promo.libertex.org Open in urlscan Pro
2606:4700::6811:590e  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

• https://11442981.fls.doubleclick.net/activityi;src=11442981;type=testb0;cat=pagev0;ord=8399787007802.626 HTTP 302
• https://11442981.fls.doubleclick.net/activityi;dc_pre=CMCRl-Olp4ADFcSNsgod3XIAUw;src=11442981;type=testb0;cat=pagev0;ord=8399787007802.626

Request Chain 76

• https://gum.criteo.com/sid/json?origin=onetag&domain=libertex.org&sn=ChromeSyncframe&so=0&topUrl=promo.libertex.org&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
• https://mug.criteo.com/sid?cpp=60sTmXwrUGZrTy9lY3lYKzhNc3AxRFMwNzNIQXVBc1MzaWRZZVR0Wm1LZWdyUzk5UHpRSithNTJ5YkFqY0EvRzJ3TTZhdmxHMU9lYTRwUVNSZjVjU2JvUjUySlowODhuVnJ2R3BZVkVFaDV4MU1MRHZiNFFGZi9TR0RmcFZEcWZ1ZmtETjNqZDQvMFZqQUM1ZkJrU0lKLzVuZGY5OFVmRHRoYVF2MlZKeFVPcndSRUx4dDF0UGFPZVZEYzc1QXN1YlhnRHJMelV4WGlOZ1QvSmhSQjBXV0Z3alhrWUREeFNOdlcrNkZ2R0x5WTFwd3AxdHpwUmZNVyszc0cyZUNkVFFnVm5ONmVSeW9SL2JZUXJsWG55bmhLejRqdz09fA&cppv=2

Request Chain 80

• https://sslwidget.criteo.com/event?a=%5B101568%2C61968%2C61966%2C101569%2C61967%2C101570%5D&v=5.16.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Ddis&adce=1&bundle=Jm7Im19QOHlpaHo0eDFOS1FzenoxUEolMkJlMXV1UDM0USUyRlVYZTZnRzlQTVAlMkZoN0YlMkZ2TTNHMlQlMkYlMkZoV1Q3c3BtdEY3SEF4UmdRRjU3QzZWemMlMkJ1cWMwb3RxYnQ5UGtlT211WjN1WHclMkJjQUM5R0RHY1ZveGJiU1ZNRklDTGszWE52Skk0OXhWcmpBTUNmWXUwT3RHMSUyQmhtbDVqSVElM0QlM0Q&tld=libertex.org&dy=1&fu=https%253A%252F%252Fpromo.libertex.org%252Flp%252Fes-lm%252Fwelcome-bonus%252F%253Faff_id%253D50392%2526cxd%253D50392_673110_lb-35332_356771&ceid=1482c196-f4d4-419e-a89e-bbe5eb353e1d&dtycbr=90584 HTTP 302
• https://widget.us.criteo.com/event?a=%5B101568%2C61968%2C61966%2C101569%2C61967%2C101570%5D&v=5.16.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Ddis&adce=1&bundle=Jm7Im19QOHlpaHo0eDFOS1FzenoxUEolMkJlMXV1UDM0USUyRlVYZTZnRzlQTVAlMkZoN0YlMkZ2TTNHMlQlMkYlMkZoV1Q3c3BtdEY3SEF4UmdRRjU3QzZWemMlMkJ1cWMwb3RxYnQ5UGtlT211WjN1WHclMkJjQUM5R0RHY1ZveGJiU1ZNRklDTGszWE52Skk0OXhWcmpBTUNmWXUwT3RHMSUyQmhtbDVqSVElM0QlM0Q&tld=libertex.org&dy=1&fu=https%253A%252F%252Fpromo.libertex.org%252Flp%252Fes-lm%252Fwelcome-bonus%252F%253Faff_id%253D50392%2526cxd%253D50392_673110_lb-35332_356771&ceid=1482c196-f4d4-419e-a89e-bbe5eb353e1d&dtycbr=90584

Request Chain 89

• https://x.bidswitch.net/sync?dsp_id=46&user_id=k-tvaZBSOsRyD5j6wHULkbvPuyS2KQvJp5j3PO_A&expires=30 HTTP 302
• https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-tvaZBSOsRyD5j6wHULkbvPuyS2KQvJp5j3PO_A&expires=30

Request Chain 90

• https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-f2DzsiOsRyD5j6wHULkbvPuyS2KT5oRG88fb8g&google_cm&google_hm=ay1mMkR6c2lPc1J5RDVqNndIVUxrYnZQdXlTMktUNW9SRzg4ZmI4Zw HTTP 302
• https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-f2DzsiOsRyD5j6wHULkbvPuyS2KT5oRG88fb8g&google_gid=CAESECWnJQoVINoyGG13NaOvK_M&google_cver=1&google_ula=913071,0

Request Chain 91

• https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
• https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4645943827642279514

Request Chain 92

• https://secure.adnxs.com/setuid?entity=52&code=k-XQwjcyOsRyD5j6wHULkbvPuyS2J11l86E154Dw HTTP 307
• https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-XQwjcyOsRyD5j6wHULkbvPuyS2J11l86E154Dw

Request Chain 103

• https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-xCfE9yOsRyD5j6wHULkbvPuyS2KLtEgtkQzovg HTTP 302
• https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-xCfE9yOsRyD5j6wHULkbvPuyS2KLtEgtkQzovg&C=1

Request Chain 104

• https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
• https://dpm.demdex.net/ibs:dpid=28645&dpuuid=Ni3FJ_Mxv2KrgbjC_mvbjFDcU8UUM8tY HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=Ni3FJ_Mxv2KrgbjC_mvbjFDcU8UUM8tY

Request Chain 106

• https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-Tpr99iOsRyD5j6wHULkbvPuyS2LW0lmVVZ7W_g HTTP 302
• https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-Tpr99iOsRyD5j6wHULkbvPuyS2LW0lmVVZ7W_g

Request Chain 116

• https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
• https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=lMt7ebR7vBhoKI-81x4wIjNygr_ipqaU

Request Chain 117

• https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
• https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=QRZuA60oTNwwB-KIwaFtNvQPY-2am-o7

