
104.244.42.3
104.244.42.5
13.248.245.213
13.32.27.19
141.226.228.48
142.250.184.198
146.75.120.157
162.19.138.118
172.217.16.194
178.250.1.9
178.250.7.11
178.250.7.13
18.223.127.73
18.66.112.67
18.66.97.37
185.64.191.210
185.86.139.102
185.89.210.141
193.108.153.24
2.16.97.41
2.18.96.18
2001:4860:4802:34::36
23.32.185.192
23.38.98.14
2400:52e0:1e00::1081:1
2600:1f18:612b:4216:7b35:6241:9161:5be7
2600:9000:223e:6800:7:2bfb:7c00:93a1
2606:4700:3035::ac43:cde2
2606:4700:3036::6815:3dc8
2606:4700::6811:900c
2606:4700::6811:910c
2a00:1450:4001:801::2003
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::2008
2a00:1450:400c:c06::9d
2a02:2638:3::c
2a02:2638:d::10
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42::300
3.68.49.182
3.71.149.231
34.117.157.22
34.246.73.161
34.96.102.137
35.234.86.61
37.157.6.233
44.194.62.128
52.210.204.82
52.29.178.177
52.31.202.102
52.57.7.25
54.194.37.177
63.34.140.194
69.173.144.139
70.42.32.223
74.119.119.150
85.215.5.31
03100bce7d16ea14a1748bb7783b688842db7239b1b944467410b704b8f66ffa
052a8f54ae05b425b45ee78250bb12c7aa4d3d365074d12a979f65777ce1e9e8
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
0bf5b6c0bb4ef077bf6cf0ae1dfdf053d9725cc9b8ba96951caf65d487fa5eba
0d9e0e4b6636bab12f4f0e583c231a6504e0d243c57774554c1397a43ab292c5
1013d724db30e360a47b8d3dd621b50996d39a2bce18e2e5f6aa042518a3ce80
10b6970e9db42c5e69178f09b402d39f7624d7a9b8fb23f6825f45b28dba1f53
16b9ce2be2bfbb1b1ddca3c5ccdac3e30c21a3a160b0cc8eb38a080d9e9d559a
175e2b2ebbc83084d6a5ff04f74684db4e58984baf1c8eb8dbefea240284bc8a
283ce4fc2baa0dfd2324b05b14d0530fc385ee92fea03e1bd0891aa8593bdff2
28f42b6fdf8eef21a27178824e615bf23b143cd440f2f3d5ec3274b3d845e9f5
2ac6c7bd937b62a9cd8160508cd01323c2c42b8beb77ad303d808e74034b764c
325fab5a06017764ab5ff18c3e5d6c1625d3524cb2a077e58b902fb8f26d1c9a
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
341af2fc06eee052067c75b7c0b07e8ec1a3b17f428e9716d4c97501b7afdc44
374c3b8d9dbf45146ab60c00cd8259087e7eacd3ce5540e61f20ab4fb0c900c3
3a4213af26ce5037c21c4e9cde463ea4afd4fa9bed86502ff7e3391c21d32efc
3a6da95881ea410c15b66bf599e8da32315eedf8667854459d1fa93ca6f89537
412d8923455036f8d193eb49e0f547ce894ba9d7d9cc104790c10a7829e88edb
41d93dd68db355129c1796580e9fe22cf781ff62693183da6f6fc0fb5ad9121a
48f550b7c658813b33f56518e7b05d48a3e539fb0189a86c9afc8651493a5cf0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e82d625dad5940f7aedcf8d8ea0d302350b455b1ba7aea8d83a9a08cb025e4a
51b613344f05c6eb7fab6733e8ec2d10a2a0b2ec981e1c4647416d60eac72a81
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56594131f1267d50b46498d7901b1e6f97a7f1571794fd8bcb5e6ca80b3f2b1a
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5aa4142a40b5a1e0cdee8d5416c145c0e3d8b785254a566b5393069dcd2e0de8
5d400e20fd203a5d4cf8cbdbd000fed44529048d366b709d2be2a14db1de1467
5e192cbcb235019c7129b5e9ee56d6f48b4615c6e16c8452fbbe560bfbc6ddab
60144c2a5b02a2741f57d2a09ed68c9a3057ca25ae32352c8af6880c6175f9f2
60644ea28138c7f75bafeca36d5bfcb980edeb72514ce13d821021d6e17c96f9
6dcb6952adc008e2c353e3200024bd27be736121acccece91802d63850129e6e
7516f9aff006dced658ced4b577da1425b72add3677466abd9dca6fa4cb10d0b
7afaa861788cfa4b943b9a78a597edb2e73dcf6cf15cb34ce9a02c72373d9abe
7c1972740b53217a38091a3cbecdd640700ceb66923a475a5b8a08faee3d05e4
7e47fa3ff552ed682396032c37798589958b07075e37cf2a99f9169f1d5a0784
7e9cbf86d27fc2e45f72a8651ff8d4fbc22862eb9004c4b575c4b794c7795383
82afa4dc7f8791bb434f4661591baee0cc502a90540afdf3798a17f86512ae43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8444a7cebfdb808652c51388240a5a6458291ebee7602fce9e288f80df603617
84b57e93d318b29205e6795cbd58d0d456459cce57700527bf5815202f85c785