119 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response promo.libertex.org/lp/es-lm/welcome-bonus/	14 KB 5 KB	141ms 80ms	Document text/html	2606:4700::6811:590e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:590e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 37e43411d35cdb170ce876da5cc038fff480477762f8eb7578a261b75aaed896 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7ebc00c8ddaa2c18-FRA content-encoding br content-type text/html date Mon, 24 Jul 2023 12:00:29 GMT last-modified Wed, 12 Jul 2023 13:26:04 GMT server cloudflare vary Accept-Encoding x-amz-id-2 iriZBX/2LY1rXG/xO88AR9WySfSLpQmzghVLishTq0TPOpZXKq05B52KqlHRgZidxcE6Pt1qNhA= x-amz-request-id KJHQA1MSVZE71GT8
GET H2	200	main.css promo.libertex.org/lp/es-lm/welcome-bonus/css/	39 KB 9 KB	87ms 87ms	Stylesheet text/css	2606:4700::6811:590e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://promo.libertex.org/lp/es-lm/welcome-bonus/css/main.css Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:590e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0f49a33202deb97c110df517288582cbfbe0c077faf3861435378f6454066ad6 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:29 GMT content-encoding br cf-cache-status DYNAMIC last-modified Wed, 12 Jul 2023 13:26:03 GMT server cloudflare x-amz-request-id KJHWXB4P564Y9N1Q etag W/"43a304c7ed7d2e5dd04f0394cca28e25" vary Accept-Encoding content-type text/css cf-ray 7ebc00c96e8a2c18-FRA alt-svc h3=":443"; ma=86400 x-amz-id-2 PZE5PGlbUZHU95lFOSjseFUZtlr73YvcO1cZlwdP6WiVJhIGIsB5o54akPvL6ZvfJi6TqNKjETQ=
GET H2	200	libertex-logo.svg promo.libertex.org/lp/es-lm/welcome-bonus/img/svg/	6 KB 3 KB	127ms 126ms	Image image/svg+xml	2606:4700::6811:590e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://promo.libertex.org/lp/es-lm/welcome-bonus/img/svg/libertex-logo.svg Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:590e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a6c79b1c673cfa0591851a3dde60dd0917e93984301fb75316fb902cdc2f2a0b Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:29 GMT content-encoding br cf-cache-status DYNAMIC last-modified Wed, 12 Jul 2023 13:26:04 GMT server cloudflare x-amz-request-id KJHVJ5GBBFY6HZE7 etag W/"a3c2a2f3135b1c2519b6aca27b2b6d68" vary Accept-Encoding content-type image/svg+xml cf-ray 7ebc00c96e8e2c18-FRA alt-svc h3=":443"; ma=86400 x-amz-id-2 25gK+fyJBjVT7mgi7H1tl+/KxINU0pCv+4qIWaY16rLIz15EMxPuvyTCTqAzi2BtziUZcGjP1cs=
GET H3	200	libertex-logo-mob.svg promo.libertex.org/lp/es-lm/welcome-bonus/img/svg/	3 KB 2 KB	130ms 128ms	Image image/svg+xml	2606:4700::6811:590e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://promo.libertex.org/lp/es-lm/welcome-bonus/img/svg/libertex-logo-mob.svg Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:590e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b910b37de390b849f3fff677524eecb49cd6674eed248dc6a8eb630ebc8a718b Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:29 GMT content-encoding br cf-cache-status DYNAMIC last-modified Wed, 12 Jul 2023 13:26:04 GMT server cloudflare x-amz-request-id KJHHD22ZC78DFKPT etag W/"1a5772e943cb3d2c1ca4bbea2959547c" vary Accept-Encoding content-type image/svg+xml cf-ray 7ebc00ca1cbd361d-FRA alt-svc h3=":443"; ma=86400 x-amz-id-2 U0seSWpiI8afOB8b1exY+fwN8XYwM2RFlOVmpjMYefxVMlJu7agTtaZHtzsBtHWXxJRunBaG48U=
GET H3	200	page-top.svg promo.libertex.org/lp/es-lm/welcome-bonus/img/svg/	14 KB 6 KB	87ms 85ms	Image image/svg+xml	2606:4700::6811:590e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://promo.libertex.org/lp/es-lm/welcome-bonus/img/svg/page-top.svg Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:590e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6b29aff68e8ef8c1f46074628df79d2a8dd9e5060eb476ec16e5585db5b520e0 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:29 GMT content-encoding br cf-cache-status DYNAMIC last-modified Wed, 12 Jul 2023 13:26:04 GMT server cloudflare x-amz-request-id KJHVXTE5J6WP2YPR etag W/"7550d0019913fa992403a7c3c8e3e989" vary Accept-Encoding content-type image/svg+xml cf-ray 7ebc00ca1cbe361d-FRA alt-svc h3=":443"; ma=86400 x-amz-id-2 Qm2+gkvbO1hdoHI7KbiTyukq+cNxkfeudCod9QSLKOIe3Y0HZJnSVolH3SV/NSi9eS7RSlyHi2o=
GET H3	200	book.svg promo.libertex.org/lp/es-lm/welcome-bonus/img/svg/	5 KB 2 KB	130ms 128ms	Image image/svg+xml	2606:4700::6811:590e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://promo.libertex.org/lp/es-lm/welcome-bonus/img/svg/book.svg Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:590e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1ee09c48b291a76b91392898b7c518383f77bc016a089d783937dc509b91bd14 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:29 GMT content-encoding br cf-cache-status DYNAMIC last-modified Wed, 12 Jul 2023 13:26:04 GMT server cloudflare x-amz-request-id KJHT0JANYQZBKDBJ etag W/"01fb26feec930cb528ea3fe066826615" vary Accept-Encoding content-type image/svg+xml cf-ray 7ebc00ca1cc0361d-FRA alt-svc h3=":443"; ma=86400 x-amz-id-2 NE7UhTWePGfxTvHxfAnPOgtCtJ5j6SWATBwFYXtTa+tie6mqqRt4NG1aTbq+3W13cTwk/xzpy2k=
GET H3	200	m1.svg promo.libertex.org/lp/es-lm/welcome-bonus/img/svg/	593 B 645 B	130ms 128ms	Image image/svg+xml	2606:4700::6811:590e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://promo.libertex.org/lp/es-lm/welcome-bonus/img/svg/m1.svg Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:590e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ba8cb7dd9a83f2b3567ad0a8359734f856f897e794bc886941b50c57920b4a92 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:29 GMT content-encoding br cf-cache-status DYNAMIC last-modified Wed, 12 Jul 2023 13:26:04 GMT server cloudflare x-amz-request-id KJHP6N3C3X2PJEEH etag W/"e4a1952ec184a7d14fc323b6088668a0" vary Accept-Encoding content-type image/svg+xml cf-ray 7ebc00ca1cc3361d-FRA alt-svc h3=":443"; ma=86400 x-amz-id-2 29Vg6GSXrjH+yrXj+/rkz0WDFgVLZ5LTSZfbYcsHRz2a6gBhNtxAdPNiwSWKpqDGlV6yqPNXR+s=
GET H3	200	m2.svg promo.libertex.org/lp/es-lm/welcome-bonus/img/svg/	1 KB 913 B	130ms 128ms	Image image/svg+xml	2606:4700::6811:590e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://promo.libertex.org/lp/es-lm/welcome-bonus/img/svg/m2.svg Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:590e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0a96e59c36e39f72f4c16fe74445dc178f08f9b222a894cc6176a32ccc4fd935 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:29 GMT content-encoding br cf-cache-status DYNAMIC last-modified Wed, 12 Jul 2023 13:26:04 GMT server cloudflare x-amz-request-id KJHY84G2GKXGXTGH etag W/"0de4e63351e07f2670ffc50dd96727f7" vary Accept-Encoding content-type image/svg+xml cf-ray 7ebc00ca1cc5361d-FRA alt-svc h3=":443"; ma=86400 x-amz-id-2 +ch+LUUvZsjYFRLo1/Ggh99Lv5UgFAiS5T0Bxmz4s4M2cCJXOL0Sp/PCzbH4c7iY5Xbjcbu5vXg=
GET H3	200	m3.svg promo.libertex.org/lp/es-lm/welcome-bonus/img/svg/	1 KB 766 B	88ms 86ms	Image image/svg+xml	2606:4700::6811:590e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://promo.libertex.org/lp/es-lm/welcome-bonus/img/svg/m3.svg Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:590e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4586771549ba074edc21afb2db8f9a263a8a638e8123a6bac7a3f31e8d0454e3 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:29 GMT content-encoding br cf-cache-status DYNAMIC last-modified Wed, 12 Jul 2023 13:26:04 GMT server cloudflare x-amz-request-id KJHMRZ37KM89383B etag W/"dd56b32f855f553cb836b4b838cc40ae" vary Accept-Encoding content-type image/svg+xml cf-ray 7ebc00ca1cc6361d-FRA alt-svc h3=":443"; ma=86400 x-amz-id-2 YwYYea3Kd08xi+43EhoMEDtqEKxGCI0KIZGEKgoYGXHL0g9eLbb1sJH6XI1EUul3pjiEHGCxQ2o=
GET H3	200	m4.svg promo.libertex.org/lp/es-lm/welcome-bonus/img/svg/	1 KB 1004 B	87ms 85ms	Image image/svg+xml	2606:4700::6811:590e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://promo.libertex.org/lp/es-lm/welcome-bonus/img/svg/m4.svg Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:590e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bd6d887436063fb3b31ffda0c9272028c0221e2046d6d7590a3b088a23251986 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:29 GMT content-encoding br cf-cache-status DYNAMIC last-modified Wed, 12 Jul 2023 13:26:04 GMT server cloudflare x-amz-request-id KJHYY9FG5XRK4RNH etag W/"5c9c5c7f40b36d3f9d0e8990e4e97ec4" vary Accept-Encoding content-type image/svg+xml cf-ray 7ebc00ca1cc9361d-FRA alt-svc h3=":443"; ma=86400 x-amz-id-2 Tgb+lT76h07k8c7mEiIjr4mYHnXS5aKcnKrNthAiD2gS+TIWkcggJZeNj6Yg9rWF1bwHA/59jcM=
GET H3	200	m5.svg promo.libertex.org/lp/es-lm/welcome-bonus/img/svg/	1 KB 941 B	130ms 128ms	Image image/svg+xml	2606:4700::6811:590e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://promo.libertex.org/lp/es-lm/welcome-bonus/img/svg/m5.svg Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:590e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d113d6615dfbef748cad6fbbc336c168d4af5bbe2f7632eacbc422675719ed0e Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:29 GMT content-encoding br cf-cache-status DYNAMIC last-modified Wed, 12 Jul 2023 13:26:04 GMT server cloudflare x-amz-request-id KJHKACYV701RMG63 etag W/"046de402df156a68352f450371cb4f93" vary Accept-Encoding content-type image/svg+xml cf-ray 7ebc00ca1ccb361d-FRA alt-svc h3=":443"; ma=86400 x-amz-id-2 JYJPDQP3dPC5l9KcagZH8GXjKttRpmJVzChaWKrmj2uB+gON8kRjYQeYsrhZv4Zx3ohYjfJVqGY=
GET H3	200	bottom-logo.svg promo.libertex.org/lp/es-lm/welcome-bonus/img/svg/	2 KB 1 KB	130ms 128ms	Image image/svg+xml	2606:4700::6811:590e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://promo.libertex.org/lp/es-lm/welcome-bonus/img/svg/bottom-logo.svg Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:590e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8ef6e30bb9ec4fca8e5402b39f6190c1ad778f60048fc91728f7a4f623f23652 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:29 GMT content-encoding br cf-cache-status DYNAMIC last-modified Wed, 12 Jul 2023 13:26:04 GMT server cloudflare x-amz-request-id KJHTM30V6D31M6N7 etag W/"f15077cc23a5dcb7e444bafce07a624e" vary Accept-Encoding content-type image/svg+xml cf-ray 7ebc00ca1ccc361d-FRA alt-svc h3=":443"; ma=86400 x-amz-id-2 gXUvXV4bMLBYLnkTxBA1MleeNTIYO7l448Za6wAnFMtI7aV1NNWIHO86be3LnXwZluR8JaWN8r4=
GET H2	200	landing-api.min.2.2.2.js Show response lib.libertex.org/landing/js/	74 KB 23 KB	208ms 126ms	Script application/javascript	2606:4700::6811:590e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lib.libertex.org/landing/js/landing-api.min.2.2.2.js Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:590e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash facf08c34d30087f6e5280647dbfedc416da8be80594547d3e3ff23fe2ab28e6 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:29 GMT content-encoding br cf-cache-status DYNAMIC last-modified Thu, 25 Nov 2021 10:54:30 GMT server cloudflare x-amz-request-id KJHSM5Z7HWH3D6Q3 etag W/"882bba95952c9d849e36f426d7379554" vary Accept-Encoding content-type application/javascript cf-ray 7ebc00ca7fe32c18-FRA alt-svc h3=":443"; ma=86400 x-amz-id-2 e+YaLAdHWz/KpZE1WbNsbkqyyNQVB+j/jTXGFl6dWwe8tnt/wCMeK7rHcqxgUyz1H4KJ9ngHonE=
GET H3	200	libs.min.js Show response promo.libertex.org/lp/es-lm/welcome-bonus/js/libs/	130 KB 38 KB	108ms 107ms	Script application/javascript	2606:4700::6811:590e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://promo.libertex.org/lp/es-lm/welcome-bonus/js/libs/libs.min.js Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:590e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 332da25a942d40576e6d7063950c7482449305bea22243668e2bb1d9d42e692a Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:29 GMT content-encoding br cf-cache-status DYNAMIC last-modified Wed, 12 Jul 2023 13:26:04 GMT server cloudflare x-amz-request-id KJHG15CQDK627J77 etag W/"df58bc28116b0ad549e0a5ba51f238d5" vary Accept-Encoding content-type application/javascript cf-ray 7ebc00ca1cad361d-FRA alt-svc h3=":443"; ma=86400 x-amz-id-2 vcByvyQNwR0d0CZBidldeDk1hFA9iqzqT5E3EJVCLjkgrKbkLGCsVfus4XzcdsgaCZHxTPbutxQ=
GET H3	200	interface.js Show response promo.libertex.org/lp/es-lm/welcome-bonus/js/	2 KB 1 KB	130ms 127ms	Script application/javascript	2606:4700::6811:590e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://promo.libertex.org/lp/es-lm/welcome-bonus/js/interface.js Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:590e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 662bdde7b88e157283d502ca8109bb4313da3546b929ed6eda124f4b741bb991 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:29 GMT content-encoding br cf-cache-status DYNAMIC last-modified Wed, 12 Jul 2023 13:26:04 GMT server cloudflare x-amz-request-id KJHPXCGS7ES942V0 etag W/"0a3700ee69077a76aabdb3d81ad067ad" vary Accept-Encoding content-type application/javascript cf-ray 7ebc00ca1cba361d-FRA alt-svc h3=":443"; ma=86400 x-amz-id-2 mP0oF/2R211lYVcJC2fafwZQ8Q3OXJITKVBggy+klV4iqWC5nLGj17j4vxQq6QRwqJjB1RSxqrc=
GET H2	200	utag.js Show response tags.tiqcdn.com/utag/fxclub/main/prod/	187 KB 29 KB	72ms 24ms	Script application/javascript	2600:9000:223e:a400:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223e:a400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 699c4aae66142891e4a8c4b83e9886f91b8ad87b6ebb760f1c9ed3d546bd5982 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers x-amz-version-id Kyal_yYnmxEOfnLR6e31CV.gHRslgzER content-encoding br via 1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront) date Mon, 24 Jul 2023 12:00:19 GMT last-modified Fri, 07 Jul 2023 09:34:18 GMT server AmazonS3 x-amz-cf-pop FRA56-P4 age 11 x-amz-server-side-encryption AES256 etag W/"2b09e445489af9fc86016fc97a7604e6" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=300 x-amz-cf-id W7tA8Dnwj713wBo3kwAqaeOFAHmrefdXTOAV4xqNQLPzP5M1j-PNBw==
GET H3	200	down-arrow.svg promo.libertex.org/lp/es-lm/welcome-bonus/img/svg/	324 B 475 B	124ms 124ms	Image image/svg+xml	2606:4700::6811:590e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://promo.libertex.org/lp/es-lm/welcome-bonus/img/svg/down-arrow.svg Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/welcome-bonus/css/main.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:590e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8d2ce4dd6bcf451a5ab0ad77e185b7ec7d1b1e5b33ca13308aac0302aa04a5fc Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/lp/es-lm/welcome-bonus/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:29 GMT content-encoding br cf-cache-status DYNAMIC last-modified Wed, 12 Jul 2023 13:26:04 GMT server cloudflare x-amz-request-id KJHKT5Y5JR54XQWG etag W/"041a6e9393b0b1944c4c045436038d86" vary Accept-Encoding content-type image/svg+xml cf-ray 7ebc00ca2cdf361d-FRA alt-svc h3=":443"; ma=86400 x-amz-id-2 Znq/KG1Wml5QLFXlH6IkmrZa5YLPQkFYdmU7dIG8lf7fXp/WMOkHFzAcLkzjnQwN0HPhucQr+7g=
GET H3	200	m-bg.jpg promo.libertex.org/lp/es-lm/welcome-bonus/img/content/	21 KB 21 KB	125ms 124ms	Image image/jpeg	2606:4700::6811:590e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://promo.libertex.org/lp/es-lm/welcome-bonus/img/content/m-bg.jpg Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/welcome-bonus/css/main.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:590e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 03affbd1d1f7a87f838d07bbacd13c7dd9ff2d2aca6136195654b2b5f5b09256 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/lp/es-lm/welcome-bonus/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:29 GMT cf-cache-status DYNAMIC last-modified Wed, 12 Jul 2023 13:26:04 GMT server cloudflare x-amz-request-id KJHGKSVG0M3YV0YP etag "5368a31417b963463eea5ed5673d9034" vary Accept-Encoding content-type image/jpeg cf-ray 7ebc00ca2ce1361d-FRA alt-svc h3=":443"; ma=86400 content-length 21400 x-amz-id-2 oYqKnkI61gMegq9JL6SIjGA2sdohhh69S0AP7I/H4XxZU+6ST5Tke9Frs4AMNMANOGHIVACyAoM=
GET H3	200	mont-semibold.woff2 promo.libertex.org/lp/es-lm/welcome-bonus/fonts/mont/mont-semibold/	42 KB 43 KB	79ms 78ms	Font binary/octet-stream	2606:4700::6811:590e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://promo.libertex.org/lp/es-lm/welcome-bonus/fonts/mont/mont-semibold/mont-semibold.woff2 Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/welcome-bonus/css/main.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:590e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e377670313d0df5aea0827e47e513ec1faf566945296b9e50b2eca7c1e048527 Request headers Referer https://promo.libertex.org/lp/es-lm/welcome-bonus/css/main.css Origin https://promo.libertex.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:29 GMT cf-cache-status DYNAMIC last-modified Wed, 12 Jul 2023 13:26:04 GMT server cloudflare x-amz-request-id KJHR6CMC8A7Z2SZQ etag "a22974a265089b8d96a0b9969289e444" vary Accept-Encoding content-type binary/octet-stream cf-ray 7ebc00ca2ce2361d-FRA alt-svc h3=":443"; ma=86400 content-length 43364 x-amz-id-2 HVzYhrktLxHh+8mL7IMcmF06xew3JI5AsFwRHsJ4jDDbh7STuQYC2rVZ6X9KDA/6ZgxauPu9VjY=
GET H3	200	mont-bold.woff2 promo.libertex.org/lp/es-lm/welcome-bonus/fonts/mont/mont-bold/	42 KB 42 KB	139ms 139ms	Font binary/octet-stream	2606:4700::6811:590e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://promo.libertex.org/lp/es-lm/welcome-bonus/fonts/mont/mont-bold/mont-bold.woff2 Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/welcome-bonus/css/main.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:590e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0d9e0e4b6636bab12f4f0e583c231a6504e0d243c57774554c1397a43ab292c5 Request headers Referer https://promo.libertex.org/lp/es-lm/welcome-bonus/css/main.css Origin https://promo.libertex.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:29 GMT cf-cache-status DYNAMIC last-modified Wed, 12 Jul 2023 13:26:03 GMT server cloudflare x-amz-request-id KJHWKMJKCK4VRYVH etag "22d74a57af7e4c8524c6cb27cb37cfca" vary Accept-Encoding content-type binary/octet-stream cf-ray 7ebc00ca2ce4361d-FRA alt-svc h3=":443"; ma=86400 content-length 42992 x-amz-id-2 eVJjB/8R2UI+txp2vzRdMCqTgDqnOBoAUDrF06asqbjXd9KMTLD+jDXS8YfpRTdCAxUiZgCwKW0=
GET H3	200	mont-regular.woff2 promo.libertex.org/lp/es-lm/welcome-bonus/fonts/mont/mont-regular/	41 KB 41 KB	157ms 156ms	Font binary/octet-stream	2606:4700::6811:590e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://promo.libertex.org/lp/es-lm/welcome-bonus/fonts/mont/mont-regular/mont-regular.woff2 Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/welcome-bonus/css/main.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:590e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 51b613344f05c6eb7fab6733e8ec2d10a2a0b2ec981e1c4647416d60eac72a81 Request headers Referer https://promo.libertex.org/lp/es-lm/welcome-bonus/css/main.css Origin https://promo.libertex.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:29 GMT cf-cache-status DYNAMIC last-modified Wed, 12 Jul 2023 13:26:03 GMT server cloudflare x-amz-request-id KJHKG16WT4T6B133 etag "bdcff66d9e4d966e3a3e9627056046ff" vary Accept-Encoding content-type binary/octet-stream cf-ray 7ebc00ca2ce7361d-FRA alt-svc h3=":443"; ma=86400 content-length 42020 x-amz-id-2 Wo2/rqEHoXw292pQ9mX7bCUCnZuOcF+6QKvBtJ38FVrvC1L905jatWbDFaoeovNwqHB3QeCKxwo=
GET H3	200	twitter.svg promo.libertex.org/lp/es-lm/welcome-bonus/img/svg/	545 B 614 B	135ms 133ms	Image image/svg+xml	2606:4700::6811:590e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://promo.libertex.org/lp/es-lm/welcome-bonus/img/svg/twitter.svg Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:590e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 872725ab6b75dd0925eb710226bf897dcccdefd630fcc954f3e73482ffebd750 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:29 GMT content-encoding br cf-cache-status DYNAMIC last-modified Wed, 12 Jul 2023 13:26:04 GMT server cloudflare x-amz-request-id KJHT2512R7P67H26 etag W/"93cb9468732f6452334135f44080d206" vary Accept-Encoding content-type image/svg+xml cf-ray 7ebc00ca5d1c361d-FRA alt-svc h3=":443"; ma=86400 x-amz-id-2 cL+ODu360BT2lQLncTpwfELHcuwrUGeAdYvZy8Zb07slDL7yJ7Ljit+5VluRkL70anbOcSIzLFE=
GET H3	200	instagram.svg promo.libertex.org/lp/es-lm/welcome-bonus/img/svg/	2 KB 1 KB	135ms 133ms	Image image/svg+xml	2606:4700::6811:590e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://promo.libertex.org/lp/es-lm/welcome-bonus/img/svg/instagram.svg Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:590e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a0ed094938010c59d84ad0a2b511cad9c6a7c932b5b9c278a818247fa374d43c Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:29 GMT content-encoding br cf-cache-status DYNAMIC last-modified Wed, 12 Jul 2023 13:26:04 GMT server cloudflare x-amz-request-id KJHJ335P3SYQ3SBF etag W/"5d6faf973fc4a56a706d8a9775b4ee9f" vary Accept-Encoding content-type image/svg+xml cf-ray 7ebc00ca5d1f361d-FRA alt-svc h3=":443"; ma=86400 x-amz-id-2 YwG2lx+NWM3G8Ds5CEvOUbCZWfIpzOFNq67/Rme2gGWoVgFLnJ9TFwL3AKutKKi44hquSYni3lM=
GET H3	200	youtube.svg promo.libertex.org/lp/es-lm/welcome-bonus/img/svg/	630 B 661 B	135ms 133ms	Image image/svg+xml	2606:4700::6811:590e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://promo.libertex.org/lp/es-lm/welcome-bonus/img/svg/youtube.svg Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:590e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 08509a4fede4c03053224282a6674e035fd2db88534102f7fedb8e11b1d48aa8 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:29 GMT content-encoding br cf-cache-status DYNAMIC last-modified Wed, 12 Jul 2023 13:26:04 GMT server cloudflare x-amz-request-id KJHZZ7TXKHECQGSG etag W/"f950efcf23d132f1d03cd7a420ca44df" vary Accept-Encoding content-type image/svg+xml cf-ray 7ebc00ca5d20361d-FRA alt-svc h3=":443"; ma=86400 x-amz-id-2 Abq9RHMdj2eywf842/e4vss3sKT0Epb3DsVF/XC8inalJmnq9pZr1AOF0ZxqdG4duBbpsEhZ69c=
GET H3	200	tiktok.svg promo.libertex.org/lp/es-lm/welcome-bonus/img/svg/	502 B 625 B	135ms 133ms	Image image/svg+xml	2606:4700::6811:590e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://promo.libertex.org/lp/es-lm/welcome-bonus/img/svg/tiktok.svg Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:590e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f1e538805a70b6a9a1354ab8f8faea11eb48f668b14c6d2a62ee7670fadb23f8 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:29 GMT content-encoding br cf-cache-status DYNAMIC last-modified Wed, 12 Jul 2023 13:26:04 GMT server cloudflare x-amz-request-id KJHZFVXAXZM1R52J etag W/"0f05b2dfb886ae1de90b0dbf58e1e7bc" vary Accept-Encoding content-type image/svg+xml cf-ray 7ebc00ca5d22361d-FRA alt-svc h3=":443"; ma=86400 x-amz-id-2 yqNmTYqHwSqDGT94NGM7MaI43m7aNhEbEVMeOfj/Dvm08aeoHQJsHnOk0IglqCsrvm1NBs7iaGE=
GET H3	200	linkedIn.svg promo.libertex.org/lp/es-lm/welcome-bonus/img/svg/	668 B 698 B	135ms 134ms	Image image/svg+xml	2606:4700::6811:590e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://promo.libertex.org/lp/es-lm/welcome-bonus/img/svg/linkedIn.svg Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:590e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a401323b2c18dfed940f9733c58d24db1d962533a402865a468840f9379b3a58 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:29 GMT content-encoding br cf-cache-status DYNAMIC last-modified Wed, 12 Jul 2023 13:26:04 GMT server cloudflare x-amz-request-id KJHN87TJ1TM15Q01 etag W/"6ba5a7fcc7c704abb56fefabc3c63d7e" vary Accept-Encoding content-type image/svg+xml cf-ray 7ebc00ca5d23361d-FRA alt-svc h3=":443"; ma=86400 x-amz-id-2 hqVly7NTGTIYyC4s/2NA4p658w764hm2kz0JGCLI/G4vf2mA7pxCHE5hcqEGizIHGRpE1TKyjHM=
GET H2	200	b221320efe428b09cd1ad4eebd902cb0e8b668c8 Show response api-account.libertex.org/v1/init/	9 KB 4 KB	318ms 244ms	XHR application/json	2606:4700::6811:5a0e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api-account.libertex.org/v1/init/b221320efe428b09cd1ad4eebd902cb0e8b668c8?sdk=javascript&v=1690200030014 Requested by Host: lib.libertex.org URL: https://lib.libertex.org/landing/js/landing-api.min.2.2.2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:5a0e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9af3cfab25a1144ac14b3d4514b9789e0e1510017ecb9270010e07a24d96f5f8 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:30 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare vary Accept-Encoding content-type application/json; charset=UTF-8 access-control-allow-origin * cf-ray 7ebc00cc1c461d84-FRA access-control-allow-headers X-Forwarded-For alt-svc h3=":443"; ma=86400
GET H2	200	utag.505.js Show response tags.tiqcdn.com/utag/fxclub/main/prod/	20 KB 5 KB	36ms 34ms	Script application/javascript	2600:9000:223e:a400:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.505.js?utv=ut4.46.202102051128 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223e:a400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b8672d442223b6706d5821f4c89da0fcb56ba653e38403b5fda56a7050d4e40f Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers x-amz-version-id F8PUI2PfNw0.2NCu.hmU06A0LWwK_6sm content-encoding br via 1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront) date Mon, 24 Jul 2023 11:58:38 GMT last-modified Fri, 07 Jul 2023 09:34:16 GMT server AmazonS3 x-amz-cf-pop FRA56-P4 age 245 x-amz-server-side-encryption AES256 etag W/"484ac65bf6accec2b5518b63aa9f9657" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id Hmuym428KrrcThHIYRIiuRHJhIAjqPcxhkjZr8jLdJdPYmauE5KzBg==
GET H2	200	utag.484.js Show response tags.tiqcdn.com/utag/fxclub/main/prod/	1 KB 1 KB	28ms 26ms	Script application/javascript	2600:9000:223e:a400:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.484.js?utv=ut4.46.201611111701 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223e:a400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9fb6986563ed8ef554e0ece56258e400ce2c25db179d1ce3b090b05066e6cc8c Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers x-amz-version-id wSN9FVVccWqj10BP3XQmptRiRihGjVBM content-encoding br via 1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront) date Mon, 24 Jul 2023 11:59:32 GMT last-modified Fri, 07 Jul 2023 09:34:01 GMT server AmazonS3 x-amz-cf-pop FRA56-P4 age 59 x-amz-server-side-encryption AES256 etag W/"828fc39ab845cbb3172b7cb8c9b98dab" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id bfSCzm2BWeEXiV5VnrLBz-G-2g4YbB0uVW0UCE_mlW9_DqvXNK8eaQ==
GET H2	200	utag.503.js Show response tags.tiqcdn.com/utag/fxclub/main/prod/	9 KB 3 KB	35ms 33ms	Script application/javascript	2600:9000:223e:a400:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.503.js?utv=ut4.46.202111081405 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223e:a400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7111829b5bbad69b2d07f11fb962d7af61b390de72c0883a5324ce8955fb58c1 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers x-amz-version-id y1cp0CSdxfOVT_BOuTYp1xo3yawZw6G8 content-encoding br via 1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront) date Mon, 24 Jul 2023 11:58:40 GMT last-modified Fri, 07 Jul 2023 09:34:02 GMT server AmazonS3 x-amz-cf-pop FRA56-P4 age 111 x-amz-server-side-encryption AES256 etag W/"8b4417efed3d7260772fddf387162c0f" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id aYakNkyR-3LexkSTypmrSeHfGyr1zWllNdudBSGLlbZ8xvrmc6opUg==
GET H2	200	utag.596.js Show response tags.tiqcdn.com/utag/fxclub/main/prod/	7 KB 2 KB	35ms 33ms	Script application/javascript	2600:9000:223e:a400:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.596.js?utv=ut4.46.201907011259 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223e:a400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7ef40cf31967d4dd3badb50cbcfc5c551b2812f92205a4bd525c3e74227ef362 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers x-amz-version-id RHfUR0GuBUOrLUil2t99NeForB_.fygg content-encoding br via 1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront) date Mon, 24 Jul 2023 11:58:34 GMT last-modified Fri, 07 Jul 2023 09:34:09 GMT server AmazonS3 x-amz-cf-pop FRA56-P4 age 117 x-amz-server-side-encryption AES256 etag W/"adda97a3ca799b44dc1f57212f32a2dc" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id HtCeaHrl1YFocjLcfeo9KgvwFaJWbw1M0ypRy1xjLqfuVbbpHElfMQ==
GET H2	200	utag.541.js Show response tags.tiqcdn.com/utag/fxclub/main/prod/	3 KB 2 KB	35ms 34ms	Script application/javascript	2600:9000:223e:a400:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.541.js?utv=ut4.46.202304110819 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223e:a400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 0a5aebade569c57dfe330bcd1964b708865e2970a1a4e523bbb2d8f3a809ac16 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers x-amz-version-id qctbh3RPFBYqBBVenFEOKESxlY7mi_Q1 content-encoding br via 1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront) date Mon, 24 Jul 2023 11:59:32 GMT last-modified Fri, 07 Jul 2023 09:34:05 GMT server AmazonS3 x-amz-cf-pop FRA56-P4 age 59 x-amz-server-side-encryption AES256 etag W/"293d6c7c89fe60ee0bde6bd0c8240b3d" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id JcEtVZMR4mN5pnqHHDI1z0MIzDRHyz-qCAyv-36p6smDwUdldB0zug==