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8575164dd295f049ffc5957dd86c94e41026c1b00a3eba89128aab4ff49ff186
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b11e2b4e0f51bb944831d4b379b9dd807584c45180947f80aa8c17b43548de1
8eeebe7876a439fd3ca3d3d12c94d5b450c6a0405bdcfb993a5227029b9818b3
96ebd7ad655c8ed2efd4297202c06f136c98a6c179e3fabe21d6750d9aaaaed9
97b3ae177871dfb8bdc362e30a6b4e0217fab3e5bfd1ef3d58be4f594b2642d5
97f42f589e8dc951e4e08d648f931eb0bd8d91bef1f595eb6126d0b82bcaf9fd
9846622bfe6a8e328c40898bc43ab107b601ac01ee5263cce3b8cd90b201ab58
986333a99c0309f940f3cd10c2846221feaefe70f96f9005553eb85fb83ec875
9900212718a88521d561d7a568c96dbf1dde8e045255627ba55709d60ca6c72b
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3c45eb86f22cb2c82ded322f8fb7bf595b5cc8028cc62edc76d39ee5b0aabd3
a476dac78a26e869b0f7760270533bc7bd510e11824c00961fde137c8277ee25
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ada875e7565af403288267125fe26cb546f7059b1e1e507a59e31485c4f2716a
b038d89c2fb23ec77314edcb29fde8f37ca0ce6de8c98ec91a3c4246991f5cfc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a053fac62cbacd925dabb3756652808d1e6c81866113667225f8254b972bb0
b289431ca332b9ac7a66ee7b3fe5559005a653cb17c6b28e2a6c924b02583960
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbc058783babd6cdac1f8d581b82495fdbc200c38958b98635c96f3c9a6fb4f3
bd57c5cd2208832638472dfd15136a4a448c513a3c2b4019dc3a6d9ab56ee932
c08bb009ce527fa0bd46e30391226b2a0540e9dc7ec31e27227e468569a3ee56
c5244faa4151436106849a22c5b0f3ee52038ae3eaba9631380ecfec2bf36c2a
c6c525338ef2af0322e448f81e1f7c54cfd0cf3bb05ac544c65a89b3a44cf4d4
cd036daa6d1b9be50306748643cf6d435ccbc236a3dbb5a039178454835ac8c0
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d02f8a71aa35475e17b2831993919be61477740ec69db85e02912ee19be99afb
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d3861246270f9d62b1b8e677ee0b558fced40660bdec3c459ffcbcefb7492aa9
d7bf8d5d3cef884a3c569fed78737516ee9313f56c4314bfc5ef1ef37b429c3f
d7f1a4032e0c19760186a9d48538c13b89f2e486a33e313f17d5d2781ea7c19c
da184a324b4955befba709102ad8c9d5aa83d1972a423360d895735c5d3c24d2
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df96d1fbb9b33fd658567bd8b9a2e54cb5819e11ef5b0fa2de69b02744fa2531
e08eda4321af543de4dc033df838e773b20ff7dfe8a895ffb8090cfc0b206cd1
e1bf12b1cb0f9cde077e9e54dbc0731d1b5b466ff4f998dbad25090db4869b99
e377670313d0df5aea0827e47e513ec1faf566945296b9e50b2eca7c1e048527
e398b0073c6fff54d30a9642fdafb2ae3b6330301fa1a19fce631043086f09c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec20452f7bce8430cc17d46575c6eae16e2b8b1f72796beb6c5d86a7f319236f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe859b78a5300ed10d1a16cba8ff1cc8dfb3ede610acafa8b1f01cabaa47a11
f35ee9cad8e8c5110c4e6e7af90d5b38aaa9dcbe3d37f90dbc1b283d2568bb34
f8ea5f6528d193e4d441015c1e61e6aa2322b04b224d6ab5c0e9ef18c7f67d50
facf08c34d30087f6e5280647dbfedc416da8be80594547d3e3ff23fe2ab28e6
fb5ce98a3cb9423316a6058477111a5a5fe51696af415b5b78dad487ac090143

promo.libertex.org Open in urlscan Pro 2606:4700::6811:900c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

128 Requests

94 %HTTPS

32 %IPv6

49 Domains

66 Subdomains

58 IPs

9 Countries

1337 kBTransfer

3412 kBSize

59 Cookies

1 Outgoing links

Page URL History

Redirected requests

128 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

promo.libertex.org Open in urlscan Pro
2606:4700::6811:900c Public Scan

Screenshot
Live screenshot

Full Image

128
Requests

94 %
HTTPS

32 %
IPv6

49
Domains

66
Subdomains

58
IPs

9
Countries

1337 kB
Transfer

3412 kB
Size

59
Cookies

128 HTTP transactions
3 data transactions