GET H2	200	utag.548.js Show response tags.tiqcdn.com/utag/fxclub/main/prod/	10 KB 3 KB	35ms 33ms	Script application/javascript	2600:9000:223e:a400:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.548.js?utv=ut4.46.201804170814 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223e:a400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 643c8353d331a98ae1af560acb99170eb7569936125e568116ffa160d4cf45cf Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers x-amz-version-id e1dTZbbA6aZqIf1vaXIAp5lUPiFlFC8x content-encoding br via 1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront) date Mon, 24 Jul 2023 11:58:38 GMT last-modified Fri, 07 Jul 2023 09:34:07 GMT server AmazonS3 x-amz-cf-pop FRA56-P4 age 245 x-amz-server-side-encryption AES256 etag W/"038118dd06531bc6d7e886f4d7b4d357" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id PSLm_IR7O7ppqhAemwtgW4_U-YSl5Z04G36DokDGpkon2PkZzpjNBg==
GET H2	200	utag.607.js Show response tags.tiqcdn.com/utag/fxclub/main/prod/	4 KB 2 KB	34ms 33ms	Script application/javascript	2600:9000:223e:a400:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.607.js?utv=ut4.46.202201100844 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223e:a400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ff172d364dba1d5ff7f4109e1efe0d570d2fa3aaa00262943a7c75b574a773f1 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers x-amz-version-id C0kf.08jkHHmYkIq45XvU5EqaSBnTpQj content-encoding br via 1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront) date Mon, 24 Jul 2023 11:58:32 GMT last-modified Fri, 07 Jul 2023 09:34:16 GMT server AmazonS3 x-amz-cf-pop FRA56-P4 age 213 x-amz-server-side-encryption AES256 etag W/"71bb61348ded1c6d322e90bc28d044d8" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id FyfM0DCDdUkEnFD4LvTD6i24EVLD3HH1rClwE03dAWi65lRtHNdqDQ==
GET H2	200	utag.654.js Show response tags.tiqcdn.com/utag/fxclub/main/prod/	3 KB 2 KB	35ms 34ms	Script application/javascript	2600:9000:223e:a400:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.654.js?utv=ut4.46.202010010807 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223e:a400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5bac138fd7ec761b27d6a1f82957c5b9b5f2289521492cd6fb70f8a61dff6f79 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers x-amz-version-id Z5ysST4vYVssTwCZwBf_crp7wvxxaETp content-encoding br via 1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront) date Mon, 24 Jul 2023 11:59:33 GMT last-modified Fri, 07 Jul 2023 09:34:11 GMT server AmazonS3 x-amz-cf-pop FRA56-P4 age 58 x-amz-server-side-encryption AES256 etag W/"7a85c661c361fd9caefb3f909b2d16b0" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id KlxTkWdRA0yLNPZlB1xygHAkJsRLiS7digi9ib6hfIzB7EB_m-64Tw==
GET H2	200	utag.657.js Show response tags.tiqcdn.com/utag/fxclub/main/prod/	8 KB 3 KB	36ms 35ms	Script application/javascript	2600:9000:223e:a400:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.657.js?utv=ut4.46.202304121450 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223e:a400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 156c3def85e893f40299334b4dd893bc68dda934c29504900dec746096ee5810 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers x-amz-version-id ElJgpw8LgLdCGdcAR1.Hy.THsumQaNo0 content-encoding br via 1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront) date Mon, 24 Jul 2023 11:57:13 GMT last-modified Fri, 07 Jul 2023 09:34:15 GMT server AmazonS3 x-amz-cf-pop FRA56-P4 age 245 x-amz-server-side-encryption AES256 etag W/"432f0f8000d071f8b3526d2ac366784d" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id raTxQoSUfuXVio_qgyfIF8i9OlCQTMmpOi0TYsXaFO5g225kCto5YA==
GET H2	200	utag.692.js Show response tags.tiqcdn.com/utag/fxclub/main/prod/	4 KB 2 KB	35ms 34ms	Script application/javascript	2600:9000:223e:a400:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.692.js?utv=ut4.46.202110210846 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223e:a400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 080b2c0070474ea6c1d69f9005deeaa8e07ae1a9cc7caf33b73ebeb3b212bcd3 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers x-amz-version-id 49l_87DKvecjtP8k4DRRnNIKKeIzozJ4 content-encoding br via 1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront) date Mon, 24 Jul 2023 11:57:53 GMT last-modified Fri, 07 Jul 2023 09:34:12 GMT server AmazonS3 x-amz-cf-pop FRA56-P4 age 171 x-amz-server-side-encryption AES256 etag W/"2ffb6741c52e2e2c9960b0695ae43505" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id 5fHQi4Zoe3qikbCILydXu6pPu0mlEyqZW2OQ3DhOFoVRpGp-tYdqKA==
GET H2	200	utag.705.js Show response tags.tiqcdn.com/utag/fxclub/main/prod/	16 KB 6 KB	47ms 46ms	Script application/javascript	2600:9000:223e:a400:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.705.js?utv=ut4.46.202205050828 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223e:a400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 73d14b3b5f4e0b1e15c80ceff54b2d218f763c888b0ae08677053ac5d538a794 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers x-amz-version-id 7ImCQyCCKwAH0cg19KeLxG7u_wkIOB88 content-encoding br via 1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront) date Mon, 24 Jul 2023 11:58:38 GMT last-modified Fri, 07 Jul 2023 09:34:05 GMT server AmazonS3 x-amz-cf-pop FRA56-P4 age 245 x-amz-server-side-encryption AES256 etag W/"7483d23a4eb32828a7adffbe332d17df" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id _ter1WM9rJFiMeoFbHHPLnCHMdzJ6840043fSGngscu4wEbLe26dCg==
GET H2	200	utag.731.js Show response tags.tiqcdn.com/utag/fxclub/main/prod/	7 KB 3 KB	45ms 44ms	Script application/javascript	2600:9000:223e:a400:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.731.js?utv=ut4.46.202302031206 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223e:a400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b7c42c7b7e2b8af19a341c388e8cef3e5dedda24171bb778b895bd672d7ae510 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers x-amz-version-id u.H7lbEIVI1R1_cXqkCWrdMcOF3AqFOz content-encoding gzip via 1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront) date Mon, 24 Jul 2023 11:59:33 GMT last-modified Fri, 07 Jul 2023 09:34:17 GMT server AmazonS3 x-amz-cf-pop FRA56-P4 age 58 x-amz-server-side-encryption AES256 etag W/"f0eeb936cd79580470f7f76808d28b07" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id eoeGb7cEMyoiyaSfzyOxG3CvLJ-SY9nGJDIdZIhX7Lc6CGeDUJ80eg==
GET H2	200	utag.746.js Show response tags.tiqcdn.com/utag/fxclub/main/prod/	2 KB 1 KB	47ms 47ms	Script application/javascript	2600:9000:223e:a400:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.746.js?utv=ut4.46.202301301117 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223e:a400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f2b2281a2d3a5cbce4ae2914fba3e5924d081c688b2e272035710a52e1e727a4 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers x-amz-version-id S7adXr4gsOT3WWAJuHVswv9kka0TnYiI content-encoding br via 1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront) date Mon, 24 Jul 2023 11:58:38 GMT last-modified Fri, 07 Jul 2023 09:33:58 GMT server AmazonS3 x-amz-cf-pop FRA56-P4 age 245 x-amz-server-side-encryption AES256 etag W/"0de649be5f3fc6f4d2be9e8c4ba3804c" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id nXpOMN9p1Z3XfC6afOx6OtmctfTNEkCevYyvFrEac_GxUrjKtCaKmg==
GET H2	200	utag.757.js Show response tags.tiqcdn.com/utag/fxclub/main/prod/	12 KB 4 KB	46ms 46ms	Script application/javascript	2600:9000:223e:a400:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.757.js?utv=ut4.46.202307070931 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223e:a400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d8466e7a17f661ae554ed79380e8e674a83a149e948b9cebacd57fc0f56a8592 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers x-amz-version-id 0TKerBrTBdPdWcumNMWXeh1_UyDn1dqw content-encoding br via 1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront) date Mon, 24 Jul 2023 11:59:33 GMT last-modified Fri, 07 Jul 2023 09:34:08 GMT server AmazonS3 x-amz-cf-pop FRA56-P4 age 58 x-amz-server-side-encryption AES256 etag W/"911e05b91261e5f493744c3303abeacb" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id HR0fdFeJ6NE4GfUD6xIX4vw-cqnRh7N_9Brq2j48wBIz_dsDDl4X0g==
GET H2	200	activityi;dc_pre=CMCRl-Olp4ADFcSNsgod3XIAUw;src=11442981;type=testb0;cat=pagev0;ord=8399787007802.626 Show response 11442981.fls.doubleclick.net/ Frame 2BB4 Redirect Chain https://11442981.fls.doubleclick.net/activityi;src=11442981;type=testb0;cat=pagev0;ord=8399787007802.626? https://11442981.fls.doubleclick.net/activityi;dc_pre=CMCRl-Olp4ADFcSNsgod3XIAUw;src=11442981;type=testb0;cat=pagev0;ord=8399787007802.626?	440 B 402 B	79ms 75ms	Document text/html	142.250.186.38 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://11442981.fls.doubleclick.net/activityi;dc_pre=CMCRl-Olp4ADFcSNsgod3XIAUw;src=11442981;type=testb0;cat=pagev0;ord=8399787007802.626? Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.38 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f6.1e100.net Software cafe / Resource Hash e640e89fd1f3f0a0c744cd7c919574fa69c5002afce0357f101acfda092ffa78 Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://promo.libertex.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-encoding br content-length 227 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 24 Jul 2023 12:00:30 GMT expires Fri, 01 Jan 1990 00:00:00 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 24 Jul 2023 12:00:30 GMT expires Fri, 01 Jan 1990 00:00:00 GMT follow-only-when-prerender-shown 1 location https://11442981.fls.doubleclick.net/activityi;dc_pre=CMCRl-Olp4ADFcSNsgod3XIAUw;src=11442981;type=testb0;cat=pagev0;ord=8399787007802.626? p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	uwt.js Show response static.ads-twitter.com/	56 KB 15 KB	110ms 22ms	Script application/javascript	146.75.116.157 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static.ads-twitter.com/uwt.js Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.548.js?utv=ut4.46.201804170814 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:30 GMT content-encoding gzip last-modified Thu, 27 Oct 2022 16:56:53 GMT etag "32ad004436155ec972bc50e6238b5b67+gzip+gzip" vary Accept-Encoding,Host x-cache HIT, HIT content-type application/javascript; charset=utf-8 p3p CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" x-tw-cdn FT cache-control no-cache accept-ranges bytes content-length 15375 x-served-by cache-iad-kjyo7100081-IAD, cache-fra-eddf8230043-FRA
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	171 KB 47 KB	69ms 23ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 5facf3ca997fd8a7658579d40b8bc44a659e12df5b45b2f1f1713f987b86366c Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Mon, 24 Jul 2023 12:00:30 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 46993 x-xss-protection 0 pragma public x-fb-debug C6QxlBxdgh+fhznTYEKugCw8vLEcjDTo8vsy3JblOx+rzRKJQ4avhQciieR/YJcMFrMc6tdVk7TpiWoRQ53r+g== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	hotjar-898554.js Show response static.hotjar.com/c/	9 KB 4 KB	77ms 25ms	Script application/javascript	18.66.97.49 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-898554.js?sv= Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.97.49 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-97-49.fra56.r.cloudfront.net Software / Resource Hash 85cb8fb58ac2a1c7e0e0aa5f41293cfd6ed0bae2691d04d7637b50b196e5bab9 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding br x-content-type-options nosniff date Mon, 24 Jul 2023 11:59:33 GMT via 1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 age 57 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin etag W/575df401367f69c8fd5b32ac97ca95f2 vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 cache-control max-age=60 x-amz-cf-id b5Bply3lecTm7eNwpfzc0W4RddJeR6hmQBtiMjMRJaLNd-BLHaN6Iw==
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	72ms 21ms	Script text/javascript	2a00:1450:4001:803::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Mon, 24 Jul 2023 11:04:37 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 3353 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Mon, 24 Jul 2023 13:04:37 GMT
GET H2	200	api.min.js Show response a.opmnstr.com/app/js/	49 KB 18 KB	650ms 173ms	Script application/javascript	2400:52e0:1a01::1000:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://a.opmnstr.com/app/js/api.min.js Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1a01::1000:1 Los Angeles, United States, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-LA1-1000 / Resource Hash b0e1957ef268cbd25ce51dfda7e692ae541e120fd70c2dbf78401cc1f0c00248 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:30 GMT content-encoding br cdn-edgestorageid 1002 perma-cache HIT cdn-storageserver LA-295 cdn-cachedat 07/19/2023 14:02:52 cdn-pullzone 293267 last-modified Tue, 11 Jul 2023 19:53:21 GMT server BunnyCDN-LA1-1000 cdn-fileserver 581 cdn-requestpullcode 200 cdn-proxyver 1.04 etag W/"64adb331-c29e" vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid efcab737-66db-4b75-ab55-ed485d5a01dd access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-requestid 48563479c98eb105c422ce3556197189 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	204	mark trc.taboola.com/forexclub-sc/log/3/	0 368 B	99ms 28ms	Image image/gif	2a04:4e42:400::300 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://trc.taboola.com/forexclub-sc/log/3/mark?marking-type=visitor&item-url=https%3A%2F%2Fpromo.libertex.org%2Flp%2Fes-lm%2Fwelcome-bonus%2F%3Faff_id%3D50392%26cxd%3D50392_673110_lb-35332_356771 Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers x-vcl-time-ms 9 date Mon, 24 Jul 2023 12:00:30 GMT via 1.1 varnish x-fastly-to-nlb-rtt 7438 x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" x-service-version v1 x-served-by cache-fra-eddf8230111-FRA pragma no-cache server nginx x-timer S1690200030.149837,VS0,VE9 content-type image/gif access-control-allow-origin * cache-control no-cache access-control-allow-credentials true accept-ranges bytes x-cache-hits 0
GET H2	200	ld.js Show response dynamic.criteo.com/js/ld/	45 KB 19 KB	114ms 36ms	Script application/javascript	2a02:2638:3::e ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://dynamic.criteo.com/js/ld/ld.js?a=101568,61968,61966,101569,61967,101570 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash b4de10d54f054ddaad8130a4cb91ac8a5a9628ad094b09bea8f8932bd3efeac0 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:29 GMT content-encoding br strict-transport-security max-age=31536000; preload; server Kestrel vary Origin, Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public,max-age=10800 cross-origin-resource-policy cross-origin timing-allow-origin *
GET H2	200	js Show response www.googletagmanager.com/gtag/	245 KB 84 KB	92ms 40ms	Script application/javascript	2a00:1450:4001:831::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-GGPG0HTS88 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 0f669200f776fd44801c60f91e40d6a31bf16b3f5b08e24643e6c08d9e8cdfbb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:30 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 85313 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 24 Jul 2023 12:00:30 GMT
GET H2	200	j.php Show response dev.visualwebsiteoptimizer.com/	3 KB 1 KB	89ms 24ms	Script application/javascript	34.96.102.137 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://dev.visualwebsiteoptimizer.com/j.php?a=677842&u=https%3A%2F%2Fpromo.libertex.org%2Flp%2Fes-lm%2Fwelcome-bonus%2F%3Faff_id%3D50392%26cxd%3D50392_673110_lb-35332_356771&r=0.06140276108792553 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.746.js?utv=ut4.46.202301301117 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 137.102.96.34.bc.googleusercontent.com Software gfra1 / Resource Hash 018df886d8ce6fc7bb3db44052645f377ec052bae0cc79b31602b0af7faf5d40 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:30 GMT content-encoding gzip via 1.1 google server gfra1 vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=0, no-cache, must-revalidate timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	200	events.js Show response analytics.tiktok.com/i18n/pixel/	4 KB 2 KB	356ms 118ms	Script application/javascript	23.36.163.228 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BVJ114SOLA0CA89TMT5G&lib=ttq Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-163-228.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 4a1b7f6b820034568a5caaf7335cfd988eeb9b23716ce29b8b4b5e5575b06e15 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers x-akamai-request-id 30424771.2212206c date Mon, 24 Jul 2023 12:00:30 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-cache TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-) x-parent-response-time 94,23.36.161.200 server-timing cdn-cache; desc=MISS, edge; dur=87, origin; dur=7, inner; dur=2 content-length 1621 pragma no-cache server nginx x-tt-logid 202307241200300B10DD2CDA8DBE14F0C3 x-cache-remote TCP_MISS from a23-220-104-19.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-) vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store x-origin-response-time 7,23.220.104.19 x-tt-trace-host 015c91947f38d3c27845e9b099943b1b0d973ecf9a610f2e3a8f50967d5bdda5fb745f67dd01debabd83a244499bcc9b97bd1c9d9ad6dc7e6784e20eecd8f92307ec6a6393c12e2d2302e3a2c2a2e42f01d35ed70e42aa2c4b36ee432a6713c0457f4293403a278b3f42785b54f84d5256 expires Mon, 24 Jul 2023 12:00:30 GMT
GET H2	200	utag.v.js Show response tags.tiqcdn.com/utag/tiqapp/	2 B 431 B	21ms 20ms	Script application/javascript	2600:9000:223e:a400:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=fxclub/main/202307051430&cb=1690200030075 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223e:a400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers x-amz-version-id 2XUX04X5QEw0.xFya64khU._sHTRl_Pz date Mon, 24 Jul 2023 11:57:33 GMT via 1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P4 age 178 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 2 last-modified Sat, 11 Mar 2023 06:57:46 GMT server AmazonS3 etag "7bc0ee636b3b83484fc3b9348863bd22" vary Accept-Encoding content-type application/javascript cache-control max-age=300 accept-ranges bytes x-amz-cf-id wB4M506tesAR-Fqbhj2mboZSBbs8K4db5ZGI5gT8_QyaJSYNuVZXOA==
GET H2	200	/ tealium-proxy.libertex.org/	19 B 19 B	220ms 47ms	Image text/plain	18.200.66.218 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://tealium-proxy.libertex.org/?t_profile=main&abtest_experiments_bucket=&abtest_experiments_name=&client_browser=Chrome&client_id=&customer_accounts_info_code=&customer_cur_account_balance_available=&customer_cur_account_count_of_deals_total=&customer_cur_account_deposit_init_value=&customer_cur_account_deposit_total_value=&customer_cur_account_id=&customer_cur_account_info_code=&customer_cur_account_is_deposit=&customer_cur_account_type=&customer_email=&customer_id=&customer_login=&customer_profile_broker=&customer_profile_business_unit=&customer_profile_country=&customer_profile_is_first_launch_open=&customer_profile_lifecycle=&customer_profile_network=&customer_profile_network_name=&event_account_id=&event_account_name=&event_currency=&event_date=&event_date_utc=2023-07-24+12%3A00&event_id=&event_ref=&event_type=&event_value=&fbp=&fbclid=&fx_visitor_id=&ga_cid=&gclid=&icid_sf=&mixlib=undefined&page_activitytime=&page_category=&page_channel=&page_dom_referrer=&page_dom_url=https%3A%2F%2Fpromo.libertex.org%2Flp%2Fes-lm%2Fwelcome-bonus%2F%3Faff_id%3D50392%26cxd%3D50392_673110_lb-35332_356771&page_environment=prod&page_language=es-lm&page_loadingtime=&page_loadingtime_tti=&page_name=&page_path=&page_referrer_long=&page_system=promo&page_type=&product_category=&product_id=&product_name=&product_subcategory=&segment_web=b&session_id=1690200029848&sf_campaignId=&user_agent=mozilla%2F5.0+%28windows+nt+10.0%3B+win64%3B+x64%29+applewebkit%2F537.36+%28khtml%2C+like+gecko%29+chrome%2F115.0.5790.102+safari%2F537.36&visitor_id=018987c5ba970046b85dda4cba3403074006006c00b08 Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.200.66.218 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-200-66-218.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:30 GMT content-length 19 content-type text/plain; charset=utf-8
GET H2	200	modules.a0d74aac8cc078f29dca.js Show response script.hotjar.com/	279 KB 68 KB	192ms 23ms	Script application/javascript	52.222.236.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.a0d74aac8cc078f29dca.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-898554.js?sv= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.236.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-43.fra56.r.cloudfront.net Software / Resource Hash 32536d6a1f2176b11a99b3f5c0cef8cc4fc9ac7475657cb63763b5342600740a Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Fri, 21 Jul 2023 13:20:06 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P4 age 254424 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 69233 last-modified Fri, 21 Jul 2023 13:19:44 GMT etag "296f56b68e90f44dfc003e4f2b43db7f" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id pbp9eYLcuuMPEtKbBAFFnHRPONgntZux8ljm5_eSvNOGOMDn3ltbdg==
POST H2	200	collect Show response www.google-analytics.com/j/	4 B 211 B	29ms 29ms	XHR text/plain	2a00:1450:4001:803::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1393340650&t=pageview&_s=1&dl=https%3A%2F%2Fpromo.libertex.org%2Flp%2Fes-lm%2Fwelcome-bonus%2F%3Faff_id%3D50392%26cxd%3D50392_673110_lb-35332_356771&ul=en-us&de=UTF-8&dt=Libertex&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACAABBAAAACAAI~&jid=380156388&gjid=315775407&cid=470318773.1690200030&tid=UA-49381759-1&_gid=975751634.1690200030&_r=1&_slc=1&cd7=es-lm&z=143794537 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://promo.libertex.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 24 Jul 2023 12:00:30 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://promo.libertex.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	v.gif dev.visualwebsiteoptimizer.com/eu01/	35 B 215 B	31ms 29ms	Image image/gif	34.96.102.137 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://dev.visualwebsiteoptimizer.com/eu01/v.gif?cd=0&a=677842&d=promo.libertex.org&u=DEE6742EA8F510622360BDA69027560DB&h=3ef2246bba7600b2f3cab778a8daf2b0&t=false&r=0.9100307024063385 Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 137.102.96.34.bc.googleusercontent.com Software gbel2c / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Mon, 24 Jul 2023 12:00:29 GMT via 1.1 google x-content-type-options nosniff server gbel2c content-type image/gif cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 10 Jan 2005 00:00:01 GMT
GET H2	200	503697863149680 Show response connect.facebook.net/signals/config/	151 KB 42 KB	22ms 20ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/503697863149680?v=2.9.116&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 51811266b6a071bd6234e2f744e1bd544a636f94d9ce24de9e312dc444d562e3 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Mon, 24 Jul 2023 12:00:30 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 42978 x-xss-protection 0 pragma public x-fb-debug rgVo/ZJOKKCBSsw3VqdPaRvARCKF1fxzgSuwIyOWg5gzMcyGA65wT8TTaxWEqOQlPfLsLQWL/1oREup1bI+WiA== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	adsct t.co/i/	43 B 378 B	324ms 209ms	Image image/gif	104.244.42.69 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://t.co/i/adsct?bci=3&eci=2&event_id=6ad69131-8abb-4da8-832a-521942a1b91b&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8b88f804-fbe4-43ce-b1a1-2d972e33b282&tw_document_href=https%3A%2F%2Fpromo.libertex.org%2Flp%2Fes-lm%2Fwelcome-bonus%2F%3Faff_id%3D50392%26cxd%3D50392_673110_lb-35332_356771&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzaqg&type=javascript&version=2.3.29 Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.69 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers x-response-time 187 date Mon, 24 Jul 2023 12:00:29 GMT strict-transport-security max-age=0 server tsa_o content-type image/gif;charset=utf-8 x-transaction-id c05058687fd3b2cd cache-control no-cache, no-store, max-age=0 perf 7626143928 x-connection-hash f81534f7fd82b234f96acf457f7735dca057fe2df16f43f5abb84ff2de5778ce content-length 43
GET H2	200	adsct analytics.twitter.com/i/	43 B 396 B	317ms 199ms	Image image/gif	104.244.42.195 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=6ad69131-8abb-4da8-832a-521942a1b91b&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8b88f804-fbe4-43ce-b1a1-2d972e33b282&tw_document_href=https%3A%2F%2Fpromo.libertex.org%2Flp%2Fes-lm%2Fwelcome-bonus%2F%3Faff_id%3D50392%26cxd%3D50392_673110_lb-35332_356771&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzaqg&type=javascript&version=2.3.29 Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.195 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=631138519 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers x-response-time 175 date Mon, 24 Jul 2023 12:00:30 GMT strict-transport-security max-age=631138519 server tsa_o content-type image/gif;charset=utf-8 x-transaction-id 56eb386fe83ccaf4 cache-control no-cache, no-store, max-age=0 perf 7626143928 x-connection-hash 9eb8774ce78d354c8208edbbb389d77950139977e44889db88988a958513326f content-length 43
POST H2	204	collect region1.google-analytics.com/g/	0 247 B	109ms 43ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-GGPG0HTS88&gtm=45je37j0&_p=1393340650&gdid=dYmQxMT&cid=470318773.1690200030&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1690200030&sct=1&seg=0&dl=https%3A%2F%2Fpromo.libertex.org%2Flp%2Fes-lm%2Fwelcome-bonus%2F%3Faff_id%3D50392%26cxd%3D50392_673110_lb-35332_356771&dt=Libertex&en=page_view&_fv=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-GGPG0HTS88 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Mon, 24 Jul 2023 12:00:30 GMT server Golfe2 content-type text/plain access-control-allow-origin https://promo.libertex.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	274 KB 90 KB	38ms 37ms	Script application/javascript	2a00:1450:4001:831::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-8FE0VJVQNC&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-GGPG0HTS88 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ba75f18a1fdbed1183d0a4802adeb69a7a5c7ea0615aa8a848888b8e6179a05e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:30 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 91804 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 24 Jul 2023 12:00:30 GMT
GET H2	200	syncframe Show response gum.criteo.com/ Frame A1CB	15 KB 6 KB	121ms 35ms	Document text/html	2a02:2638:d::d ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?topUrl=promo.libertex.org&origin=onetag Requested by Host: dynamic.criteo.com URL: https://dynamic.criteo.com/js/ld/ld.js?a=101568,61968,61966,101569,61967,101570 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://promo.libertex.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private, max-age=3600 content-encoding gzip content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Mon, 24 Jul 2023 12:00:29 GMT server Kestrel server-processing-duration-in-ticks 243727 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 351 B	93ms 27ms	XHR text/plain	2a00:1450:400c:c0b::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-49381759-1&cid=470318773.1690200030&jid=380156388&gjid=315775407&_gid=975751634.1690200030&_u=YGBACAAABAAAACAAI~&z=723329118 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://promo.libertex.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Mon, 24 Jul 2023 12:00:30 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://promo.libertex.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	all Show response api-geo.libertex.org/v1/	82 KB 17 KB	150ms 123ms	XHR application/json	2606:4700::6811:5a0e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api-geo.libertex.org/v1/all?locale=es&v=1690200030339 Requested by Host: lib.libertex.org URL: https://lib.libertex.org/landing/js/landing-api.min.2.2.2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:5a0e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 09f8d8c991c88fcf0576f64c9d94d4ac908f2cfaf07c6aa27d4f070b4e4f5e4f Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:30 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type application/json; charset=UTF-8 access-control-allow-origin * cf-ray 7ebc00cddf4e1d84-FRA access-control-allow-headers Accept, Accept-Language, Origin, Content-Type, Content-Language, X-Forwarded-For alt-svc h3=":443"; ma=86400
GET DATA	200 OK	truncated /	2 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 354ebf959857dfc34b318ef910d4a8078fc9af5fd5d4ad604870f60e9d7c931c Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5e192cbcb235019c7129b5e9ee56d6f48b4615c6e16c8452fbbe560bfbc6ddab Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	/ www.facebook.com/tr/	0 185 B	202ms 22ms	Image text/plain	2a03:2880:f177:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=503697863149680&ev=PageView&dl=https%3A%2F%2Fpromo.libertex.org%2Flp%2Fes-lm%2Fwelcome-bonus%2F%3Faff_id%3D50392%26cxd%3D50392_673110_lb-35332_356771&rl=&if=false&ts=1690200030360&sw=1600&sh=1200&v=2.9.116&r=stable&a=tmtealium&ec=0&o=28&fbp=fb.1.1690200030357.1826979994&cs_est=true&it=1690200030192&coo=false&rqm=GET Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Mon, 24 Jul 2023 12:00:30 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
POST H2	204	collect region1.analytics.google.com/g/	0 45 B	46ms 36ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-8FE0VJVQNC&gtm=45je37j0&_p=1393340650&_gaz=1&gdid=dYmQxMT&cid=470318773.1690200030&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1690200030&sct=1&seg=0&dl=https%3A%2F%2Fpromo.libertex.org%2Flp%2Fes-lm%2Fwelcome-bonus%2F%3Faff_id%3D50392%26cxd%3D50392_673110_lb-35332_356771&dt=Libertex&en=page_view&_fv=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-8FE0VJVQNC&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Mon, 24 Jul 2023 12:00:30 GMT server Golfe2 content-type text/plain access-control-allow-origin https://promo.libertex.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 56 B	28ms 27ms	Ping text/plain	2a00:1450:400c:c0b::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8FE0VJVQNC&cid=470318773.1690200030&gtm=45je37j0&aip=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-8FE0VJVQNC&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Mon, 24 Jul 2023 12:00:30 GMT server Golfe2 content-type text/plain access-control-allow-origin https://promo.libertex.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	164ms 48ms	Image image/gif	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8FE0VJVQNC&cid=470318773.1690200030&gtm=45je37j0&aip=1&z=2120573282 Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Mon, 24 Jul 2023 12:00:30 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 408 B	158ms 47ms	Image image/gif	2a00:1450:4001:80f::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-49381759-1&cid=470318773.1690200030&jid=380156388&_u=YGBACAAABAAAACAAI~&z=892007961 Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Mon, 24 Jul 2023 12:00:30 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 408 B	153ms 46ms	Image image/gif	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-49381759-1&cid=470318773.1690200030&jid=380156388&_u=YGBACAAABAAAACAAI~&z=892007961 Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Mon, 24 Jul 2023 12:00:30 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response adservice.google.com/ddm/fls/i/dc_pre=CMCRl-Olp4ADFcSNsgod3XIAUw;src=11442981;type=testb0;cat=pagev0;ord=8399787007802.626;~oref=https://promo.libertex.org/ Frame A43B	439 B 600 B	129ms 71ms	Document text/html	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/ddm/fls/i/dc_pre=CMCRl-Olp4ADFcSNsgod3XIAUw;src=11442981;type=testb0;cat=pagev0;ord=8399787007802.626;~oref=https://promo.libertex.org/ Requested by Host: 11442981.fls.doubleclick.net URL: https://11442981.fls.doubleclick.net/activityi;dc_pre=CMCRl-Olp4ADFcSNsgod3XIAUw;src=11442981;type=testb0;cat=pagev0;ord=8399787007802.626? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4c1884749d0335ca8064a32dba5a5428bbb79a1b0fea98172755dd2bf30ce295 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://11442981.fls.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-encoding br content-length 226 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 24 Jul 2023 12:00:30 GMT expires Fri, 01 Jan 1990 00:00:00 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" pragma no-cache server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	main.MWUwMGY1OGEyMQ.js Show response analytics.tiktok.com/i18n/pixel/static/	355 KB 97 KB	24ms 23ms	Script application/javascript	23.36.163.228 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/main.MWUwMGY1OGEyMQ.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BVJ114SOLA0CA89TMT5G&lib=ttq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-163-228.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 533e61ac7d3db734dc3cf5fea5907b10c569fc9f57e50e52b7a8e05c9fdfaa17 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers x-akamai-request-id 221220d5 date Mon, 24 Jul 2023 12:00:30 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 2023072011305235FD92EE8CF3C509DF98 vary Accept-Encoding x-cache TCP_MEM_HIT from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 01c5f7d9e389a5ea19e070b395e89bf09c1a9998cc0ccddef38dbe2b327181dcbe355f45dd662aca7fb3be0f2f536461afa61454d8b3004228c974f72d5743c39a4384bc78bf687834f06bac057427f27bc37aa20e916080e3a4edf7170a04c099 server-timing cdn-cache; desc=HIT, edge; dur=0, inner; dur=4 content-length 98794
POST H2	204	collect region1.google-analytics.com/g/	0 54 B	35ms 35ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-GGPG0HTS88&gtm=45je37j0&_p=1393340650&gdid=dYmQxMT&cid=470318773.1690200030&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1690200030&sct=1&seg=0&dl=https%3A%2F%2Fpromo.libertex.org%2Flp%2Fes-lm%2Fwelcome-bonus%2F%3Faff_id%3D50392%26cxd%3D50392_673110_lb-35332_356771&dt=Libertex&en=view&_ee=1&ep.visitor_id=018987c5ba970046b85dda4cba3403074006006c00b08&ep.page_system=promo&_et=3 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-GGPG0HTS88 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Mon, 24 Jul 2023 12:00:30 GMT server Golfe2 content-type text/plain access-control-allow-origin https://promo.libertex.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 54 B	29ms 28ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-8FE0VJVQNC&gtm=45je37j0&_p=1393340650&gdid=dYmQxMT&cid=470318773.1690200030&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1690200030&sct=1&seg=0&dl=https%3A%2F%2Fpromo.libertex.org%2Flp%2Fes-lm%2Fwelcome-bonus%2F%3Faff_id%3D50392%26cxd%3D50392_673110_lb-35332_356771&dt=Libertex&en=view&_ee=1&ep.visitor_id=018987c5ba970046b85dda4cba3403074006006c00b08&ep.page_system=promo&_et=3 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-8FE0VJVQNC&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Mon, 24 Jul 2023 12:00:30 GMT server Golfe2 content-type text/plain access-control-allow-origin https://promo.libertex.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sid Show response mug.criteo.com/ Frame A1CB Redirect Chain https://gum.criteo.com/sid/json?origin=onetag&domain=libertex.org&sn=ChromeSyncframe&so=0&topUrl=promo.libertex.org&cw=1&lsw=1&topicsavail=0&fledgeavail=0 https://mug.criteo.com/sid?cpp=60sTmXwrUGZrTy9lY3lYKzhNc3AxRFMwNzNIQXVBc1MzaWRZZVR0Wm1LZWdyUzk5UHpRSithNTJ5YkFqY0EvRzJ3TTZhdmxHMU9lYTRwUVNSZjVjU2JvUjUySlowODhuVnJ2R3BZVkVFaDV4MU1MRHZiNFFGZi9TR0RmcF...	452 B 676 B	128ms 34ms	Fetch application/json	178.250.7.13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=60sTmXwrUGZrTy9lY3lYKzhNc3AxRFMwNzNIQXVBc1MzaWRZZVR0Wm1LZWdyUzk5UHpRSithNTJ5YkFqY0EvRzJ3TTZhdmxHMU9lYTRwUVNSZjVjU2JvUjUySlowODhuVnJ2R3BZVkVFaDV4MU1MRHZiNFFGZi9TR0RmcFZEcWZ1ZmtETjNqZDQvMFZqQUM1ZkJrU0lKLzVuZGY5OFVmRHRoYVF2MlZKeFVPcndSRUx4dDF0UGFPZVZEYzc1QXN1YlhnRHJMelV4WGlOZ1QvSmhSQjBXV0Z3alhrWUREeFNOdlcrNkZ2R0x5WTFwd3AxdHpwUmZNVyszc0cyZUNkVFFnVm5ONmVSeW9SL2JZUXJsWG55bmhLejRqdz09fA&cppv=2 Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 Protocol H2 Server 178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 7d95dadc17757bbfa35675280d6644ae138a41b1bef1d3186385fe4d1f7f5054 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://gum.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Mon, 24 Jul 2023 12:00:29 GMT strict-transport-security max-age=31536000; preload; content-encoding gzip server Kestrel vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://gum.criteo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 1074871 expires 0 Redirect headers pragma no-cache date Mon, 24 Jul 2023 12:00:30 GMT strict-transport-security max-age=31536000; preload; server Kestrel location https://mug.criteo.com/sid?cpp=60sTmXwrUGZrTy9lY3lYKzhNc3AxRFMwNzNIQXVBc1MzaWRZZVR0Wm1LZWdyUzk5UHpRSithNTJ5YkFqY0EvRzJ3TTZhdmxHMU9lYTRwUVNSZjVjU2JvUjUySlowODhuVnJ2R3BZVkVFaDV4MU1MRHZiNFFGZi9TR0RmcFZEcWZ1ZmtETjNqZDQvMFZqQUM1ZkJrU0lKLzVuZGY5OFVmRHRoYVF2MlZKeFVPcndSRUx4dDF0UGFPZVZEYzc1QXN1YlhnRHJMelV4WGlOZ1QvSmhSQjBXV0Z3alhrWUREeFNOdlcrNkZ2R0x5WTFwd3AxdHpwUmZNVyszc0cyZUNkVFFnVm5ONmVSeW9SL2JZUXJsWG55bmhLejRqdz09fA&cppv=2 cache-control no-cache, no-store, must-revalidate server-processing-duration-in-ticks 273432 content-length 0 expires 0
GET H2	200	identify_8cea7.js Show response analytics.tiktok.com/i18n/pixel/static/	114 KB 31 KB	29ms 29ms	Script application/javascript	23.36.163.228 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/identify_8cea7.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWUwMGY1OGEyMQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-163-228.deploy.static.akamaitechnologies.com Software nginx / Resource Hash cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers x-akamai-request-id 2212211e date Mon, 24 Jul 2023 12:00:30 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 20230720113047CE0B133DC4E45E0CE05C vary Accept-Encoding x-cache TCP_MEM_HIT from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 01b4627dee1b713fa5f8c5242dab19c804ba06132b1e83354c03bd0bc820b1f54d51c9ca2362a9d2105378124ea846f7a9c5518ce30c4b6f94546b5102c160ae9d68453899c25dfd21318176ff880b1e85a88b0091eb560e23f2cf1d92faeaf1ff server-timing cdn-cache; desc=HIT, edge; dur=0, inner; dur=9 content-length 30725
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 692 B	167ms 166ms	Ping text/plain	23.36.163.228 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWUwMGY1OGEyMQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-163-228.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://promo.libertex.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 1438306.22122154 date Mon, 24 Jul 2023 12:00:30 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-cache TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-) x-parent-response-time 134,23.36.161.200 server-timing cdn-cache; desc=MISS, edge; dur=94, origin; dur=46, inner; dur=29 content-length 0 pragma no-cache server nginx x-tt-logid 2023072412003077A9B3EBF0F696B25506 x-cache-remote TCP_MISS from a23-39-229-22.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-) access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 46,23.39.229.22 x-tt-trace-host 015c91947f38d3c27845e9b099943b1b0d973ecf9a610f2e3a8f50967d5bdda5fb254f44ac89b93b0e1b524701d329e23303a7bf2db5747a7b413e0434d068bd5c549a186232a11936ab518032efb7a6e072572344990a3a4e723321a110721565b76fc2bf1a078f6585cca4ed31db6246 expires Mon, 24 Jul 2023 12:00:30 GMT
GET H2	200	/ Show response adservice.google.de/ddm/fls/i/dc_pre=CMCRl-Olp4ADFcSNsgod3XIAUw;src=11442981;type=testb0;cat=pagev0;ord=8399787007802.626;~oref=https://promo.libertex.org/ Frame B27C	194 B 515 B	128ms 59ms	Document text/html	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/ddm/fls/i/dc_pre=CMCRl-Olp4ADFcSNsgod3XIAUw;src=11442981;type=testb0;cat=pagev0;ord=8399787007802.626;~oref=https://promo.libertex.org/ Requested by Host: adservice.google.com URL: https://adservice.google.com/ddm/fls/i/dc_pre=CMCRl-Olp4ADFcSNsgod3XIAUw;src=11442981;type=testb0;cat=pagev0;ord=8399787007802.626;~oref=https://promo.libertex.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adservice.google.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-encoding br content-length 85 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 24 Jul 2023 12:00:30 GMT expires Mon, 24 Jul 2023 12:00:30 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	event Show response widget.us.criteo.com/ Redirect Chain https://sslwidget.criteo.com/event?a=%5B101568%2C61968%2C61966%2C101569%2C61967%2C101570%5D&v=5.16.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Ddis&adce=1&bundle=Jm7Im19QOHlpaHo0eDFOS1FzenoxUEolMkJlMXV1UDM0... https://widget.us.criteo.com/event?a=%5B101568%2C61968%2C61966%2C101569%2C61967%2C101570%5D&v=5.16.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Ddis&adce=1&bundle=Jm7Im19QOHlpaHo0eDFOS1FzenoxUEolMkJlMXV1UDM0...	40 KB 5 KB	383ms 131ms	Script application/x-javascript	74.119.119.150 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://widget.us.criteo.com/event?a=%5B101568%2C61968%2C61966%2C101569%2C61967%2C101570%5D&v=5.16.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Ddis&adce=1&bundle=Jm7Im19QOHlpaHo0eDFOS1FzenoxUEolMkJlMXV1UDM0USUyRlVYZTZnRzlQTVAlMkZoN0YlMkZ2TTNHMlQlMkYlMkZoV1Q3c3BtdEY3SEF4UmdRRjU3QzZWemMlMkJ1cWMwb3RxYnQ5UGtlT211WjN1WHclMkJjQUM5R0RHY1ZveGJiU1ZNRklDTGszWE52Skk0OXhWcmpBTUNmWXUwT3RHMSUyQmhtbDVqSVElM0QlM0Q&tld=libertex.org&dy=1&fu=https%253A%252F%252Fpromo.libertex.org%252Flp%252Fes-lm%252Fwelcome-bonus%252F%253Faff_id%253D50392%2526cxd%253D50392_673110_lb-35332_356771&ceid=1482c196-f4d4-419e-a89e-bbe5eb353e1d&dtycbr=90584 Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/welcome-bonus/?aff_id=50392&cxd=50392_673110_lb-35332_356771 Protocol H2 Server 74.119.119.150 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 41a8d8fd5ec7fec130566b92f8bf0c6a21f0251f0192c0d14a99bdd7ffa74795 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Mon, 24 Jul 2023 12:00:30 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; server Kestrel content-type application/x-javascript access-control-allow-origin * p3p NON DSP COR CURa PSA PSD OUR BUS NAV STA cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 19373202 timing-allow-origin * expires 0 Redirect headers pragma no-cache date Mon, 24 Jul 2023 12:00:29 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; server Kestrel access-control-allow-origin * location https://widget.us.criteo.com/event?a=%5B101568%2C61968%2C61966%2C101569%2C61967%2C101570%5D&v=5.16.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Ddis&adce=1&bundle=Jm7Im19QOHlpaHo0eDFOS1FzenoxUEolMkJlMXV1UDM0USUyRlVYZTZnRzlQTVAlMkZoN0YlMkZ2TTNHMlQlMkYlMkZoV1Q3c3BtdEY3SEF4UmdRRjU3QzZWemMlMkJ1cWMwb3RxYnQ5UGtlT211WjN1WHclMkJjQUM5R0RHY1ZveGJiU1ZNRklDTGszWE52Skk0OXhWcmpBTUNmWXUwT3RHMSUyQmhtbDVqSVElM0QlM0Q&tld=libertex.org&dy=1&fu=https%253A%252F%252Fpromo.libertex.org%252Flp%252Fes-lm%252Fwelcome-bonus%252F%253Faff_id%253D50392%2526cxd%253D50392_673110_lb-35332_356771&ceid=1482c196-f4d4-419e-a89e-bbe5eb353e1d&dtycbr=90584 cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 6604489 timing-allow-origin * content-length 0 expires 0
GET H2	200	api.min.css a.omappapi.com/app/js/	10 KB 3 KB	544ms 173ms	Stylesheet text/css	2400:52e0:1a01::1000:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://a.omappapi.com/app/js/api.min.css Requested by Host: a.opmnstr.com URL: https://a.opmnstr.com/app/js/api.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1a01::1000:1 Los Angeles, United States, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-LA1-1000 / Resource Hash e7225ca84f3cd329c5e5a1da414ffcca6cb6074292d03edd97e90157b4998395 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:31 GMT content-encoding br cdn-edgestorageid 1110 perma-cache HIT cdn-storageserver LA-244 cdn-cachedat 07/19/2023 14:02:52 cdn-pullzone 293267 last-modified Tue, 11 Jul 2023 19:53:29 GMT server BunnyCDN-LA1-1000 cdn-fileserver 389 cdn-requestpullcode 200 cdn-proxyver 1.04 etag W/"64adb339-2644" vary Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid efcab737-66db-4b75-ab55-ed485d5a01dd access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-requestid 9f837add2671d7d404bb7d9327dd3a2e cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	8811 Show response api.omappapi.com/v2/embed/	38 KB 9 KB	303ms 117ms	XHR application/json	18.66.112.92 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.omappapi.com/v2/embed/8811?d=promo.libertex.org Requested by Host: a.opmnstr.com URL: https://a.opmnstr.com/app/js/api.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.92 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-92.fra56.r.cloudfront.net Software Pagely Gateway/1.5.1 / Resource Hash 245b79025af5e007e4f67f6f45eae3c21f53f6b367feea8785a74dc588853a4c Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:31 GMT content-encoding gzip via 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront) x-cache-config 0 0 x-amz-cf-pop FRA56-P5 x-cache-status HIT x-cache Miss from cloudfront x-optinmonster-account 2794 x-user-agent standard-- last-modified Fri, 27 Jul 2018 09:59:17 GMT server Pagely Gateway/1.5.1 etag W/"6e32ebec9e1bdfe664a4bb7173a77be9" vary Accept-Encoding, User-Agent content-type application/json access-control-allow-origin * access-control-expose-headers X-OptinMonster-Account, X-User-Agent cache-control public, max-age=30, stale-while-revalidate=1800 access-control-allow-headers X-CSRF-Token x-amz-cf-id W6HmD64DD8lKsJctFGZ4me45e8pGcbcogsZIm1QrK197LlyoKuuqpQ== expires Mon, 24 Jul 2023 12:00:07 GMT
GET H2	200	18.08589474.min.js Show response a.opmnstr.com/app/js/	1 KB 1 KB	225ms 190ms	Script application/javascript	2400:52e0:1a01::1000:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://a.opmnstr.com/app/js/18.08589474.min.js Requested by Host: a.opmnstr.com URL: https://a.opmnstr.com/app/js/api.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1a01::1000:1 Los Angeles, United States, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-LA1-1000 / Resource Hash ff8633a0b9564aa1a545ec5366457da75f1dacb39c31b14675bf3f0df32e3e4e Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:31 GMT content-encoding br cdn-edgestorageid 1110 perma-cache HIT cdn-storageserver LA-342 cdn-cachedat 07/19/2023 14:02:58 cdn-pullzone 293267 last-modified Fri, 07 Jul 2023 21:09:58 GMT server BunnyCDN-LA1-1000 cdn-fileserver 625 cdn-requestpullcode 200 cdn-proxyver 1.04 etag W/"64a87f26-477" vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid efcab737-66db-4b75-ab55-ed485d5a01dd access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-requestid a0f77ea001d35e5ba2fa62796af2c77d cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	5.9b50a2cb.min.js Show response a.opmnstr.com/app/js/	14 KB 6 KB	215ms 181ms	Script application/javascript	2400:52e0:1a01::1000:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://a.opmnstr.com/app/js/5.9b50a2cb.min.js Requested by Host: a.opmnstr.com URL: https://a.opmnstr.com/app/js/api.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1a01::1000:1 Los Angeles, United States, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-LA1-1000 / Resource Hash b496cf13b59abf96a1cad8d55936efa429b138820e3ff2dcd6c82df558d95efa Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:31 GMT content-encoding br cdn-edgestorageid 986 perma-cache HIT cdn-storageserver LA-342 cdn-cachedat 07/19/2023 14:02:52 cdn-pullzone 293267 last-modified Fri, 07 Jul 2023 21:10:03 GMT server BunnyCDN-LA1-1000 cdn-fileserver 625 cdn-requestpullcode 200 cdn-proxyver 1.04 etag W/"64a87f2b-3683" vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid efcab737-66db-4b75-ab55-ed485d5a01dd access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-requestid 32fdaa97ab5efc0aec6d29524416f9c9 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	legacy-api.min.js Show response a.omappapi.com/app/js/	106 KB 31 KB	229ms 174ms	Script application/javascript	2400:52e0:1a01::1000:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://a.omappapi.com/app/js/legacy-api.min.js Requested by Host: a.opmnstr.com URL: https://a.opmnstr.com/app/js/api.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1a01::1000:1 Los Angeles, United States, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-LA1-1000 / Resource Hash 7fd16f7b8b1eb0cd4721280578f80246ed39976369573ef3b86bb4cff8dee4fa Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:31 GMT content-encoding br cdn-edgestorageid 852 perma-cache HIT cdn-storageserver LA-355 cdn-cachedat 07/19/2023 14:02:58 cdn-pullzone 293267 last-modified Tue, 04 Jul 2023 00:31:41 GMT server BunnyCDN-LA1-1000 cdn-fileserver 625 cdn-requestpullcode 200 cdn-proxyver 1.04 etag W/"64a3686d-1a7ad" vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid efcab737-66db-4b75-ab55-ed485d5a01dd access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-requestid a19eea5242f9e61b0a4f64f70794dd24 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.12.4/	95 KB 34 KB	759ms 20ms	Script text/javascript	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js Requested by Host: a.omappapi.com URL: https://a.omappapi.com/app/js/legacy-api.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 09:32:59 GMT content-encoding gzip x-content-type-options nosniff age 8853 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33951 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Tue, 23 Jul 2024 09:32:59 GMT
GET H3	200	act-bg.png promo.libertex.org/lp/es-lm/welcome-bonus/img/content/	2 KB 3 KB	91ms 90ms	Image image/png	2606:4700::6811:590e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://promo.libertex.org/lp/es-lm/welcome-bonus/img/content/act-bg.png Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/welcome-bonus/css/main.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:590e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6dc2e6c998e78bbaffa794417b38d99a5ded5b7394da53bcb90a9f6e0204a7ba Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/lp/es-lm/welcome-bonus/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:32 GMT cf-cache-status DYNAMIC last-modified Wed, 12 Jul 2023 13:26:04 GMT server cloudflare x-amz-request-id Z44385MHWRXCG5CQ etag "01404296c1ff3b7fbd132d034d8e14fc" vary Accept-Encoding content-type image/png cf-ray 7ebc00dc4885361d-FRA alt-svc h3=":443"; ma=86400 content-length 2401 x-amz-id-2 BpQiEcLqwjDQpzfRNo2FQAGkmTR4YiBFkJjVvemnFoS6zhU5yHArGj1M02oGMXOmqWuBGy/+CEk=
GET H3	200	tail.svg promo.libertex.org/lp/es-lm/welcome-bonus/img/svg/	257 B 477 B	90ms 90ms	Image image/svg+xml	2606:4700::6811:590e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://promo.libertex.org/lp/es-lm/welcome-bonus/img/svg/tail.svg Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/welcome-bonus/css/main.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:590e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9e80aa4136cdacee314808cc858d1ed1abb2e703b4688672598e542bea1e3188 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/lp/es-lm/welcome-bonus/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:32 GMT content-encoding br cf-cache-status DYNAMIC last-modified Wed, 12 Jul 2023 13:26:04 GMT server cloudflare x-amz-request-id Z44102HXF9GYJ9NZ etag W/"dc33eb501be88334cc61b5428b9bbd2d" vary Accept-Encoding content-type image/svg+xml cf-ray 7ebc00dc4886361d-FRA alt-svc h3=":443"; ma=86400 x-amz-id-2 8OzZv9gp5Mhl2OB6rTMn39Yjt+ecUi2kah7D0BhY6p4l3veQ+KWoJSkCeh3vUUUeGTJMsMrZZKg=
GET H2	200	sync x.bidswitch.net/ul_cb/ Frame B742 Redirect Chain https://x.bidswitch.net/sync?dsp_id=46&user_id=k-tvaZBSOsRyD5j6wHULkbvPuyS2KQvJp5j3PO_A&expires=30 https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-tvaZBSOsRyD5j6wHULkbvPuyS2KQvJp5j3PO_A&expires=30	43 B 343 B	42ms 3ms	Image image/gif	18.195.47.22 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-tvaZBSOsRyD5j6wHULkbvPuyS2KQvJp5j3PO_A&expires=30 Protocol H2 Server 18.195.47.22 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-195-47-22.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:32 GMT cache-control no-cache, no-store, must-revalidate content-length 43 content-type image/gif Redirect headers location https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-tvaZBSOsRyD5j6wHULkbvPuyS2KQvJp5j3PO_A&expires=30 date Mon, 24 Jul 2023 12:00:32 GMT cache-control no-cache, no-store, must-revalidate content-length 0
GET H2	200	cookiematch.aspx dis.criteo.com/dis/rtb/google/ Frame B742 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-f2DzsiOsRyD5j6wHULkbvPuyS2KT5oRG88fb8g&google_cm&google_hm=ay1mMkR6c2lPc1J5RDVqNndIVUxrYnZQdXlTMktUNW9SR... https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-f2DzsiOsRyD5j6wHULkbvPuyS2KT5oRG88fb8g&google_gid=CAESECWnJQoVINoyGG13NaOvK_M&google_cver=1&google_ula=913071,0	43 B 369 B	38ms 30ms	Image image/gif	178.250.1.9 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-f2DzsiOsRyD5j6wHULkbvPuyS2KT5oRG88fb8g&google_gid=CAESECWnJQoVINoyGG13NaOvK_M&google_cver=1&google_ula=913071,0 Protocol H2 Server 178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Mon, 24 Jul 2023 12:00:32 GMT strict-transport-security max-age=31536000; preload; server Kestrel p3p CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA' content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 541920 timing-allow-origin * expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers pragma no-cache date Mon, 24 Jul 2023 12:00:32 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-f2DzsiOsRyD5j6wHULkbvPuyS2KT5oRG88fb8g&google_gid=CAESECWnJQoVINoyGG13NaOvK_M&google_cver=1&google_ula=913071,0 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 398 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	cookiematch.aspx dis.criteo.com/dis/rtb/appnexus/ Frame B742 Redirect Chain https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4645943827642279514	43 B 370 B	42ms 41ms	Image image/gif	178.250.1.9 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4645943827642279514 Protocol H2 Server 178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Mon, 24 Jul 2023 12:00:32 GMT strict-transport-security max-age=31536000; preload; server Kestrel p3p CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA' content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 1312399 timing-allow-origin * expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers pragma no-cache date Mon, 24 Jul 2023 12:00:32 GMT an-x-request-uuid 33e1b5ec-f875-4177-92e0-c69036883df9 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4645943827642279514 x-proxy-origin 217.114.218.21; 217.114.218.21; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	bounce secure.adnxs.com/ Frame B742 Redirect Chain https://secure.adnxs.com/setuid?entity=52&code=k-XQwjcyOsRyD5j6wHULkbvPuyS2J11l86E154Dw https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-XQwjcyOsRyD5j6wHULkbvPuyS2J11l86E154Dw	43 B 906 B	37ms 36ms	Image image/gif	185.89.211.84 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-XQwjcyOsRyD5j6wHULkbvPuyS2J11l86E154Dw Protocol H2 Server 185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Mon, 24 Jul 2023 12:00:32 GMT an-x-request-uuid 0e6e27a2-258a-41d7-a68c-5f6e9870a457 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 217.114.218.21; 217.114.218.21; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Mon, 24 Jul 2023 12:00:32 GMT an-x-request-uuid f95b9c3c-0bf3-4623-a897-55d800213718 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 location https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-XQwjcyOsRyD5j6wHULkbvPuyS2J11l86E154Dw cache-control no-store, no-cache, private x-proxy-origin 217.114.218.21; 217.114.218.21; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	cksync.php contextual.media.net/ Frame B742	61 B 792 B	219ms 78ms	Image image/gif	23.35.228.23 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-KBa7AiOsRyD5j6wHULkbvPuyS2KoQzWDB7AmlQ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-228-23.deploy.static.akamaitechnologies.com Software Apache / Resource Hash cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000 date Mon, 24 Jul 2023 12:00:32 GMT server Apache p3p CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA content-type image/gif cache-control max-age=0, no-cache, no-store content-length 61 x-mnet-hl2 E expires Mon, 24 Jul 2023 12:00:32 GMT
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Frame B742	0 239 B	118ms 26ms	Image image/gif	69.173.144.139 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-eu4kYCOsRyD5j6wHULkbvPuyS2LEFo2tiWY82g&expires=30 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate X-RPHost 66ef90d06496cfd000aab8206f2b6221 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	204	v1 match.sharethrough.com/sync/ Frame B742	0 359 B	102ms 24ms	Image text/plain	3.66.4.34 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-6pgBRCOsRyD5j6wHULkbvPuyS2K5zyTOaaEUuw Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.66.4.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-66-4-34.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:32 GMT
GET H/1.1	200 OK	/ rtb-csync.smartadserver.com/redir/ Frame B742	43 B 163 B	120ms 35ms	Image image/gif	185.86.138.154 SMARTADSERVER
General Check archive.org Show headers Download Go to Show image Full URL https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-MpxwpiOsRyD5j6wHULkbvPuyS2Jfh_7Gy1djbg Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR), Reverse DNS Software / Resource Hash 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:31 GMT transfer-encoding chunked content-type image/gif
GET H2	200	/ sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame B742	0 99 B	167ms 28ms	Image text/plain	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-6_8UlyOsRyD5j6wHULkbvPuyS2LU5y53u95SMw Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:32 GMT access-control-allow-credentials true server nginx x-fastly-to-nlb-rtt 25743
GET H2	200	um criteo-sync.teads.tv/ Frame B742	23 B 163 B	279ms 66ms	Image image/gif	23.35.237.56 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://criteo-sync.teads.tv/um?eid=80&uid=k-0VKK2yOsRyD5j6wHULkbvPuyS2Lr1GZk6MLynQ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-237-56.deploy.static.akamaitechnologies.com Software akka-http/10.2.10 / Resource Hash 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers expires Mon, 24 Jul 2023 12:00:32 GMT pragma no-cache date Mon, 24 Jul 2023 12:00:32 GMT cache-control max-age=0, no-cache, no-store server akka-http/10.2.10 content-length 23 content-type image/gif
GET H2	200	xuid eb2.3lift.com/ Frame B742	37 B 140 B	147ms 39ms	Image image/gif	76.223.111.18 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/xuid?mid=2711&xuid=k-b2oJ8iOsRyD5j6wHULkbvPuyS2J8nrIDKbF1Hg&dongle=013b Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 76.223.111.18 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a0f671730127a0812.awsglobalaccelerator.com Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:32 GMT cache-control no-cache, no-store, must-revalidate content-length 37 content-type image/gif
GET H2	204	sync ups.analytics.yahoo.com/ups/58301/ Frame B742	0 125 B	186ms 21ms	Image text/plain	3.71.149.231 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-iMy35yOsRyD5j6wHULkbvPuyS2J2LTV8BWNWIw Protocol H2 Security TLS 1.3, , AES_256_GCM Server 3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-71-149-231.eu-central-1.compute.amazonaws.com Software ATS/9.1.10.64 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:32 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.64 age 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H2	200	pixel cm.adform.net/ Frame B742	43 B 163 B	204ms 25ms	Image image/gif	37.157.3.30 ADFORM
General Check archive.org Show headers Download Go to Show image Full URL https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-4tg22COsRyD5j6wHULkbvPuyS2JdHSX2wBQOZg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.3.30 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:33 GMT last-modified Fri, 07 Feb 2020 08:03:24 GMT server nginx accept-ranges bytes etag "5e3d19cc-2b" content-length 43 content-type image/gif
GET H2	200	sync visitor.omnitagjs.com/visitor/ Frame B742	49 B 343 B	185ms 106ms	Image image/gif	185.255.84.153 IGUANE-
General Check archive.org Show headers Download Go to Show image Full URL https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-gBWBiCOsRyD5j6wHULkbvPuyS2LE6WluGXqTbQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.255.84.153 , France, ASN200271 (IGUANE-, FR), Reverse DNS Software ayl-lb-fra02 / Resource Hash d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Mon, 24 Jul 2023 12:00:32 GMT x-content-type-options nosniff server ayl-lb-fra02 vary Accept-Encoding p3p CP="CAO PSA OUR" content-type image/gif cache-control no-cache, no-store, must-revalidate x-envoy-upstream-service-time 69 content-length 49 expires 0
GET H/1.1	200 OK	rum r.casalemedia.com/ Frame B742 Redirect Chain https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-xCfE9yOsRyD5j6wHULkbvPuyS2KLtEgtkQzovg https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-xCfE9yOsRyD5j6wHULkbvPuyS2KLtEgtkQzovg&C=1	43 B 766 B	27ms 27ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-xCfE9yOsRyD5j6wHULkbvPuyS2KLtEgtkQzovg&C=1 Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Pragma no-cache Date Mon, 24 Jul 2023 12:00:33 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=499 Content-Length 43 Expires 0 Redirect headers Pragma no-cache Date Mon, 24 Jul 2023 12:00:33 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location /rum?cm_dsp_id=20&external_user_id=k-xCfE9yOsRyD5j6wHULkbvPuyS2KLtEgtkQzovg&C=1 Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=500 Content-Length 0 Expires 0
GET H/1.1	200 OK	demconf.jpg dpm.demdex.net/ Frame B742 Redirect Chain https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 https://dpm.demdex.net/ibs:dpid=28645&dpuuid=Ni3FJ_Mxv2KrgbjC_mvbjFDcU8UUM8tY https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=Ni3FJ_Mxv2KrgbjC_mvbjFDcU8UUM8tY	42 B 942 B	51ms 51ms	Image image/gif	52.209.47.64 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=Ni3FJ_Mxv2KrgbjC_mvbjFDcU8UUM8tY Protocol HTTP/1.1 Server 52.209.47.64 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-209-47-64.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers DCS dcs-prod-irl1-2-v050-08fbac455.edge-irl1.demdex.com 2 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID g7ezw4WpSwE= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Content-Type image/gif Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers DCS dcs-prod-irl1-1-v050-02495e23f.edge-irl1.demdex.com 0 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID PaYTBcsySmk= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Location https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=Ni3FJ_Mxv2KrgbjC_mvbjFDcU8UUM8tY Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H/1.1	200	9.gif id5-sync.com/s/966/ Frame B742	43 B 1 KB	111ms 21ms	Image image/gif	162.19.138.120 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://id5-sync.com/s/966/9.gif?puid=k-3tlAGSOsRyD5j6wHULkbvPuyS2IWJYz-37RtCA Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR), Reverse DNS ns31533571.ip-162-19-138.eu Software / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers content-type image/gif;charset=UTF-8 date Mon, 24 Jul 2023 12:00:32 GMT strict-transport-security max-age=63072000; includeSubDomains; preload vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers transfer-encoding chunked p3p CP="CAO PSA OUR"
GET H2	200	match ad.360yield.com/ul_cb/ Frame B742 Redirect Chain https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-Tpr99iOsRyD5j6wHULkbvPuyS2LW0lmVVZ7W_g https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-Tpr99iOsRyD5j6wHULkbvPuyS2LW0lmVVZ7W_g	43 B 447 B	70ms 59ms	Image image/gif	54.73.195.199 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-Tpr99iOsRyD5j6wHULkbvPuyS2LW0lmVVZ7W_g Protocol H2 Server 54.73.195.199 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-73-195-199.eu-west-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers access-control-allow-origin * date Mon, 24 Jul 2023 12:00:33 GMT content-type image/gif content-length 43 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Redirect headers location https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-Tpr99iOsRyD5j6wHULkbvPuyS2LW0lmVVZ7W_g access-control-allow-origin * date Mon, 24 Jul 2023 12:00:33 GMT content-type text/plain content-length 0 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
GET H2	200	sync matching.ivitrack.com/ Frame B742	42 B 265 B	113ms 22ms	Image image/gif	34.117.157.22 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://matching.ivitrack.com/sync?realm=criteo&uid=k-_twMlyOsRyD5j6wHULkbvPuyS2KJQKHbYVrqvw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 22.157.117.34.bc.googleusercontent.com Software istio-envoy / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:32 GMT x-envoy-decorator-operation tag-manager.programmatic.svc.cluster.local:3000/* via 1.1 google server istio-envoy content-type image/gif cache-control public, max-age=86400 x-envoy-upstream-service-time 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42
GET H2	200	push exchange.mediavine.com/usersync/ Frame B742	0 882 B	164ms 27ms	Image text/html	3.124.69.230 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-8YsAJiOsRyD5j6wHULkbvPuyS2KtjybQf0T2Fw Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.124.69.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-124-69-230.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:33 GMT cache-control private, no-cache access-control-allow-credentials true content-encoding gzip vary Origin, Accept-Encoding content-type text/html; charset=utf-8
GET H/1.1	200 OK	cookie-sync sync.outbrain.com/ Frame B742	0 145 B	714ms 173ms	Image text/plain	38.133.127.159 AS-OUTBRAIN
General Check archive.org Show headers Download Go to Show image Full URL https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-pqhe1COsRyD5j6wHULkbvPuyS2K52ZPmWh7PWw&initiator=partner Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 38.133.127.159 , United States, ASN22075 (AS-OUTBRAIN, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Date Mon, 24 Jul 2023 12:00:33 GMT Cache-Control no-cache X-TraceId 4a7f2ea0826b2e17a585b923b813d9af Content-Length 0
GET H2	200	Pug simage2.pubmatic.com/AdServer/ Frame B742	42 B 586 B	296ms 35ms	Image image/gif	198.47.127.205 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-qkwNOiOsRyD5j6wHULkbvPuyS2JVIEEKzI_bqw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers content-type image/gif; charset=utf-8 date Mon, 24 Jul 2023 12:00:32 GMT cache-control no-store, no-cache, private server nginx content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H2	200	sync criteo-partners.tremorhub.com/ Frame B742	43 B 400 B	359ms 112ms	Image image/gif	2600:1f18:612b:4280:b83:98bc:f079:edb2 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://criteo-partners.tremorhub.com/sync?UICR=k-wRzLUSOsRyD5j6wHULkbvPuyS2IQuPX25lyAYQ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:612b:4280:b83:98bc:f079:edb2 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/' date Mon, 24 Jul 2023 12:00:33 GMT server nginx content-type image/gif
GET H2	200	getusermatch.php a.twiago.com/rtb/ Frame B742	43 B 153 B	251ms 34ms	Image image/gif	85.215.5.31 CRONON-BERLIN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-pV9xxyOsRyD5j6wHULkbvPuyS2I44HayzllFRg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE), Reverse DNS Software Apache / PHP/7.3.29 Resource Hash 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers access-control-allow-origin * date Mon, 24 Jul 2023 12:00:33 GMT server Apache x-powered-by PHP/7.3.29 content-length 43 content-type image/gif
GET H/1.1	204 No Content	m ad.yieldlab.net/ Frame B742	0 400 B	258ms 44ms	Image text/plain	23.35.237.75 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ad.yieldlab.net/m?dt_id=8664&ext_id=k--da8lyOsRyD5j6wHULkbvPuyS2IkMiSYyF0TKA Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.237.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-237-75.deploy.static.akamaitechnologies.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Pragma no-cache Date Mon, 24 Jul 2023 12:00:33 GMT Cache-Control no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0 Connection keep-alive Expires Sun, 23 Jul 2023 12:00:33 GMT
GET H2	200	sync sync-criteo.ads.yieldmo.com/ Frame B742	0 38 B	257ms 46ms	Image text/plain	54.170.50.92 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync-criteo.ads.yieldmo.com/sync?id=k-WCG8nSOsRyD5j6wHULkbvPuyS2KsXOlp7bj_3Q&pn_id=criteo&ext=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.170.50.92 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-170-50-92.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:33 GMT content-length 0
GET H2	204	put e1.emxdgt.com/ Frame B742	0 44 B	213ms 22ms	Image text/plain	18.194.63.102 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://e1.emxdgt.com/put?d=d53&uid=k-GacDcSOsRyD5j6wHULkbvPuyS2IQJ3FJoeBguA Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.194.63.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-194-63-102.eu-central-1.compute.amazonaws.com Software awselb/2.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 12:00:33 GMT server awselb/2.0
GET H2	204	usermatch.gif beacon.krxd.net/ Frame B742 Redirect Chain https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=lMt7ebR7vBhoKI-81x4wIjNygr_ipqaU	0 337 B	149ms 44ms	Image text/plain	108.128.74.29 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=lMt7ebR7vBhoKI-81x4wIjNygr_ipqaU Protocol H2 Server 108.128.74.29 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-108-128-74-29.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers x-served-by beacon-n016-dub-prod.krxd.net date Mon, 24 Jul 2023 12:00:33 GMT cache-control private, no-cache, no-store x-request-time D=33 t=1690200033 p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers location https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=lMt7ebR7vBhoKI-81x4wIjNygr_ipqaU date Mon, 24 Jul 2023 12:00:33 GMT cache-control private, max-age=0, no-cache, no-store, must-revalidate strict-transport-security max-age=31536000; preload; server Kestrel server-processing-duration-in-ticks 671926 content-length 0
GET H2	200	cs s.thebrighttag.com/ Frame B742 Redirect Chain https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=QRZuA60oTNwwB-KIwaFtNvQPY-2am-o7	35 B 268 B	379ms 116ms	Image image/gif	3.22.177.214 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=QRZuA60oTNwwB-KIwaFtNvQPY-2am-o7 Protocol H2 Server 3.22.177.214 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-22-177-214.us-east-2.compute.amazonaws.com Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Mon, 24 Jul 2023 12:00:33 GMT x-bt-requestid b19009e1-2a19-11ee-a075-0000ac170313 server nginx content-type image/gif access-control-allow-origin p3p CP=NOI DSP COR NID cache-control private, must-revalidate content-length 35 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers location https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=QRZuA60oTNwwB-KIwaFtNvQPY-2am-o7 date Mon, 24 Jul 2023 12:00:32 GMT cache-control private, max-age=0, no-cache, no-store, must-revalidate strict-transport-security max-age=31536000; preload; server Kestrel server-processing-duration-in-ticks 582431 content-length 0
POST H3	204	collect region1.google-analytics.com/g/	0 17 B	28ms 27ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-GGPG0HTS88&gtm=45je37j0&_p=1393340650&gdid=dYmQxMT&cid=470318773.1690200030&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEE&_s=3&sid=1690200030&sct=1&seg=0&dl=https%3A%2F%2Fpromo.libertex.org%2Flp%2Fes-lm%2Fwelcome-bonus%2F%3Faff_id%3D50392%26cxd%3D50392_673110_lb-35332_356771&dt=Libertex&en=form_start&ep.form_id=email-form&ep.form_name=email-form&ep.form_destination=https%3A%2F%2Fpromo.libertex.org%2Flp%2Fes-lm%2Fwelcome-bonus%2F%3Faff_id%3D50392%26cxd%3D50392_673110_lb-35332_356771&epn.form_length=19&ep.first_field_id=&ep.first_field_name=iso3&ep.first_field_type=&epn.first_field_position=6&_et=242 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-GGPG0HTS88 Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Mon, 24 Jul 2023 12:00:35 GMT server Golfe2 content-type text/plain access-control-allow-origin https://promo.libertex.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	collect region1.analytics.google.com/g/	0 17 B	28ms 27ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-8FE0VJVQNC&gtm=45je37j0&_p=1393340650&gdid=dYmQxMT&cid=470318773.1690200030&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEE&_s=3&sid=1690200030&sct=1&seg=0&dl=https%3A%2F%2Fpromo.libertex.org%2Flp%2Fes-lm%2Fwelcome-bonus%2F%3Faff_id%3D50392%26cxd%3D50392_673110_lb-35332_356771&dt=Libertex&en=form_start&ep.form_id=email-form&ep.form_name=email-form&ep.form_destination=https%3A%2F%2Fpromo.libertex.org%2Flp%2Fes-lm%2Fwelcome-bonus%2F%3Faff_id%3D50392%26cxd%3D50392_673110_lb-35332_356771&epn.form_length=19&ep.first_field_id=&ep.first_field_name=iso3&ep.first_field_type=&epn.first_field_position=6&_et=80 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-8FE0VJVQNC&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache date Mon, 24 Jul 2023 12:00:35 GMT server Golfe2 content-type text/plain access-control-allow-origin https://promo.libertex.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT