promo.libertex.org Open in urlscan Pro
2606:4700::6811:345f  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://tinyurl.com/5yxesktv HTTP 301
   https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

• https://11442981.fls.doubleclick.net/activityi;src=11442981;type=testb0;cat=pagev0;ord=5756060371325.429 HTTP 302
• https://11442981.fls.doubleclick.net/activityi;dc_pre=CPfiy92zv4ADFYvomgodzykBqg;src=11442981;type=testb0;cat=pagev0;ord=5756060371325.429

Request Chain 80

• https://gum.criteo.com/sid/json?origin=onetag&domain=libertex.org&sn=ChromeSyncframe&so=0&topUrl=promo.libertex.org&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
• https://mug.criteo.com/sid?cpp=KqUopnxKQlRLMHVjV1Bod204eTZFVytXb1dTMUZYb1pwYldodmZKNmh3cGJvYVhvS29RNHJFZjFxRk80REFreUNSSkRCdHJRUGlZNXdTNVQ4dE9PR1o3ZVA0QnJIV1B0RUIyYzI5aGhEYUxKNnRJZzBDVXo4aWJaaXVoNHVQRm9Wd3lmaDJJVmpmQ01JS25TTGNaSndXSDhXOVgwMnB2U0ZMWldTSXlQY0J3enUrdEQ2WDRQa1RxZGtERzl0RnQrVy9iemN4NEZTUy8xSUcwU2RWeGhEZjRnYVpvTHI4dTBodUQ5UGtpVjAyNTlCbk9NZThGNkFKMHIzZDdzRjd2cDZQK3ZZTWZXLzVLVEZrbUF2K05sMGpQRitTQT09fA&cppv=2

Request Chain 98

• https://sslwidget.criteo.com/event?a=%5B101568%2C61968%2C61966%2C101569%2C61967%2C101570%5D&v=5.17.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Ddis&adce=1&bundle=UjCKOV93Y0h3anRjSzMlMkJ1bXpUZiUyRlR2dDE5SnZOWDR5bVNxbTMlMkYlMkYlMkJpOCUyQlNIcnR3czhaNVM2SHBIUEc1elZYdVlROEpSNEFVWjQlMkIwOCUyQnB5anpQZUZuTlFTUm94MzVka0VnbUpKeHd1TVE3MTNxdUVYQ0hlTnpKSEtFNnQ1M1J6TyUyQmRXb3NVVFVjWFZPeWVEcEhPVHE3Q3lac3clM0QlM0Q&tld=libertex.org&dy=1&fu=https%253A%252F%252Fpromo.libertex.org%252Flp%252Fes-lm%252Fcryptominer%252F%253Futm_id%253D4rKF%2526utm_campaign%253Dminer%2526utm_source%253Dcriptoinforme_libertex%2526utm_content%253D728x90%2526utm_medium%253Dmedia%2526utm_country%253Dlm&ceid=3ff51d13-dc32-4e1f-a6c1-6f1d22c46eff&dtycbr=68909 HTTP 302
• https://widget.us.criteo.com/event?a=%5B101568%2C61968%2C61966%2C101569%2C61967%2C101570%5D&v=5.17.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Ddis&adce=1&bundle=UjCKOV93Y0h3anRjSzMlMkJ1bXpUZiUyRlR2dDE5SnZOWDR5bVNxbTMlMkYlMkYlMkJpOCUyQlNIcnR3czhaNVM2SHBIUEc1elZYdVlROEpSNEFVWjQlMkIwOCUyQnB5anpQZUZuTlFTUm94MzVka0VnbUpKeHd1TVE3MTNxdUVYQ0hlTnpKSEtFNnQ1M1J6TyUyQmRXb3NVVFVjWFZPeWVEcEhPVHE3Q3lac3clM0QlM0Q&tld=libertex.org&dy=1&fu=https%253A%252F%252Fpromo.libertex.org%252Flp%252Fes-lm%252Fcryptominer%252F%253Futm_id%253D4rKF%2526utm_campaign%253Dminer%2526utm_source%253Dcriptoinforme_libertex%2526utm_content%253D728x90%2526utm_medium%253Dmedia%2526utm_country%253Dlm&ceid=3ff51d13-dc32-4e1f-a6c1-6f1d22c46eff&dtycbr=68909

Request Chain 100

• https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-aUSgSIe4nk5Fb-CQZmdYKUC5nCQVlq3CTpKB7g&google_cm&google_hm=ay1hVVNnU0llNG5rNUZiLUNRWm1kWUtVQzVuQ1FWbHEzQ1RwS0I3Zw HTTP 302
• https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-aUSgSIe4nk5Fb-CQZmdYKUC5nCQVlq3CTpKB7g&google_gid=CAESEBJOoRZxhwG-HFSslc9z6ZA&google_cver=1&google_ula=913071,0

Request Chain 101

• https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
• https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5314594787817188162

Request Chain 102

• https://secure.adnxs.com/setuid?entity=52&code=k-mmqlP4e4nk5Fb-CQZmdYKUC5nCSAD6LWEzRI2g HTTP 307
• https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-mmqlP4e4nk5Fb-CQZmdYKUC5nCSAD6LWEzRI2g

Request Chain 113

• https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-eqbpPoe4nk5Fb-CQZmdYKUC5nCQnGWGKrhs-Lg HTTP 302
• https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-eqbpPoe4nk5Fb-CQZmdYKUC5nCQnGWGKrhs-Lg&C=1

Request Chain 114

• https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
• https://dpm.demdex.net/ibs:dpid=28645&dpuuid=N7lF6C5wmfoJV0d42bOfxM_-Key3i1ah HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=N7lF6C5wmfoJV0d42bOfxM_-Key3i1ah

Request Chain 116

• https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-9w3asoe4nk5Fb-CQZmdYKUC5nCQ1GvzRe-M3uA HTTP 302
• https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-9w3asoe4nk5Fb-CQZmdYKUC5nCQ1GvzRe-M3uA

Request Chain 125

• https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
• https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Lb47rSoxHv1HGZhRRq4iqPEaS2KdpEEn

Request Chain 126

• https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
• https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=KnoqjhlhaoVR7bWuLTTf5Ypr91Dw8xQz

126 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response promo.libertex.org/lp/es-lm/cryptominer/ Redirect Chain https://tinyurl.com/5yxesktv https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm	12 KB 4 KB	229ms 116ms	Document text/html	2606:4700::6811:345f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:345f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash be9e189bd4f20ca6daabebd53d2914c34590fc0d5cacdb371af35fa9272b734e Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7f0b00e608cd0a39-ARN content-encoding br content-type text/html date Thu, 03 Aug 2023 02:06:49 GMT last-modified Tue, 01 Aug 2023 12:17:01 GMT server cloudflare vary Accept-Encoding x-amz-id-2 HjqijdisultVYiPgYvdAHJM+6UWiVbRX8gKKwe1QzalUx+5YkfOyKxjX+cbrKN4WI7eaWA0D53c= x-amz-request-id HMSF7PT76D09F4D3 Redirect headers alt-svc h3=":443"; ma=86400 cache-control max-age=0, public, s-max-age=900, stale-if-error: 86400 cf-cache-status DYNAMIC cf-ray 7f0b00e1cbb598ea-ARN content-type text/html; charset=UTF-8 date Thu, 03 Aug 2023 02:06:49 GMT location https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm referrer-policy unsafe-url server cloudflare x-content-type-options nosniff x-tinyurl-redirect eyJpdiI6IjhLYnQ2OUU0TEl3VnQrcll2NlBWT0E9PSIsInZhbHVlIjoicVZXZXZGK0xxMTJUdTNEbndiNkljZ3JubmxyQWNNa3Q0UkgrSGFHSWFuNmg2eHJ6MWNxdFB2M1hHemJlTVFZV2xrV0Jib3dMYThYWEliOVZLam5EWFE9PSIsIm1hYyI6ImRhYTkxNDlhNWUxM2E2NGQ0MjUzNjA3YTlkZGQyOWE0YzAxZWJjNmQ1YTE4OGRhYTBkNWZmMzVmNDU2YmQ2MTAiLCJ0YWciOiIifQ== x-xss-protection 1; mode=block
GET H2	200	main.css promo.libertex.org/lp/es-lm/cryptominer/css/	44 KB 11 KB	144ms 141ms	Stylesheet text/css	2606:4700::6811:345f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://promo.libertex.org/lp/es-lm/cryptominer/css/main.css Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:345f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 66a7d4f7044abb2f8c0520db0144b782b69cdc0edd069da6274112c99c909903 Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:49 GMT content-encoding br cf-cache-status DYNAMIC last-modified Tue, 01 Aug 2023 12:17:00 GMT server cloudflare x-amz-request-id HMS05Z7GKKZGBAHT etag W/"1f19d6853821c1757290d9405317736b" vary Accept-Encoding content-type text/css cf-ray 7f0b00e6e9170a39-ARN alt-svc h3=":443"; ma=86400 x-amz-id-2 SyxcQJj2FWTkZOwjGmSaEfpMwiD4jtaA400Ly1WDm/ODLNr9ht4AewYfiMPrzai3mBA5cHVg7Jg=
GET H2	200	tp.widget.bootstrap.min.js Show response widget.trustpilot.com/bootstrap/v5/	21 KB 7 KB	189ms 58ms	Script application/x-javascript	52.222.236.94 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.236.94 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-94.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash b58109431c3adc92bccc460ac5dc394dc4f0979d24656f7a52503e6c77709d0b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff date Wed, 02 Aug 2023 06:03:58 GMT via 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P4 age 72172 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 6676 x-xss-protection 1; mode=block last-modified Wed, 03 May 2023 13:48:29 GMT server AmazonS3 etag "befec09eb386fc68a0869c8d1b529dd6" content-type application/x-javascript cache-control max-age=86400 accept-ranges bytes x-amz-cf-id hMsTBmz8zo3kOeo7ej3zIeckSNVylpktutUcFfSG9tT0E2pa-UjuCw==
GET H3	200	libertex-logo.svg promo.libertex.org/lp/es-lm/cryptominer/img/svg/	2 KB 1 KB	105ms 104ms	Image image/svg+xml	2606:4700::6811:345f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://promo.libertex.org/lp/es-lm/cryptominer/img/svg/libertex-logo.svg Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:345f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d8d996aaef7fdc50c9810ac57a888b1159cf0e6a120de463f97af9b726190b96 Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:49 GMT content-encoding br cf-cache-status DYNAMIC last-modified Tue, 01 Aug 2023 12:17:01 GMT server cloudflare x-amz-request-id HMS6NA9CN7028R83 etag W/"72bf39af25d30fbfcfc446f05af4a309" vary Accept-Encoding content-type image/svg+xml cf-ray 7f0b00e86c702d99-ARN alt-svc h3=":443"; ma=86400 x-amz-id-2 bAd4s8F9z5Vrt8u5TsWfZrD/vK8ozOekfMavrHRzuwo8NOoIVZtBssUah11IAL+TxxWKn+EHLtE=
GET H3	200	libertex-logo-mob.svg promo.libertex.org/lp/es-lm/cryptominer/img/svg/	2 KB 1 KB	142ms 139ms	Image image/svg+xml	2606:4700::6811:345f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://promo.libertex.org/lp/es-lm/cryptominer/img/svg/libertex-logo-mob.svg Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:345f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 207c2f634d72abaa19fe4aed2b4db9d497f74136f99c2ee8a7433b85c6787ddd Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:49 GMT content-encoding br cf-cache-status DYNAMIC last-modified Tue, 01 Aug 2023 12:17:01 GMT server cloudflare x-amz-request-id HMS5HE50RAXG6DHF etag W/"c2a75948d3ea441877ad0db97c48de59" vary Accept-Encoding content-type image/svg+xml cf-ray 7f0b00e86c752d99-ARN alt-svc h3=":443"; ma=86400 x-amz-id-2 MuW31YvcNC+pVWqFMaZq13iK1EErfpKnLUWa2ydFqVqLmw+6pRk6/LYKcM696oAbkxVCoPIhYds=
GET H3	200	hero.png promo.libertex.org/lp/es-lm/cryptominer/img/content/	213 KB 213 KB	173ms 170ms	Image image/png	2606:4700::6811:345f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://promo.libertex.org/lp/es-lm/cryptominer/img/content/hero.png Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:345f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b734d672246042ba60ac925eaf67164636d70a86bab1abf30c43438fb77d347d Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:49 GMT cf-cache-status DYNAMIC last-modified Tue, 01 Aug 2023 12:17:00 GMT server cloudflare x-amz-request-id HMS9P1P9KSK7CX7P etag "1e62928b61921374fd69944f61aa575e" vary Accept-Encoding content-type image/png cf-ray 7f0b00e86c782d99-ARN alt-svc h3=":443"; ma=86400 content-length 217991 x-amz-id-2 XU6+a+BsPNbGgGbTTguYkyUB6b7RFw/aUmi+g5Yt1KmZG3Zwa5put6GyCEQmeTMGujM/sEMjw8M=
GET H3	200	why1.png promo.libertex.org/lp/es-lm/cryptominer/img/content/	9 KB 9 KB	142ms 140ms	Image image/png	2606:4700::6811:345f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://promo.libertex.org/lp/es-lm/cryptominer/img/content/why1.png Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:345f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1cc15b57ec56e9930e95828f0ff9d65045b18b214cf118a73f64199071cafd41 Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:49 GMT cf-cache-status DYNAMIC last-modified Tue, 01 Aug 2023 12:17:01 GMT server cloudflare x-amz-request-id HMS27DZ4MB9GJ749 etag "66c584ee597d3251f01d2d269a78fa69" vary Accept-Encoding content-type image/png cf-ray 7f0b00e86c7a2d99-ARN alt-svc h3=":443"; ma=86400 content-length 9207 x-amz-id-2 2JTdusGOKcOXBPurXTAXEzLLpD4d5aIrk/1vCvlHOfdq1mPNqtdE4j9oO8QnfQ18SH+PVBccQQU=
GET H3	200	why2.png promo.libertex.org/lp/es-lm/cryptominer/img/content/	13 KB 13 KB	110ms 108ms	Image image/png	2606:4700::6811:345f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://promo.libertex.org/lp/es-lm/cryptominer/img/content/why2.png Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:345f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e1bca0a61f8ce6859e94b22c592b4b82b48ce40997aff9c6200a1985c4057e89 Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:49 GMT cf-cache-status DYNAMIC last-modified Tue, 01 Aug 2023 12:17:01 GMT server cloudflare x-amz-request-id HMSCWJBWXXW9D26V etag "08f312667ca8daac53c401a49c46729f" vary Accept-Encoding content-type image/png cf-ray 7f0b00e86c7b2d99-ARN alt-svc h3=":443"; ma=86400 content-length 12809 x-amz-id-2 DF8d0BdvIfrbKfD+L7ix5UnUHoiIxgbbfm+gKYJRgS3t2EjIu9PvqSBQYd3vmhZIJ8PloiTQu3g=
GET H3	200	why3.png promo.libertex.org/lp/es-lm/cryptominer/img/content/	13 KB 13 KB	147ms 145ms	Image image/png	2606:4700::6811:345f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://promo.libertex.org/lp/es-lm/cryptominer/img/content/why3.png Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:345f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bd4adc276f55e1e84a2f912e31e4dd94f54242b7be8be4be8ccb873cfadd63e7 Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:49 GMT cf-cache-status DYNAMIC last-modified Tue, 01 Aug 2023 12:17:01 GMT server cloudflare x-amz-request-id HMSAMA989GZ6YDW6 etag "f9f449d1e2a14b5f3d37887fa19fc1a0" vary Accept-Encoding content-type image/png cf-ray 7f0b00e86c7c2d99-ARN alt-svc h3=":443"; ma=86400 content-length 13144 x-amz-id-2 nTtEj2eUjcgaZ2WIE3e3ItIYSgTvXd2lhtnwkcx+feDo/q0ziMD28HUEeRTS45PAqIg4wEsLhbM=
GET H3	200	miner1.png promo.libertex.org/lp/es-lm/cryptominer/img/content/	6 KB 7 KB	289ms 286ms	Image image/png	2606:4700::6811:345f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://promo.libertex.org/lp/es-lm/cryptominer/img/content/miner1.png Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:345f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a649e958f5d88e8323873e007aac43e1c238278fc48dba97d96475aa557e31dc Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:49 GMT cf-cache-status DYNAMIC last-modified Tue, 01 Aug 2023 12:17:01 GMT server cloudflare x-amz-request-id HMS9BC96G2AQFV05 etag "76d76b6c3061ef7db5764c3e9504fbb9" vary Accept-Encoding content-type image/png cf-ray 7f0b00e86c7d2d99-ARN alt-svc h3=":443"; ma=86400 content-length 6446 x-amz-id-2 Ql/rON7xtE1fvytXTE0Dl6kSmjrslrQtEfAjHOxzM1R+b2Ix1KPt898cuzY7uLDRk/RjWALSVT4=
GET H3	200	miner2.png promo.libertex.org/lp/es-lm/cryptominer/img/content/	11 KB 12 KB	289ms 287ms	Image image/png	2606:4700::6811:345f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://promo.libertex.org/lp/es-lm/cryptominer/img/content/miner2.png Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:345f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fa43073d3bea10c7d362f7c588b9355711218aea39736e5b189d7abc89ac4d07 Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:49 GMT cf-cache-status DYNAMIC last-modified Tue, 01 Aug 2023 12:17:01 GMT server cloudflare x-amz-request-id HMSCFHMNHBPX8AJS etag "8441c77e2e1d07e1b45ab449bca4dcc0" vary Accept-Encoding content-type image/png cf-ray 7f0b00e86c7e2d99-ARN alt-svc h3=":443"; ma=86400 content-length 11747 x-amz-id-2 mVIqnSkcMbIBGmx/adXRG3ahZQ6miEdBGGJQS1GVB7kJpy0TdlZQ4mH5pQomS5YI7yj9BS/WeEA=
GET H3	200	miner3.png promo.libertex.org/lp/es-lm/cryptominer/img/content/	5 KB 6 KB	293ms 291ms	Image image/png	2606:4700::6811:345f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://promo.libertex.org/lp/es-lm/cryptominer/img/content/miner3.png Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:345f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ee3d7a3b9e134f13b898d2f6ba407e2d797e1e846d86e3a1c17b64f05569236c Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:49 GMT cf-cache-status DYNAMIC last-modified Tue, 01 Aug 2023 12:17:01 GMT server cloudflare x-amz-request-id HMS49K913NPZR01E etag "de922ddcb3304e9b59a1552ab309d1c1" vary Accept-Encoding content-type image/png cf-ray 7f0b00e86c7f2d99-ARN alt-svc h3=":443"; ma=86400 content-length 5429 x-amz-id-2 ByKYjDiXtxgIq5ieOUdfKBsSdliK7fgITolyKV0G6BiRuWL5tlHM84U0CN/VZsh3sWc+wagUHxE=
GET H3	200	join.png promo.libertex.org/lp/es-lm/cryptominer/img/content/	22 KB 23 KB	293ms 291ms	Image image/png	2606:4700::6811:345f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://promo.libertex.org/lp/es-lm/cryptominer/img/content/join.png Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:345f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 54a898a4a6eed430489e568943b411780f28ba4d843a9756dc9f2f6d6d0a798a Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:49 GMT cf-cache-status DYNAMIC last-modified Tue, 01 Aug 2023 12:17:01 GMT server cloudflare x-amz-request-id HMS8ZA8CFT1Q7XVY etag "8acd63032a472500dde279354f9c3b06" vary Accept-Encoding content-type image/png cf-ray 7f0b00e86c802d99-ARN alt-svc h3=":443"; ma=86400 content-length 22930 x-amz-id-2 06hZhn63EKHVnlm2aefXFEkB1R9zjXErBUBL19RpGv0JvzrcCcvh2oTORjEiEcVBSxLG5EU2698=
GET H3	200	bottom-logo.svg promo.libertex.org/lp/es-lm/cryptominer/img/svg/	5 KB 2 KB	295ms 292ms	Image image/svg+xml	2606:4700::6811:345f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://promo.libertex.org/lp/es-lm/cryptominer/img/svg/bottom-logo.svg Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:345f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6026b0d6d8b2e685102c0d737801eb53fae04e658c87fc17e6794cccd2f55bf2 Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:49 GMT content-encoding br cf-cache-status DYNAMIC last-modified Tue, 01 Aug 2023 12:17:01 GMT server cloudflare x-amz-request-id HMS0V08SHZSDFRB1 etag W/"3cc8eb23c5cbdd869283b97831f9401c" vary Accept-Encoding content-type image/svg+xml cf-ray 7f0b00e86c812d99-ARN alt-svc h3=":443"; ma=86400 x-amz-id-2 Kpgm7YysSHR24C+wXOS8wJJMeKemmFYey0WpWCKg4wHATolcY/2Cn1y8HQCql4GcfWOn2zLQONA=
GET H2	200	landing-api.min.2.2.2.js Show response lib.libertex.org/landing/js/	74 KB 23 KB	161ms 137ms	Script application/javascript	2606:4700::6811:345f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lib.libertex.org/landing/js/landing-api.min.2.2.2.js Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:345f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash facf08c34d30087f6e5280647dbfedc416da8be80594547d3e3ff23fe2ab28e6 Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:49 GMT content-encoding br cf-cache-status DYNAMIC last-modified Thu, 25 Nov 2021 10:54:30 GMT server cloudflare x-amz-request-id HMSEAP4DVR24G6MX etag W/"882bba95952c9d849e36f426d7379554" vary Accept-Encoding content-type application/javascript cf-ray 7f0b00e839aa0a39-ARN alt-svc h3=":443"; ma=86400 x-amz-id-2 u7dvpdda8TxPp86yd1GLDrzE82zeGlFTxj8TS65gjzNU80epkglEAYw/d8p5UOljJYev/xeNmzk=
GET H3	200	interface.js Show response promo.libertex.org/lp/es-lm/cryptominer/js/	3 KB 1 KB	106ms 105ms	Script application/javascript	2606:4700::6811:345f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://promo.libertex.org/lp/es-lm/cryptominer/js/interface.js Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:345f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 460d588d068264d104737e3ee1847ed3235fe0182d113e2100d452c5ef458edc Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:49 GMT content-encoding br cf-cache-status DYNAMIC last-modified Tue, 01 Aug 2023 12:17:01 GMT server cloudflare x-amz-request-id HMS2Z7WM53R6WWR6 etag W/"b5a56745eb4dce86ba94f69c0d8f5eb0" vary Accept-Encoding content-type application/javascript cf-ray 7f0b00e82c562d99-ARN alt-svc h3=":443"; ma=86400 x-amz-id-2 JEFMWumP7gxXpUR8HqHRERBck6frY61yAVqgVqOkpaqKPD8pTpVl1qMDqAF5lfdORyNaCT31Ljs=
GET H2	200	utag.js Show response tags.tiqcdn.com/utag/fxclub/main/prod/	187 KB 29 KB	214ms 63ms	Script application/javascript	2600:9000:223f:3a00:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:3a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c1c9c2f635ef893189ad15fba4d9332c14cf5df58e3ec80b1e3c2fca659fe5d4 Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers x-amz-version-id g3p3TmwLGydu45t7o2Fx74M8hCc0OXIo content-encoding br via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) date Thu, 03 Aug 2023 02:03:01 GMT last-modified Tue, 01 Aug 2023 07:52:13 GMT server AmazonS3 x-amz-cf-pop FRA56-P5 age 229 x-amz-server-side-encryption AES256 etag W/"c4407f022840edf547b87d26505bd5c7" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=300 x-amz-cf-id 0T-9EJ6snKo3RzE3p5XnxvX3NQFQeBkqwXFaGnRWt5xkt6Hi4nkjoA==
GET H3	200	herp-bg.jpg promo.libertex.org/lp/es-lm/cryptominer/img/content/	18 KB 19 KB	294ms 292ms	Image image/jpeg	2606:4700::6811:345f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://promo.libertex.org/lp/es-lm/cryptominer/img/content/herp-bg.jpg Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/cryptominer/css/main.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:345f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2e0fafc9b119fd349264c2847aec0c0e6d21654049a7f99d7727075be163fafa Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/lp/es-lm/cryptominer/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:49 GMT cf-cache-status DYNAMIC last-modified Tue, 01 Aug 2023 12:17:00 GMT server cloudflare x-amz-request-id HMS2Y52GF1BJ603T etag "9fe1f0a2cb55a935830976fdb8dec4ed" vary Accept-Encoding content-type image/jpeg cf-ray 7f0b00e86c822d99-ARN alt-svc h3=":443"; ma=86400 content-length 18789 x-amz-id-2 nH4Hvu8yltT17S8p3smvvJfhvkgWi72MSXboRIWN1ghZx2dNzdALtkXfN4CAW2iaA4RMJPalLSA=
GET H3	200	plus.svg promo.libertex.org/lp/es-lm/cryptominer/img/svg/	253 B 485 B	294ms 293ms	Image image/svg+xml	2606:4700::6811:345f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://promo.libertex.org/lp/es-lm/cryptominer/img/svg/plus.svg Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/cryptominer/css/main.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:345f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ba39f6b007a5a321955fafd442d2828b0c48e31a12da0728d5ff776b5e7209e0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/lp/es-lm/cryptominer/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:49 GMT content-encoding br cf-cache-status DYNAMIC last-modified Tue, 01 Aug 2023 12:17:01 GMT server cloudflare x-amz-request-id HMSCKHC78ZV75ZXG etag W/"9e4c950bcfd03558254a319a416a4eb8" vary Accept-Encoding content-type image/svg+xml cf-ray 7f0b00e86c842d99-ARN alt-svc h3=":443"; ma=86400 x-amz-id-2 SlEJ2e7HRoxyWhbuyOsICoUmRU6uHQuWJez+h/xJoNUMllEFCZTVO8m3K2YWxXZryFXMSH2Pe5w=
GET H3	200	join-bg.jpg promo.libertex.org/lp/es-lm/cryptominer/img/content/	15 KB 15 KB	294ms 293ms	Image image/jpeg	2606:4700::6811:345f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://promo.libertex.org/lp/es-lm/cryptominer/img/content/join-bg.jpg Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/cryptominer/css/main.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:345f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d7c56d672b5cae5f936dddc190ea85542c6a68e59d9a4dd1be596ce8eb2a8e3b Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/lp/es-lm/cryptominer/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:49 GMT cf-cache-status DYNAMIC last-modified Tue, 01 Aug 2023 12:17:01 GMT server cloudflare x-amz-request-id HMS108NC02HJYY0K etag "a25dc8506ac5e40ae9dc1fca8f3aea44" vary Accept-Encoding content-type image/jpeg cf-ray 7f0b00e86c852d99-ARN alt-svc h3=":443"; ma=86400 content-length 15127 x-amz-id-2 CU7O74IPTR4jktxHqwm07BiBqoF1GMg2kKAttBIoB0xQdvpH+9kxTe1D2/wYxqxwJqERQEZi4zc=
GET DATA	200 OK	truncated /	279 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash efb4386474d27a0ab69f21348cc6f6d3817ea83dbb8382bdb947cb5b4a857306 Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	mont-semibold.woff2 promo.libertex.org/lp/es-lm/cryptominer/fonts/mont/mont-semibold/	42 KB 43 KB	293ms 292ms	Font binary/octet-stream	2606:4700::6811:345f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://promo.libertex.org/lp/es-lm/cryptominer/fonts/mont/mont-semibold/mont-semibold.woff2 Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/cryptominer/css/main.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:345f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e377670313d0df5aea0827e47e513ec1faf566945296b9e50b2eca7c1e048527 Request headers Referer https://promo.libertex.org/lp/es-lm/cryptominer/css/main.css Origin https://promo.libertex.org accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:49 GMT cf-cache-status DYNAMIC last-modified Tue, 01 Aug 2023 12:17:00 GMT server cloudflare x-amz-request-id HMSD43WGA20GW8K2 etag "a22974a265089b8d96a0b9969289e444" vary Accept-Encoding content-type binary/octet-stream cf-ray 7f0b00e86c862d99-ARN alt-svc h3=":443"; ma=86400 content-length 43364 x-amz-id-2 xL4TmUrakS5DP/a1cCnPl5Pq52i9kPUfx4uwOqyC3P0r7ll0OnjLFxf1LZNZJ/JSyh/z+9cf1Gg=
GET H3	200	mont-bold.woff2 promo.libertex.org/lp/es-lm/cryptominer/fonts/mont/mont-bold/	42 KB 42 KB	296ms 295ms	Font binary/octet-stream	2606:4700::6811:345f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://promo.libertex.org/lp/es-lm/cryptominer/fonts/mont/mont-bold/mont-bold.woff2 Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/cryptominer/css/main.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:345f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0d9e0e4b6636bab12f4f0e583c231a6504e0d243c57774554c1397a43ab292c5 Request headers Referer https://promo.libertex.org/lp/es-lm/cryptominer/css/main.css Origin https://promo.libertex.org accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:49 GMT cf-cache-status DYNAMIC last-modified Tue, 01 Aug 2023 12:17:00 GMT server cloudflare x-amz-request-id HMSB0SD1QGHRWPBQ etag "22d74a57af7e4c8524c6cb27cb37cfca" vary Accept-Encoding content-type binary/octet-stream cf-ray 7f0b00e86c872d99-ARN alt-svc h3=":443"; ma=86400 content-length 42992 x-amz-id-2 RG5irDjtty9HW8bes2sYYvsTWJ/ykwl2tGij6ae2WGawshQnOAVkAPB5zXjcSJ4k135pw8h69oI=
GET H3	200	mont-regular.woff2 promo.libertex.org/lp/es-lm/cryptominer/fonts/mont/mont-regular/	41 KB 41 KB	309ms 308ms	Font binary/octet-stream	2606:4700::6811:345f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://promo.libertex.org/lp/es-lm/cryptominer/fonts/mont/mont-regular/mont-regular.woff2 Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/cryptominer/css/main.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:345f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 51b613344f05c6eb7fab6733e8ec2d10a2a0b2ec981e1c4647416d60eac72a81 Request headers Referer https://promo.libertex.org/lp/es-lm/cryptominer/css/main.css Origin https://promo.libertex.org accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:49 GMT cf-cache-status DYNAMIC last-modified Tue, 01 Aug 2023 12:17:00 GMT server cloudflare x-amz-request-id HMS4F6RNK17KBN6X etag "bdcff66d9e4d966e3a3e9627056046ff" vary Accept-Encoding content-type binary/octet-stream cf-ray 7f0b00e86c882d99-ARN alt-svc h3=":443"; ma=86400 content-length 42020 x-amz-id-2 OKMK5Uuls2vtfcikJDswhsJ63tDweuJhbC9HW6VR/8dwi9Xe+LRecI1OOaQkvw2OZeZ3XAlFxNI=
GET H3	200	instagram.svg promo.libertex.org/lp/es-lm/cryptominer/img/svg/	2 KB 1 KB	308ms 307ms	Image image/svg+xml	2606:4700::6811:345f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://promo.libertex.org/lp/es-lm/cryptominer/img/svg/instagram.svg Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:345f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a0ed094938010c59d84ad0a2b511cad9c6a7c932b5b9c278a818247fa374d43c Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:49 GMT content-encoding br cf-cache-status DYNAMIC last-modified Tue, 01 Aug 2023 12:17:01 GMT server cloudflare x-amz-request-id HMS7TTPN3D3DQ77J etag W/"5d6faf973fc4a56a706d8a9775b4ee9f" vary Accept-Encoding content-type image/svg+xml cf-ray 7f0b00e87c9e2d99-ARN alt-svc h3=":443"; ma=86400 x-amz-id-2 o969zsNhaLe0pbdmk0IMsUPNY2i534Xb5YEzrhZHSMDVdP+0FzOLLQDUn3qDmFYmJ1Z2E0v+Ufg=
GET H3	200	tiktok.svg promo.libertex.org/lp/es-lm/cryptominer/img/svg/	502 B 625 B	308ms 307ms	Image image/svg+xml	2606:4700::6811:345f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://promo.libertex.org/lp/es-lm/cryptominer/img/svg/tiktok.svg Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:345f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f1e538805a70b6a9a1354ab8f8faea11eb48f668b14c6d2a62ee7670fadb23f8 Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:49 GMT content-encoding br cf-cache-status DYNAMIC last-modified Tue, 01 Aug 2023 12:17:01 GMT server cloudflare x-amz-request-id HMS3QBNTMPTRNC20 etag W/"0f05b2dfb886ae1de90b0dbf58e1e7bc" vary Accept-Encoding content-type image/svg+xml cf-ray 7f0b00e87c9f2d99-ARN alt-svc h3=":443"; ma=86400 x-amz-id-2 Ld+xQzJikFYh9LwQlFfAxmE1UJ15vpV9viao4cyP9ccV/B/Tc2TNEnziHjYHJ7KLoGRoTIiugY0=
GET H3	200	twitter.svg promo.libertex.org/lp/es-lm/cryptominer/img/svg/	545 B 617 B	309ms 308ms	Image image/svg+xml	2606:4700::6811:345f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://promo.libertex.org/lp/es-lm/cryptominer/img/svg/twitter.svg Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:345f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 872725ab6b75dd0925eb710226bf897dcccdefd630fcc954f3e73482ffebd750 Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:49 GMT content-encoding br cf-cache-status DYNAMIC last-modified Tue, 01 Aug 2023 12:17:01 GMT server cloudflare x-amz-request-id HMS3E8K36P22NK0G etag W/"93cb9468732f6452334135f44080d206" vary Accept-Encoding content-type image/svg+xml cf-ray 7f0b00e87ca02d99-ARN alt-svc h3=":443"; ma=86400 x-amz-id-2 2+Vykic5o2TlZpHtYIy9kvjKSUqgRcRiTfI24sXg7vyl9LRrA142nP1niXNaAMdlDNmcP+TWOH8=
GET H3	200	youtube.svg promo.libertex.org/lp/es-lm/cryptominer/img/svg/	630 B 659 B	309ms 308ms	Image image/svg+xml	2606:4700::6811:345f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://promo.libertex.org/lp/es-lm/cryptominer/img/svg/youtube.svg Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:345f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 08509a4fede4c03053224282a6674e035fd2db88534102f7fedb8e11b1d48aa8 Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:49 GMT content-encoding br cf-cache-status DYNAMIC last-modified Tue, 01 Aug 2023 12:17:01 GMT server cloudflare x-amz-request-id HMSFMZJV7RKAY94G etag W/"f950efcf23d132f1d03cd7a420ca44df" vary Accept-Encoding content-type image/svg+xml cf-ray 7f0b00e87ca12d99-ARN alt-svc h3=":443"; ma=86400 x-amz-id-2 g6qJ0Ona2MFuP/cfLs7/UPvHf4xw7asnA1EOfNHOvW4Ynt80cowX7geLhaUxc5qmV1Fp2yCcfA4=
GET H3	200	fb.svg promo.libertex.org/lp/es-lm/cryptominer/img/svg/	688 B 660 B	309ms 308ms	Image image/svg+xml	2606:4700::6811:345f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://promo.libertex.org/lp/es-lm/cryptominer/img/svg/fb.svg Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:345f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a113ab6cc8a7250b61cec8260394039a2f7b8dbfc10c4819ef4b9d42910e37ec Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:49 GMT content-encoding br cf-cache-status DYNAMIC last-modified Tue, 01 Aug 2023 12:17:01 GMT server cloudflare x-amz-request-id HMSCEJTCRYX56PTJ etag W/"ae5ab6fb3513e19c11ef1a9adae6ea6d" vary Accept-Encoding content-type image/svg+xml cf-ray 7f0b00e87ca22d99-ARN alt-svc h3=":443"; ma=86400 x-amz-id-2 a5UbsousuVBxvw4hPID4pnwXs4y5IoeQwI0QkcFbq4Zrg40c1Mxsih4FPoF7Q3Ar5K5ipqZw098=
GET H2	200	1d748c70657620f9a1eb00240cb4bc6c72fed247 Show response api-account.libertex.org/v1/init/	9 KB 5 KB	312ms 225ms	XHR application/json	2606:4700::6810:b70a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api-account.libertex.org/v1/init/1d748c70657620f9a1eb00240cb4bc6c72fed247?sdk=javascript&v=1691028409799 Requested by Host: lib.libertex.org URL: https://lib.libertex.org/landing/js/landing-api.min.2.2.2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:b70a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef6f2f38b90f99d5418927e828fa369eb0fb242c61bde64c8b0341ca29674b35 Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:50 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare vary Accept-Encoding content-type application/json; charset=UTF-8 access-control-allow-origin * cf-ray 7f0b00e9ed822dfa-ARN access-control-allow-headers X-Forwarded-For alt-svc h3=":443"; ma=86400
GET H2	200	index.html Show response widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/ Frame E6A4	8 KB 3 KB	56ms 55ms	Document text/html	52.222.236.94 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/index.html?templateId=5406e65db0d04a09e042d5fc&businessunitId=5a1e8d6b0000ff0005b1ddbc Requested by Host: widget.trustpilot.com URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.236.94 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-94.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 85856354a51b4bbd2fb9d9b290bb98355b86fb4a9a91e9ee58afe6dcf2d4ce84 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://promo.libertex.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers accept-ranges bytes age 76269 cache-control max-age=86400 content-encoding gzip content-length 2109 content-type text/html date Wed, 02 Aug 2023 05:08:06 GMT etag "991f71c8583c65f71143c6e83300ea2e" last-modified Mon, 08 May 2023 11:39:52 GMT server AmazonS3 strict-transport-security max-age=31536000 via 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront) x-amz-cf-id z-x7cH226vORFYSk1YaXMBakolCQt-_zFwp1DHegEGBIGMAxpIHqAA== x-amz-cf-pop FRA56-P4 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	main.js Show response widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/ Frame E6A4	52 KB 16 KB	64ms 64ms	Script application/x-javascript	52.222.236.94 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/main.js Requested by Host: widget.trustpilot.com URL: https://widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/index.html?templateId=5406e65db0d04a09e042d5fc&businessunitId=5a1e8d6b0000ff0005b1ddbc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.236.94 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-94.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 7930f8fe550eb2eb38ac682205664ab072a4573b911831aff82f7f65433e6e37 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/index.html?templateId=5406e65db0d04a09e042d5fc&businessunitId=5a1e8d6b0000ff0005b1ddbc User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff date Wed, 02 Aug 2023 02:57:43 GMT via 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P4 age 83347 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 16291 x-xss-protection 1; mode=block last-modified Mon, 08 May 2023 11:40:00 GMT server AmazonS3 etag "50eae10ede15e24d7015244f10951876" content-type application/x-javascript cache-control max-age=86400 accept-ranges bytes x-amz-cf-id 8jFX4yqQDizHRSkg5_YBkaIaU-YNJfXIGlHNXJGPn1UbA7GobOc6ZQ==
GET H2	200	utag.505.js Show response tags.tiqcdn.com/utag/fxclub/main/prod/	20 KB 5 KB	95ms 91ms	Script application/javascript	2600:9000:223f:3a00:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.505.js?utv=ut4.46.202102051128 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:3a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 99c332538feb84b3bc8f8ab05e438700b7df50bef1e737ab711330ee06fb068a Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers x-amz-version-id _URmVaqDh2CGTBouiBnn_EzQ.PIY.dDZ content-encoding br via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) date Thu, 03 Aug 2023 02:06:49 GMT last-modified Tue, 01 Aug 2023 07:52:12 GMT server AmazonS3 x-amz-cf-pop FRA56-P5 age 42 x-amz-server-side-encryption AES256 etag W/"df72d8fa0ef3b6a1d5e092b682f52bf9" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id FOmv3s7kIkdgRVVQwj7kTyv0Lz_MI2lWN4zALflUFKJ5xoTSzpwQ4w==
GET H2	200	utag.484.js Show response tags.tiqcdn.com/utag/fxclub/main/prod/	1 KB 1 KB	453ms 449ms	Script application/javascript	2600:9000:223f:3a00:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.484.js?utv=ut4.46.201611111701 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:3a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a14b42447bdc258747d60e9933a2520816e6f25b9736e4737b039ee51bdf43de Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers x-amz-version-id gTkSTtoPVq0nnMy4kPgf8L1t5Gt9w8GM content-encoding br via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) date Thu, 03 Aug 2023 02:06:51 GMT last-modified Tue, 01 Aug 2023 07:52:01 GMT server AmazonS3 x-amz-cf-pop FRA56-P5 x-amz-server-side-encryption AES256 etag W/"f8ed0040d16e59764c921ac4a6a599f9" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id zA1ejKIMucyq35SJoZv2yr8kFmn9f2jpl7XVc458q1s6tjsLo7H_-A==
GET H2	200	utag.503.js Show response tags.tiqcdn.com/utag/fxclub/main/prod/	9 KB 3 KB	93ms 89ms	Script application/javascript	2600:9000:223f:3a00:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.503.js?utv=ut4.46.202111081405 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:3a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 24ac44951a5810ef09b6dbe55184cb9c4ba78ddd358ff286d15094069fb9e09b Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers x-amz-version-id B61nV4aFbzVZWUaBl2vy_xzZ5IuXM3Be content-encoding br via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) date Thu, 03 Aug 2023 02:05:21 GMT last-modified Tue, 01 Aug 2023 07:51:57 GMT server AmazonS3 x-amz-cf-pop FRA56-P5 age 89 x-amz-server-side-encryption AES256 etag W/"107dd5c47782a09b4409b6a063d8edd9" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id Yz2iGWgeU7faWH7taebdFwRcsxWgfY12A_2XYy15x8inkmF-XplQ2Q==
GET H2	200	utag.596.js Show response tags.tiqcdn.com/utag/fxclub/main/prod/	7 KB 2 KB	196ms 192ms	Script application/javascript	2600:9000:223f:3a00:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.596.js?utv=ut4.46.201907011259 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:3a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 6cef23434a423cd6cdb2be1f075f9594aa67e1ccb0c757628fef8b673e918c37 Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers x-amz-version-id xoYqak7hcs6e8uR294FW2bK6OTFqPpkq content-encoding br via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) date Thu, 03 Aug 2023 02:06:51 GMT last-modified Tue, 01 Aug 2023 07:51:57 GMT server AmazonS3 x-amz-cf-pop FRA56-P5 x-amz-server-side-encryption AES256 etag W/"0acdf1e5bfe64d76719f6d5564461f12" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id ywLTcGtsS19ZnCrndpI0NBKbebCxJ6FzGp8Ww4hWmZnCNb569aXxUQ==
GET H2	200	utag.541.js Show response tags.tiqcdn.com/utag/fxclub/main/prod/	3 KB 2 KB	92ms 89ms	Script application/javascript	2600:9000:223f:3a00:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.541.js?utv=ut4.46.202304110819 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:3a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 27a994d54fc349fbdb9941a991de284792933af972e3ff4df06bd4f83fcf3deb Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers x-amz-version-id EiauUKFcnei8v8y6fBjIjCF.yiJYSYUt content-encoding br via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) date Thu, 03 Aug 2023 02:03:39 GMT last-modified Tue, 01 Aug 2023 07:52:11 GMT server AmazonS3 x-amz-cf-pop FRA56-P5 age 190 x-amz-server-side-encryption AES256 etag W/"5cd0b8636c24984298a21e3f31b3bc03" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id -ckp2AGAE8k4DuhPSUv5fuygaIF_xJqwlaTXS_Pcy1arWaXDguWUkA==
GET H2	200	utag.548.js Show response tags.tiqcdn.com/utag/fxclub/main/prod/	10 KB 3 KB	89ms 86ms	Script application/javascript	2600:9000:223f:3a00:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.548.js?utv=ut4.46.201804170814 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:3a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 706e3ebf0ada821d7917fe890410b3004e7247604a498ff807f961ac510762d4 Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers x-amz-version-id KDUFhqHhMAyDidBT.Op.ffm_lolFu5zZ content-encoding br via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) date Thu, 03 Aug 2023 02:02:40 GMT last-modified Tue, 01 Aug 2023 07:52:07 GMT server AmazonS3 x-amz-cf-pop FRA56-P5 age 250 x-amz-server-side-encryption AES256 etag W/"d00a01661b3ef195352b71ba700ce0c4" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id BG3Sc8SMtdbqKTgpQY1XxgzLeeg9vDnRN9FTWAFgDNbyFFv11zda-w==
GET H2	200	utag.607.js Show response tags.tiqcdn.com/utag/fxclub/main/prod/	4 KB 2 KB	93ms 89ms	Script application/javascript	2600:9000:223f:3a00:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.607.js?utv=ut4.46.202201100844 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:3a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash cb142855081a3e9b3d3e33f0c65a7c16eb89740ed39e4b8668da470f680f8fe5 Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers x-amz-version-id rE6cLj5gKQpVkRsElKe0t53Rbff94I8i content-encoding br via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) date Thu, 03 Aug 2023 02:03:20 GMT last-modified Tue, 01 Aug 2023 07:52:04 GMT server AmazonS3 x-amz-cf-pop FRA56-P5 age 209 x-amz-server-side-encryption AES256 etag W/"dea237a20a6d15ecb222d828a01485e6" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id zXg_7ajbluic27hAqKkNGMWyPm6RkJ51E1zdd98etK00e7V6nl3i0A==
GET H2	200	utag.654.js Show response tags.tiqcdn.com/utag/fxclub/main/prod/	3 KB 2 KB	90ms 87ms	Script application/javascript	2600:9000:223f:3a00:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.654.js?utv=ut4.46.202010010807 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:3a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash bc5b842ba199ba2b4bfb6961dcc3e4a139b3d484fecb9492098247e48b49df03 Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers x-amz-version-id wKEcwtgxk0kXdiTUTvDDAiBp5OZDqaXx content-encoding br via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) date Thu, 03 Aug 2023 02:03:04 GMT last-modified Tue, 01 Aug 2023 07:51:57 GMT server AmazonS3 x-amz-cf-pop FRA56-P5 age 225 x-amz-server-side-encryption AES256 etag W/"4276ef878b52bfc9fe6776afcdaef8e2" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id mAkJqpHqVxgFwOU_YNjpTQRJhCH1dqBH39W0RsBYDfJKjyyMbNLYLQ==
GET H2	200	utag.657.js Show response tags.tiqcdn.com/utag/fxclub/main/prod/	8 KB 3 KB	90ms 87ms	Script application/javascript	2600:9000:223f:3a00:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.657.js?utv=ut4.46.202304121450 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:3a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 46e059bef9fb7a058f5d55865749c17e7d4df930fbd9e67d27ef6fdf5365ca0b Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers x-amz-version-id QgTcJd6HkS0SQAFHtobhVWtGwgrYxMnd content-encoding br via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) date Thu, 03 Aug 2023 02:02:40 GMT last-modified Tue, 01 Aug 2023 07:52:08 GMT server AmazonS3 x-amz-cf-pop FRA56-P5 age 250 x-amz-server-side-encryption AES256 etag W/"7c24de2594ff540e75b79d6888ab9bf2" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id MO54a-zEV38tuw9BK7D6R7VUCI97VCWdErzCCO8XTIuv8FVtYgPZ-Q==
GET H2	200	utag.692.js Show response tags.tiqcdn.com/utag/fxclub/main/prod/	4 KB 2 KB	91ms 88ms	Script application/javascript	2600:9000:223f:3a00:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.692.js?utv=ut4.46.202110210846 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:3a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1da9cae57467845425632f2a0fc5138b18b01a4818017df99ea9228d8b1706b2 Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers x-amz-version-id LjBKyMXTV20SL97BPjySend3Fg_8eU6d content-encoding br via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) date Thu, 03 Aug 2023 02:02:04 GMT last-modified Tue, 01 Aug 2023 07:52:09 GMT server AmazonS3 x-amz-cf-pop FRA56-P5 age 286 x-amz-server-side-encryption AES256 etag W/"ff7ecc257ff7baccd6db8a453b6c3de4" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id HIHu_X-ZWnySDyemw99zU-LRVhgRkPd-wv_AdWUak1alBHqBdpkoUA==
GET H2	200	utag.705.js Show response tags.tiqcdn.com/utag/fxclub/main/prod/	16 KB 6 KB	131ms 128ms	Script application/javascript	2600:9000:223f:3a00:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.705.js?utv=ut4.46.202205050828 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:3a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d25084af8f72b101e171d1a9b42516b3433d57a1ea55844c48717a062d34dda5 Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers x-amz-version-id htJzdwqRnB_Yh2WnFIz3WItOJuS_yloW content-encoding br via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) date Thu, 03 Aug 2023 02:02:04 GMT last-modified Tue, 01 Aug 2023 07:52:06 GMT server AmazonS3 x-amz-cf-pop FRA56-P5 age 287 x-amz-server-side-encryption AES256 etag W/"b3f56f8bf293d22ab2c34a3a770e17df" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id YhzLpAZN_D7mkX6DCTpzNLLsG5uxNZAdomyqdq9kmgZ43Abl2Qh5ig==
GET H2	200	utag.731.js Show response tags.tiqcdn.com/utag/fxclub/main/prod/	7 KB 3 KB	134ms 131ms	Script application/javascript	2600:9000:223f:3a00:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.731.js?utv=ut4.46.202302031206 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:3a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f556fed29c781adfdce63404e2e5639790542520d1f7b653c8ddd7793dd3f315 Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers x-amz-version-id XtD5.0vC1pgCJtr0Hh9t61dkd8qeNOmj content-encoding br via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) date Thu, 03 Aug 2023 02:03:39 GMT last-modified Tue, 01 Aug 2023 07:51:56 GMT server AmazonS3 x-amz-cf-pop FRA56-P5 age 192 x-amz-server-side-encryption AES256 etag W/"3126e1a3379436c8127fc188ff2adc62" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id T83SOEBdq3xy_YOgN3tVYeh4mIvR7IY_n05-3BPL3uqcx0P32Z_Ivg==
GET H2	200	utag.746.js Show response tags.tiqcdn.com/utag/fxclub/main/prod/	2 KB 1 KB	131ms 129ms	Script application/javascript	2600:9000:223f:3a00:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.746.js?utv=ut4.46.202301301117 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:3a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 59f60900147204b69bc6a0eb81ab57ff49bb4d9c46fb9acf83a93e5eb2af7ad7 Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers x-amz-version-id RQ3q.wapgeJdK4Dva4WuY7NscHRneWaR content-encoding br via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) date Thu, 03 Aug 2023 02:02:40 GMT last-modified Tue, 01 Aug 2023 07:52:01 GMT server AmazonS3 x-amz-cf-pop FRA56-P5 age 251 x-amz-server-side-encryption AES256 etag W/"76a788e4b9302ba5e5a78a1b3f6f6b6a" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id kbgVI6cq2LKTfE12wuDMZz-ZVTW08cr6qAXk2Hjbw4cRT4S9iC5YuQ==
GET H2	200	utag.757.js Show response tags.tiqcdn.com/utag/fxclub/main/prod/	12 KB 4 KB	235ms 234ms	Script application/javascript	2600:9000:223f:3a00:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.757.js?utv=ut4.46.202308010749 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:3a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash eb3e8b222e16a513807145cf92c0af9ebe1cea331929544c9d5bb13af998fd6a Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers x-amz-version-id UVaoHh_qmsynKbEKdm25N46ZobdlHp2E content-encoding br via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) date Thu, 03 Aug 2023 02:06:51 GMT last-modified Tue, 01 Aug 2023 07:52:06 GMT server AmazonS3 x-amz-cf-pop FRA56-P5 x-amz-server-side-encryption AES256 etag W/"aa8ba118c6b7162449be22634e5d08bb" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id ETpIMMFOUXcNuyeAo67a8rQbx9IaThxjQbL572S-0xpJrPjOb2oP8Q==
GET H2	200	5406e65db0d04a09e042d5fc Show response widget.trustpilot.com/trustbox-data/ Frame E6A4	981 B 873 B	66ms 66ms	XHR application/json	52.222.236.94 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget.trustpilot.com/trustbox-data/5406e65db0d04a09e042d5fc?businessUnitId=5a1e8d6b0000ff0005b1ddbc&locale=en-US Requested by Host: widget.trustpilot.com URL: https://widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/main.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.236.94 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-94.fra56.r.cloudfront.net Software Kestrel / Resource Hash 81464013bad8de64900e69749a87cf9879403a3e8d0bf0c4e4e6d6087ca01fb8 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/index.html?templateId=5406e65db0d04a09e042d5fc&businessunitId=5a1e8d6b0000ff0005b1ddbc accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff date Thu, 03 Aug 2023 02:03:03 GMT via 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P4 age 255 x-cache Hit from cloudfront content-length 451 x-xss-protection 1; mode=block server Kestrel etag "dd8eb60b977ebfa6eb2d55adabb6752a" vary Accept-Encoding content-type application/json; charset=utf-8 cache-control public,max-age=1800 x-amz-cf-id JL9aQgiLcRRtc5HVcwEm7YGhOYis8FOCgAulSmV8onvOV3yqSBo9XQ==
GET H2	204	TrustboxImpression Show response widget.trustpilot.com/stats/ Frame E6A4	0 323 B	88ms 88ms	XHR text/plain	52.222.236.94 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=24px&styleWidth=100%25&theme=light&fontFamily=Montserrat&textColor=%23000000&url=https%3A%2F%2Fpromo.libertex.org%2Flp%2Fes-lm%2Fcryptominer%2F%3Futm_id%3D4rKF%26utm_campaign%3Dminer%26utm_source%3Dcriptoinforme_libertex%26utm_content%3D728x90%26utm_medium%3Dmedia%26utm_country%3Dlm&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.110%20Safari%2F537.36&language=en-US&platform=Win32&nosettings=1&businessUnitId=5a1e8d6b0000ff0005b1ddbc&widgetId=5406e65db0d04a09e042d5fc Requested by Host: widget.trustpilot.com URL: https://widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/main.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.236.94 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-94.fra56.r.cloudfront.net Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/index.html?templateId=5406e65db0d04a09e042d5fc&businessunitId=5a1e8d6b0000ff0005b1ddbc accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers pragma no-cache date Thu, 03 Aug 2023 02:06:50 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff via 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront) server Kestrel x-amz-cf-pop FRA56-P4 x-cache Miss from cloudfront cache-control no-store,no-cache x-amz-cf-id 53xYlHf-URuhEPy3zwi7uaHHzEAzPri-S8Q7-N9LTkgHBRNbKWE2Nw== x-xss-protection 1; mode=block
GET H2	204	TrustboxView Show response widget.trustpilot.com/stats/ Frame E6A4	0 321 B	88ms 88ms	XHR text/plain	52.222.236.94 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget.trustpilot.com/stats/TrustboxView?locale=en-US&styleHeight=24px&styleWidth=100%25&theme=light&fontFamily=Montserrat&textColor=%23000000&url=https%3A%2F%2Fpromo.libertex.org%2Flp%2Fes-lm%2Fcryptominer%2F%3Futm_id%3D4rKF%26utm_campaign%3Dminer%26utm_source%3Dcriptoinforme_libertex%26utm_content%3D728x90%26utm_medium%3Dmedia%26utm_country%3Dlm&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.110%20Safari%2F537.36&language=en-US&platform=Win32&nosettings=1&businessUnitId=5a1e8d6b0000ff0005b1ddbc&widgetId=5406e65db0d04a09e042d5fc Requested by Host: widget.trustpilot.com URL: https://widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/main.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.236.94 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-94.fra56.r.cloudfront.net Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/index.html?templateId=5406e65db0d04a09e042d5fc&businessunitId=5a1e8d6b0000ff0005b1ddbc accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers pragma no-cache date Thu, 03 Aug 2023 02:06:50 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff via 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront) server Kestrel x-amz-cf-pop FRA56-P4 x-cache Miss from cloudfront cache-control no-store,no-cache x-amz-cf-id qUtevC2ReA-sejwth77veKqhbGBM4HVXmwHlckSttw0tgYiL37CnLA== x-xss-protection 1; mode=block
GET H2	200	uwt.js Show response static.ads-twitter.com/	56 KB 15 KB	200ms 59ms	Script application/javascript	146.75.120.157 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static.ads-twitter.com/uwt.js Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.548.js?utv=ut4.46.201804170814 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:50 GMT content-encoding gzip last-modified Thu, 27 Oct 2022 18:55:37 GMT x-amz-server-side-encryption AES256 etag "32ad004436155ec972bc50e6238b5b67+gzip+gzip" vary Accept-Encoding,Host x-cache HIT, HIT content-type application/javascript; charset=utf-8 p3p CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" x-tw-cdn FT cache-control no-cache accept-ranges bytes content-length 15375 x-served-by cache-iad-kjyo7100147-IAD, cache-fra-etou8220093-FRA
GET H2	200	hotjar-898554.js Show response static.hotjar.com/c/	57 KB 9 KB	201ms 64ms	Script application/javascript	18.66.97.37 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-898554.js?sv= Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.97.37 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-97-37.fra56.r.cloudfront.net Software / Resource Hash ff1bd0003de8e18c907ab031508a865e5f6089a0589864c157d7a35030a61b4c Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding br x-content-type-options nosniff date Thu, 03 Aug 2023 02:06:50 GMT via 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 age 27 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin etag W/ddca7a9486eef38db119768e9ec13486 vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 cache-control max-age=60 x-amz-cf-id 7gvRN_9TNCcqqyWBJPU0zeUv77A5FLRqzRherDGEWHuguuQ-GU4YrQ==
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	172 KB 47 KB	185ms 59ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 9b78354357bc04de9fa52562968bad64ef1311b665cc6ea927d2ec08bcc82cd8 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Thu, 03 Aug 2023 02:06:50 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 47151 x-xss-protection 0 pragma public x-fb-debug RWZIxrg1YpYo8JvPnW4a3X/cWWieoTncgNi/L16m30Uzq7+A1hS6/etcyrnolIWGibRhRfV6/bDuiouHySOL7w== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	api.min.js Show response a.opmnstr.com/app/js/	53 KB 19 KB	188ms 56ms	Script application/javascript	2400:52e0:1e00::1081:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://a.opmnstr.com/app/js/api.min.js Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1081 / Resource Hash 64ca0467fb4d0b14d0d403291c23dcf391c1a7a908307b094ddf6c978960f4e8 Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:50 GMT content-encoding br cdn-edgestorageid 1080 perma-cache HIT cdn-storageserver DE-663 cdn-cachedat 08/01/2023 22:20:41 cdn-pullzone 293267 last-modified Mon, 31 Jul 2023 21:41:15 GMT server BunnyCDN-DE1-1081 cdn-fileserver 588 cdn-requestpullcode 200 cdn-proxyver 1.04 etag W/"64c82a7b-d3b1" vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid efcab737-66db-4b75-ab55-ed485d5a01dd access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-requestid bf4e5028089604de057e0210d2be808a cdn-requestcountrycode FI access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	186ms 59ms	Script text/javascript	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Thu, 03 Aug 2023 01:49:45 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 1025 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Thu, 03 Aug 2023 03:49:45 GMT
GET H2	204	mark trc.taboola.com/forexclub-sc/log/3/	0 368 B	283ms 213ms	Image image/gif	2a04:4e42:200::300 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://trc.taboola.com/forexclub-sc/log/3/mark?marking-type=visitor&item-url=https%3A%2F%2Fpromo.libertex.org%2Flp%2Fes-lm%2Fcryptominer%2F%3Futm_id%3D4rKF%26utm_campaign%3Dminer%26utm_source%3Dcriptoinforme_libertex%26utm_content%3D728x90%26utm_medium%3Dmedia%26utm_country%3Dlm Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers x-vcl-time-ms 183 date Thu, 03 Aug 2023 02:06:50 GMT via 1.1 varnish x-fastly-to-nlb-rtt 90997 x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" x-service-version v1 x-served-by cache-hel1410020-HEL pragma no-cache server nginx x-timer S1691028410.136495,VS0,VE183 content-type image/gif access-control-allow-origin * cache-control no-cache access-control-allow-credentials true accept-ranges bytes x-cache-hits 0
GET H2	200	activityi;dc_pre=CPfiy92zv4ADFYvomgodzykBqg;src=11442981;type=testb0;cat=pagev0;ord=5756060371325.429 Show response 11442981.fls.doubleclick.net/ Frame 3237 Redirect Chain https://11442981.fls.doubleclick.net/activityi;src=11442981;type=testb0;cat=pagev0;ord=5756060371325.429? https://11442981.fls.doubleclick.net/activityi;dc_pre=CPfiy92zv4ADFYvomgodzykBqg;src=11442981;type=testb0;cat=pagev0;ord=5756060371325.429?	440 B 400 B	98ms 97ms	Document text/html	172.217.16.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://11442981.fls.doubleclick.net/activityi;dc_pre=CPfiy92zv4ADFYvomgodzykBqg;src=11442981;type=testb0;cat=pagev0;ord=5756060371325.429? Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.134 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s06-in-f134.1e100.net Software cafe / Resource Hash 57b767371c4acc4edde6ba5510bef553bf47cdb99796cd752b4036d04ed2f88f Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://promo.libertex.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-encoding br content-length 225 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 03 Aug 2023 02:06:50 GMT expires Fri, 01 Jan 1990 00:00:00 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 03 Aug 2023 02:06:50 GMT expires Fri, 01 Jan 1990 00:00:00 GMT follow-only-when-prerender-shown 1 location https://11442981.fls.doubleclick.net/activityi;dc_pre=CPfiy92zv4ADFYvomgodzykBqg;src=11442981;type=testb0;cat=pagev0;ord=5756060371325.429? p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	montserrat.css widget.trustpilot.com/fonts/ Frame E6A4	5 KB 5 KB	57ms 56ms	Stylesheet text/css	52.222.236.94 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget.trustpilot.com/fonts/montserrat.css Requested by Host: widget.trustpilot.com URL: https://widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/main.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.236.94 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-94.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 099dbee82bc5da3a74f1ffe461982b51c3b7b951e23912f677d89091de4bcd15 Request headers accept-language fi-FI,fi;q=0.9 Referer https://widget.trustpilot.com/trustboxes/5406e65db0d04a09e042d5fc/index.html?templateId=5406e65db0d04a09e042d5fc&businessunitId=5a1e8d6b0000ff0005b1ddbc User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 01:59:26 GMT via 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront) last-modified Mon, 03 Oct 2022 14:37:43 GMT server AmazonS3 x-amz-cf-pop FRA56-P4 age 446 x-amz-server-side-encryption AES256 etag "7360fedbb670f7675b8ccc934355c686" x-cache Hit from cloudfront content-type text/css accept-ranges bytes content-length 4924 x-amz-cf-id jj3eKykUA9ISozTVqNbpPPRuHWrp7Cn71hU1UxoluaMvHMEHsetCEw==
GET H2	200	j.php Show response dev.visualwebsiteoptimizer.com/	3 KB 2 KB	138ms 65ms	Script application/javascript	34.96.102.137 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://dev.visualwebsiteoptimizer.com/j.php?a=677842&u=https%3A%2F%2Fpromo.libertex.org%2Flp%2Fes-lm%2Fcryptominer%2F%3Futm_id%3D4rKF%26utm_campaign%3Dminer%26utm_source%3Dcriptoinforme_libertex%26utm_content%3D728x90%26utm_medium%3Dmedia%26utm_country%3Dlm&r=0.9092166518443425 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.746.js?utv=ut4.46.202301301117 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 137.102.96.34.bc.googleusercontent.com Software gams1 / Resource Hash 2a392b2d7981ca15e6c7c1cee4c531baaae87859a0a8f3dc21582788c3c299a2 Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:49 GMT content-encoding gzip via 1.1 google server gams1 vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=0, no-cache, must-revalidate timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	200	events.js Show response analytics.tiktok.com/i18n/pixel/	4 KB 2 KB	330ms 153ms	Script application/javascript	104.126.37.42 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BVJ114SOLA0CA89TMT5G&lib=ttq Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.126.37.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-126-37-42.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 57212e2f80356b3928ff4b1ecb4db44c0a13600f0c3f454a5c0d85f6e723ec02 Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers x-akamai-request-id 822cc5c0.447721ef date Thu, 03 Aug 2023 02:06:50 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-cache TCP_MISS from a104-126-37-38.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-) x-parent-response-time 93,104.126.37.38 server-timing cdn-cache; desc=MISS, edge; dur=86, origin; dur=7, inner; dur=4 content-length 1620 pragma no-cache server nginx x-tt-logid 20230803020650ECDB11D7B03F1D0F6353 x-cache-remote TCP_MISS from a23-220-105-135.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-) vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store x-origin-response-time 7,23.220.105.135 x-tt-trace-host 0177b0e2085fdf6e8621e3ac4065a0b0d801f0829a57120743d8245c4c9916175a51ce2df20d51a223b32e62fabed29bfb5d89c81ab5fef0820b7b94a4c75348b662968e7396d99c9dded6e61519b8428c0f8126012fe9a79ae2e1e9178f948fa3b4d36a116181841df47e74c32cdc9b3c expires Thu, 03 Aug 2023 02:06:50 GMT
GET H2	200	ld.js Show response dynamic.criteo.com/js/ld/	46 KB 20 KB	224ms 111ms	Script application/javascript	2a02:2638:3::e ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://dynamic.criteo.com/js/ld/ld.js?a=101568,61968,61966,101569,61967,101570 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 25cae96fc2a39585ae0946930c4cf3bfcce489b123f9d049240c3180e72bd48b Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:49 GMT content-encoding br strict-transport-security max-age=31536000; preload; server Kestrel vary Origin, Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public,max-age=10800 cross-origin-resource-policy cross-origin timing-allow-origin *
GET H2	200	all Show response api-geo.libertex.org/v1/	15 KB 5 KB	158ms 121ms	XHR application/json	2606:4700::6810:b70a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api-geo.libertex.org/v1/all?locale=es&v=1691028410116 Requested by Host: lib.libertex.org URL: https://lib.libertex.org/landing/js/landing-api.min.2.2.2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:b70a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash af0dc44b4a09ae9d63180f1e9e611dbb1bfa9537132efb0515226dcddfd60aa4 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:50 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type application/json; charset=UTF-8 access-control-allow-origin * cf-ray 7f0b00eb8e3e2dfa-ARN access-control-allow-headers Accept, Accept-Language, Origin, Content-Type, Content-Language, X-Forwarded-For alt-svc h3=":443"; ma=86400
GET DATA	200 OK	truncated /	2 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a6857cbbc8ab3c335549ec38f098a57b86dbdb6757917e2c038e6e986c94f810 Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5e192cbcb235019c7129b5e9ee56d6f48b4615c6e16c8452fbbe560bfbc6ddab Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 widget.trustpilot.com/fonts/montserrat/ Frame E6A4	30 KB 31 KB	65ms 64ms	Font binary/octet-stream	52.222.236.94 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget.trustpilot.com/fonts/montserrat/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: widget.trustpilot.com URL: https://widget.trustpilot.com/fonts/montserrat.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.236.94 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-94.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780 Request headers Referer https://widget.trustpilot.com/fonts/montserrat.css Origin https://widget.trustpilot.com accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 02 Aug 2023 03:07:43 GMT via 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P4 age 82755 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 30928 last-modified Thu, 29 Sep 2022 09:49:08 GMT server AmazonS3 etag "ac0d2859ea5f8fd6bcb3c305c08ec184" access-control-max-age 3000 access-control-allow-methods GET content-type binary/octet-stream access-control-allow-origin * accept-ranges bytes x-amz-cf-id CfRC88Coghd4y5kia7WbQ-OYqDPMPW5tsC_Kl9GpkbLSmorkJn9UBA==
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 widget.trustpilot.com/fonts/montserrat/ Frame E6A4	30 KB 31 KB	80ms 80ms	Font binary/octet-stream	52.222.236.94 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget.trustpilot.com/fonts/montserrat/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: widget.trustpilot.com URL: https://widget.trustpilot.com/fonts/montserrat.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.236.94 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-94.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780 Request headers Referer https://widget.trustpilot.com/fonts/montserrat.css Origin https://widget.trustpilot.com accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 02 Aug 2023 03:07:43 GMT via 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P4 age 82755 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 30928 last-modified Thu, 29 Sep 2022 09:49:08 GMT server AmazonS3 etag "ac0d2859ea5f8fd6bcb3c305c08ec184" access-control-max-age 3000 access-control-allow-methods GET content-type binary/octet-stream access-control-allow-origin * accept-ranges bytes x-amz-cf-id 3_YbxgoW6Yt0OYv-i2-rYWGBhZF4h6F37hnXDUyk5bPqP5dgMifk9g==
GET H2	200	js Show response www.googletagmanager.com/gtag/	264 KB 88 KB	210ms 81ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-GGPG0HTS88 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 266f282a1ab723acd3e0fc7e7e433b2a3a3e10b96348f93952ec8228cd92e314 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:50 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 89501 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 03 Aug 2023 02:06:50 GMT
GET H2	200	v.gif dev.visualwebsiteoptimizer.com/eu01/	35 B 215 B	66ms 65ms	Image image/gif	34.96.102.137 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://dev.visualwebsiteoptimizer.com/eu01/v.gif?cd=0&a=677842&d=promo.libertex.org&u=D663237575BD1AC47BE524D17772EBC99&h=af8a2ba7a7205570d7bb71664fe387ff&t=false&r=0.6277450151599078 Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 137.102.96.34.bc.googleusercontent.com Software gbel1c / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Thu, 03 Aug 2023 02:06:49 GMT via 1.1 google x-content-type-options nosniff server gbel1c content-type image/gif cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 10 Jan 2005 00:00:01 GMT
GET H2	200	modules.02a5b6abd8e109b6c308.js Show response script.hotjar.com/	222 KB 55 KB	196ms 66ms	Script application/javascript	108.138.7.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.02a5b6abd8e109b6c308.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-898554.js?sv= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.7.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-7-40.fra56.r.cloudfront.net Software / Resource Hash 72ea1416e54a4cfea2c3ca3dd6dec1749aa8b2210bb1aaa9626ad6c4426d432b Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 02 Aug 2023 16:11:07 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P6 age 35743 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 55504 last-modified Wed, 02 Aug 2023 16:10:42 GMT etag "1ba3e93c717ab663b37362961dd81868" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id qHIQZWx2LGCaIaFQ-ZRA_Dqot6xnR_0Bg1u3_e0Ndlb8WmQ3Oik_lg==
GET H2	200	adsct t.co/i/	43 B 378 B	387ms 260ms	Image image/gif	104.244.42.197 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://t.co/i/adsct?bci=3&eci=2&event_id=b9d7c753-5fc8-4f2b-8e5e-41df064f10c1&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=5d7820a1-6ca0-4229-81fd-3772fc23122f&tw_document_href=https%3A%2F%2Fpromo.libertex.org%2Flp%2Fes-lm%2Fcryptominer%2F%3Futm_id%3D4rKF%26utm_campaign%3Dminer%26utm_source%3Dcriptoinforme_libertex%26utm_content%3D728x90%26utm_medium%3Dmedia%26utm_country%3Dlm&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzaqg&type=javascript&version=2.3.29 Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.197 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers x-response-time 205 date Thu, 03 Aug 2023 02:06:50 GMT strict-transport-security max-age=0 server tsa_o content-type image/gif;charset=utf-8 x-transaction-id 9077a88359bec3e2 cache-control no-cache, no-store, max-age=0 perf 7626143928 x-connection-hash 896ff90f25e8ba1b6233b7e8b91a8df247c51fc38ce69a4eec3c45662a6772b6 content-length 43
GET H2	200	adsct analytics.twitter.com/i/	43 B 393 B	366ms 229ms	Image image/gif	104.244.42.131 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=b9d7c753-5fc8-4f2b-8e5e-41df064f10c1&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=5d7820a1-6ca0-4229-81fd-3772fc23122f&tw_document_href=https%3A%2F%2Fpromo.libertex.org%2Flp%2Fes-lm%2Fcryptominer%2F%3Futm_id%3D4rKF%26utm_campaign%3Dminer%26utm_source%3Dcriptoinforme_libertex%26utm_content%3D728x90%26utm_medium%3Dmedia%26utm_country%3Dlm&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzaqg&type=javascript&version=2.3.29 Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.131 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=631138519 Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers x-response-time 173 date Thu, 03 Aug 2023 02:06:49 GMT strict-transport-security max-age=631138519 server tsa_o content-type image/gif;charset=utf-8 x-transaction-id 1ae662c67d99bbcb cache-control no-cache, no-store, max-age=0 perf 7626143928 x-connection-hash 12c0be1bbfbd1514a0aab41ce7abc10aad5f3b79e62f12ae82d9728c1fbd321d content-length 43
POST H2	200	collect Show response www.google-analytics.com/j/	4 B 211 B	67ms 66ms	XHR text/plain	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=714068435&t=pageview&_s=1&dl=https%3A%2F%2Fpromo.libertex.org%2Flp%2Fes-lm%2Fcryptominer%2F%3Futm_id%3D4rKF%26utm_campaign%3Dminer%26utm_source%3Dcriptoinforme_libertex%26utm_content%3D728x90%26utm_medium%3Dmedia%26utm_country%3Dlm&ul=en-us&de=UTF-8&dt=Vemos%20Crypto%20en%20tu%20Futuro&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACAABBAAAACAAI~&jid=591801981&gjid=1534413733&cid=2130088229.1691028410&tid=UA-49381759-1&_gid=1037088234.1691028410&_r=1&_slc=1&cd7=es&z=33143813 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://promo.libertex.org/ accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 03 Aug 2023 02:06:50 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://promo.libertex.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	api.min.css a.omappapi.com/app/js/	10 KB 3 KB	170ms 56ms	Stylesheet text/css	2400:52e0:1e00::1081:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://a.omappapi.com/app/js/api.min.css Requested by Host: a.opmnstr.com URL: https://a.opmnstr.com/app/js/api.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1081 / Resource Hash 36aeabf490693f214315f98655aa5e871863fb6e4827d5e51aa70ee4578efa64 Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:50 GMT content-encoding br cdn-edgestorageid 1082 perma-cache HIT cdn-storageserver DE-664 cdn-cachedat 08/01/2023 22:20:40 cdn-pullzone 293267 last-modified Mon, 31 Jul 2023 21:41:20 GMT server BunnyCDN-DE1-1081 cdn-fileserver 587 cdn-requestpullcode 200 cdn-proxyver 1.04 etag W/"64c82a80-2644" vary Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid efcab737-66db-4b75-ab55-ed485d5a01dd access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-requestid 5dd79d1be684d5577985bbca6134ee6e cdn-requestcountrycode FI access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	8811 Show response api.omappapi.com/v2/embed/	38 KB 9 KB	282ms 152ms	XHR application/json	18.66.112.92 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.omappapi.com/v2/embed/8811?d=promo.libertex.org Requested by Host: a.opmnstr.com URL: https://a.opmnstr.com/app/js/api.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.92 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-92.fra56.r.cloudfront.net Software Pagely Gateway/1.5.1 / Resource Hash 245b79025af5e007e4f67f6f45eae3c21f53f6b367feea8785a74dc588853a4c Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:50 GMT content-encoding gzip via 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront) x-cache-config 0 0 x-amz-cf-pop FRA56-P5 x-cache-status HIT x-cache Miss from cloudfront x-optinmonster-account 2794 x-user-agent standard-- last-modified Fri, 27 Jul 2018 09:59:17 GMT server Pagely Gateway/1.5.1 etag W/"6e32ebec9e1bdfe664a4bb7173a77be9" vary Accept-Encoding, User-Agent content-type application/json access-control-allow-origin * access-control-expose-headers X-OptinMonster-Account, X-User-Agent cache-control public, max-age=30, stale-while-revalidate=1800 access-control-allow-headers X-CSRF-Token x-amz-cf-id rmIokZ0tfxI3drPk1RWHpL7KHjhpphucT2GGdKNQWwT1pwP9hpbL7A== expires Thu, 03 Aug 2023 01:52:47 GMT
GET H2	200	syncframe Show response gum.criteo.com/ Frame FD95	15 KB 6 KB	173ms 60ms	Document text/html	2a02:2638:3::c ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?topUrl=promo.libertex.org&origin=onetag Requested by Host: dynamic.criteo.com URL: https://dynamic.criteo.com/js/ld/ld.js?a=101568,61968,61966,101569,61967,101570 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://promo.libertex.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers cache-control private, max-age=3600 content-encoding gzip content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Thu, 03 Aug 2023 02:06:50 GMT server Kestrel server-processing-duration-in-ticks 311014 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	503697863149680 Show response connect.facebook.net/signals/config/	181 KB 48 KB	60ms 60ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/503697863149680?v=2.9.121&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 7182fd301d321d2c91da566605aefbbe5211baf5a74f9a89f7909db2d2c3c1af Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Thu, 03 Aug 2023 02:06:50 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 48850 x-xss-protection 0 pragma public x-fb-debug 5wzjeRVVzYM3RJ9crOfF0b9m03oK3RwhHRdRuqoWMhHJj1h60iCoxtitOKoTgmUtrgw+ptx56Sg9DbI8oSiD1A== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() expires Sat, 01 Jan 2000 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 351 B	197ms 65ms	XHR text/plain	2a00:1450:400c:c03::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-49381759-1&cid=2130088229.1691028410&jid=591801981&gjid=1534413733&_gid=1037088234.1691028410&_u=YGBACAAABAAAACAAI~&z=554329266 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c03::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 30cd55351e2a901ab282b62b576fe35e23132c5313007cc90ff1bac1bf1cd24d Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://promo.libertex.org/ accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Thu, 03 Aug 2023 02:06:50 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://promo.libertex.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	utag.v.js Show response tags.tiqcdn.com/utag/tiqapp/	2 B 432 B	55ms 55ms	Script application/javascript	2600:9000:223f:3a00:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=fxclub/main/202308010749&cb=1691028410400 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:3a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers x-amz-version-id 2XUX04X5QEw0.xFya64khU._sHTRl_Pz date Thu, 03 Aug 2023 02:06:40 GMT via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 571 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 2 last-modified Sat, 11 Mar 2023 06:57:46 GMT server AmazonS3 etag "7bc0ee636b3b83484fc3b9348863bd22" vary Accept-Encoding content-type application/javascript cache-control max-age=300 accept-ranges bytes x-amz-cf-id 1zwr6bPY638DBVBK-4AKr686KH0EJpudluz6g_Cwuj-X76psUxU9UA==
GET H2	200	/ tealium-proxy.libertex.org/	19 B 19 B	259ms 73ms	Image text/plain	34.246.235.195 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://tealium-proxy.libertex.org/?t_profile=main&abtest_experiments_bucket=&abtest_experiments_name=&client_browser=Chrome&client_id=&customer_accounts_info_code=&customer_cur_account_balance_available=&customer_cur_account_count_of_deals_total=&customer_cur_account_deposit_init_value=&customer_cur_account_deposit_total_value=&customer_cur_account_id=&customer_cur_account_info_code=&customer_cur_account_is_deposit=&customer_cur_account_type=&customer_email=&customer_id=&customer_login=&customer_profile_broker=&customer_profile_business_unit=&customer_profile_country=&customer_profile_is_first_launch_open=&customer_profile_lifecycle=&customer_profile_network=&customer_profile_network_name=&event_account_id=&event_account_name=&event_currency=&event_date=&event_date_utc=2023-08-03+02%3A06&event_id=&event_ref=&event_type=&event_value=&fbp=&fbclid=&fx_visitor_id=&ga_cid=&gclid=&icid_sf=&mixlib=undefined&page_activitytime=&page_category=&page_channel=&page_dom_referrer=&page_dom_url=https%3A%2F%2Fpromo.libertex.org%2Flp%2Fes-lm%2Fcryptominer%2F%3Futm_id%3D4rKF%26utm_campaign%3Dminer%26utm_source%3Dcriptoinforme_libertex%26utm_content%3D728x90%26utm_medium%3Dmedia%26utm_country%3Dlm&page_environment=prod&page_language=es&page_loadingtime=&page_loadingtime_tti=&page_name=&page_path=&page_referrer_long=&page_system=promo&page_type=&product_category=&product_id=&product_name=&product_subcategory=&segment_web=b&session_id=1691028409876&sf_campaignId=&user_agent=mozilla%2F5.0+%28windows+nt+10.0%3B+win64%3B+x64%29+applewebkit%2F537.36+%28khtml%2C+like+gecko%29+chrome%2F115.0.5790.110+safari%2F537.36&visitor_id=0189b925ce130020c23f0d2cc12c0307400a406c00b08 Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.246.235.195 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-246-235-195.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:50 GMT content-length 19 content-type text/plain; charset=utf-8
GET H2	200	/ Show response adservice.google.com/ddm/fls/i/dc_pre=CPfiy92zv4ADFYvomgodzykBqg;src=11442981;type=testb0;cat=pagev0;ord=5756060371325.429;~oref=https://promo.libertex.org/ Frame 1E0A	439 B 598 B	250ms 98ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/ddm/fls/i/dc_pre=CPfiy92zv4ADFYvomgodzykBqg;src=11442981;type=testb0;cat=pagev0;ord=5756060371325.429;~oref=https://promo.libertex.org/ Requested by Host: 11442981.fls.doubleclick.net URL: https://11442981.fls.doubleclick.net/activityi;dc_pre=CPfiy92zv4ADFYvomgodzykBqg;src=11442981;type=testb0;cat=pagev0;ord=5756060371325.429? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 64ce92589e133eb23e48742ccea137ca31abc2c7371308557a02f63030b52fe1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://11442981.fls.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-encoding br content-length 224 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 03 Aug 2023 02:06:50 GMT expires Fri, 01 Jan 1990 00:00:00 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" pragma no-cache server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	main.MTJlZjA0YWQ0MQ.js Show response analytics.tiktok.com/i18n/pixel/static/	356 KB 96 KB	58ms 58ms	Script application/javascript	104.126.37.42 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/main.MTJlZjA0YWQ0MQ.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BVJ114SOLA0CA89TMT5G&lib=ttq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.126.37.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-126-37-42.deploy.static.akamaitechnologies.com Software nginx / Resource Hash fc4d5f0e03c1677a6cd8edda19ed6155725a01b7ed8e9685c5ec87fc8b8da0c3 Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers x-akamai-request-id 4477220a date Thu, 03 Aug 2023 02:06:50 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 2023080114384456D718095725767120F4 vary Accept-Encoding x-cache TCP_MEM_HIT from a104-126-37-38.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 013d19482c5ae7f3681f978f98a818f11574bd94c7719582ffb88b2bb81d8d9c1c3c66e3c83fb98178c417087a124d579272d6df2bce1e1c04283277019d6df3df61e58b7ca37784143ed9986093c9843c86418f800583ed6f098ae584cec56d96 server-timing cdn-cache; desc=HIT, edge; dur=0, inner; dur=3 content-length 98033
GET H2	200	/ www.facebook.com/tr/	0 185 B	183ms 58ms	Image text/plain	2a03:2880:f176:84:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=503697863149680&ev=PageView&dl=https%3A%2F%2Fpromo.libertex.org&rl=&if=false&ts=1691028410469&sw=1600&sh=1200&v=2.9.121&r=stable&a=tmtealium&ec=0&o=28&fbp=fb.1.1691028410467.370257087&cs_est=true&pm=1&it=1691028410365&coo=false&cs_cc=1&cas=6273894476057018%2C5094943807283399%2C6114683308657450%2C6304183952948766%2C4072965789423402%2C2637853976292105%2C2575376645847063%2C2350195398431807%2C2193917490719856%2C6237468092959149%2C8899137436794725%2C5899200673473631%2C6359067434143548%2C8982884845085560%2C5790359031019920%2C6089879401129885%2C2670283422998568&exp=a1&rqm=GET Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Thu, 03 Aug 2023 02:06:50 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	sid Show response mug.criteo.com/ Frame FD95 Redirect Chain https://gum.criteo.com/sid/json?origin=onetag&domain=libertex.org&sn=ChromeSyncframe&so=0&topUrl=promo.libertex.org&cw=1&lsw=1&topicsavail=0&fledgeavail=0 https://mug.criteo.com/sid?cpp=KqUopnxKQlRLMHVjV1Bod204eTZFVytXb1dTMUZYb1pwYldodmZKNmh3cGJvYVhvS29RNHJFZjFxRk80REFreUNSSkRCdHJRUGlZNXdTNVQ4dE9PR1o3ZVA0QnJIV1B0RUIyYzI5aGhEYUxKNnRJZzBDVXo4aWJaaXVoNH...	452 B 674 B	230ms 65ms	Fetch application/json	178.250.7.13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=KqUopnxKQlRLMHVjV1Bod204eTZFVytXb1dTMUZYb1pwYldodmZKNmh3cGJvYVhvS29RNHJFZjFxRk80REFreUNSSkRCdHJRUGlZNXdTNVQ4dE9PR1o3ZVA0QnJIV1B0RUIyYzI5aGhEYUxKNnRJZzBDVXo4aWJaaXVoNHVQRm9Wd3lmaDJJVmpmQ01JS25TTGNaSndXSDhXOVgwMnB2U0ZMWldTSXlQY0J3enUrdEQ2WDRQa1RxZGtERzl0RnQrVy9iemN4NEZTUy8xSUcwU2RWeGhEZjRnYVpvTHI4dTBodUQ5UGtpVjAyNTlCbk9NZThGNkFKMHIzZDdzRjd2cDZQK3ZZTWZXLzVLVEZrbUF2K05sMGpQRitTQT09fA&cppv=2 Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm Protocol H2 Server 178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash f94f809f9e912f28524680e8a455709cf30fcf4be4c191dc52dcb0834e80daff Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language fi-FI,fi;q=0.9 Referer https://gum.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Thu, 03 Aug 2023 02:06:50 GMT strict-transport-security max-age=31536000; preload; content-encoding gzip server Kestrel vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://gum.criteo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 1163872 expires 0 Redirect headers pragma no-cache date Thu, 03 Aug 2023 02:06:50 GMT strict-transport-security max-age=31536000; preload; server Kestrel location https://mug.criteo.com/sid?cpp=KqUopnxKQlRLMHVjV1Bod204eTZFVytXb1dTMUZYb1pwYldodmZKNmh3cGJvYVhvS29RNHJFZjFxRk80REFreUNSSkRCdHJRUGlZNXdTNVQ4dE9PR1o3ZVA0QnJIV1B0RUIyYzI5aGhEYUxKNnRJZzBDVXo4aWJaaXVoNHVQRm9Wd3lmaDJJVmpmQ01JS25TTGNaSndXSDhXOVgwMnB2U0ZMWldTSXlQY0J3enUrdEQ2WDRQa1RxZGtERzl0RnQrVy9iemN4NEZTUy8xSUcwU2RWeGhEZjRnYVpvTHI4dTBodUQ5UGtpVjAyNTlCbk9NZThGNkFKMHIzZDdzRjd2cDZQK3ZZTWZXLzVLVEZrbUF2K05sMGpQRitTQT09fA&cppv=2 cache-control no-cache, no-store, must-revalidate server-processing-duration-in-ticks 211257 content-length 0 expires 0
GET H2	204	898554 Show response vc.hotjar.io/sessions/	0 257 B	235ms 85ms	XHR text/plain	18.66.112.19 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vc.hotjar.io/sessions/898554?s=0.25&r=0.005939173065422354 Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.02a5b6abd8e109b6c308.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.19 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-19.fra56.r.cloudfront.net Software Python/3.8 aiohttp/3.8.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:50 GMT via 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront) server Python/3.8 aiohttp/3.8.4 x-amz-cf-pop FRA56-P5 x-cache Miss from cloudfront access-control-allow-origin * cache-control no-store x-amz-cf-id GMcxkkGOW12IfrGImF9cAMjQo7-0Elx1Ui5vYF3_VVoffrOLesOidg==
POST H2	204	collect region1.analytics.google.com/g/	0 256 B	105ms 33ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-GGPG0HTS88&gtm=45je37v0&_p=714068435&_gaz=1&gdid=dYmQxMT&cid=2130088229.1691028410&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1691028410&sct=1&seg=0&dl=https%3A%2F%2Fpromo.libertex.org%2Flp%2Fes-lm%2Fcryptominer%2F%3Futm_id%3D4rKF%26utm_campaign%3Dminer%26utm_source%3Dcriptoinforme_libertex%26utm_content%3D728x90%26utm_medium%3Dmedia%26utm_country%3Dlm&dt=Vemos%20Crypto%20en%20tu%20Futuro&en=page_view&_fv=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-GGPG0HTS88 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Thu, 03 Aug 2023 02:06:50 GMT server Golfe2 content-type text/plain access-control-allow-origin https://promo.libertex.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 56 B	68ms 67ms	Ping text/plain	2a00:1450:400c:c03::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GGPG0HTS88&cid=2130088229.1691028410&gtm=45je37v0&aip=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-GGPG0HTS88 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c03::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Thu, 03 Aug 2023 02:06:50 GMT server Golfe2 content-type text/plain access-control-allow-origin https://promo.libertex.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	277 KB 90 KB	75ms 74ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-8FE0VJVQNC&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-GGPG0HTS88 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 142b1d8b342509aa131f52e32bedadf5935bf95f08ece93f885c33e0b44ec787 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:50 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 92374 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 03 Aug 2023 02:06:50 GMT
GET H2	200	ga-audiences www.google.fi/ads/	42 B 408 B	200ms 73ms	Image image/gif	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.fi/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GGPG0HTS88&cid=2130088229.1691028410&gtm=45je37v0&aip=1&z=724369979 Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Thu, 03 Aug 2023 02:06:50 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 408 B	201ms 70ms	Image image/gif	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-49381759-1&cid=2130088229.1691028410&jid=591801981&_u=YGBACAAABAAAACAAI~&z=2014583556 Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Thu, 03 Aug 2023 02:06:50 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.fi/ads/	42 B 107 B	206ms 79ms	Image image/gif	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.fi/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-49381759-1&cid=2130088229.1691028410&jid=591801981&_u=YGBACAAABAAAACAAI~&z=2014583556 Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Thu, 03 Aug 2023 02:06:50 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	18.08589474.min.js Show response a.opmnstr.com/app/js/	1 KB 1 KB	58ms 57ms	Script application/javascript	2400:52e0:1e00::1081:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://a.opmnstr.com/app/js/18.08589474.min.js Requested by Host: a.opmnstr.com URL: https://a.opmnstr.com/app/js/api.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1081 / Resource Hash ff8633a0b9564aa1a545ec5366457da75f1dacb39c31b14675bf3f0df32e3e4e Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:50 GMT content-encoding br cdn-edgestorageid 1080 perma-cache HIT cdn-storageserver DE-165 cdn-cachedat 08/01/2023 22:20:42 cdn-pullzone 293267 last-modified Fri, 07 Jul 2023 21:09:42 GMT server BunnyCDN-DE1-1081 cdn-fileserver 588 cdn-requestpullcode 200 cdn-proxyver 1.04 etag W/"64a87f16-477" vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid efcab737-66db-4b75-ab55-ed485d5a01dd access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-requestid d7846710a2f4329c0c92b7d7f0a9a57c cdn-requestcountrycode FI access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	5.78b36768.min.js Show response a.opmnstr.com/app/js/	16 KB 6 KB	58ms 58ms	Script application/javascript	2400:52e0:1e00::1081:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://a.opmnstr.com/app/js/5.78b36768.min.js Requested by Host: a.opmnstr.com URL: https://a.opmnstr.com/app/js/api.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1081 / Resource Hash 7680e45da3168c3240c3287c1f14af99ca941299901de2aae917a0f5c4d6a3d5 Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:50 GMT content-encoding br cdn-edgestorageid 1082 perma-cache HIT cdn-storageserver DE-661 cdn-cachedat 08/01/2023 22:20:40 cdn-pullzone 293267 last-modified Mon, 31 Jul 2023 21:41:16 GMT server BunnyCDN-DE1-1081 cdn-fileserver 382 cdn-requestpullcode 200 cdn-proxyver 1.04 etag W/"64c82a7c-4140" vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid efcab737-66db-4b75-ab55-ed485d5a01dd access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-requestid c3efc208ad490d9fe6dcd23524820f38 cdn-requestcountrycode FI access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	identify_7f4c1.js Show response analytics.tiktok.com/i18n/pixel/static/	114 KB 30 KB	59ms 58ms	Script application/javascript	104.126.37.42 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/identify_7f4c1.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJlZjA0YWQ0MQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.126.37.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-126-37-42.deploy.static.akamaitechnologies.com Software nginx / Resource Hash cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers x-akamai-request-id 4477221f date Thu, 03 Aug 2023 02:06:50 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 20230801143830248723443B519C7798A8 vary Accept-Encoding x-cache TCP_MEM_HIT from a104-126-37-38.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 01bb6402f5b0d9888edbbcbfa5d545bc786d60ef0d5af553c8b329f8c549c910bb3e9c991bf430de26473981fab729d200d77fd0005b72a4157519e7110b9bde3f377143c126e3a786cb3ac7230cf2ba7de0c5d3e7731ab5e46fa44b8f2bdb1931 server-timing cdn-cache; desc=HIT, edge; dur=0, inner; dur=7 content-length 30563
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 695 B	185ms 185ms	Ping text/plain	104.126.37.42 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJlZjA0YWQ0MQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.126.37.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-126-37-42.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://promo.libertex.org/ accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 757115c9.44772227 date Thu, 03 Aug 2023 02:06:50 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-cache TCP_MISS from a104-126-37-38.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-) x-parent-response-time 122,104.126.37.38 server-timing cdn-cache; desc=MISS, edge; dur=92, origin; dur=34, inner; dur=29 content-length 0 pragma no-cache server nginx x-tt-logid 20230803020650A1FDAE4B1A5B600A4797 x-cache-remote TCP_MISS from a23-220-105-143.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-) access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 35,23.220.105.143 x-tt-trace-host 0177b0e2085fdf6e8621e3ac4065a0b0d801f0829a57120743d8245c4c9916175ab49e9db6f8fe3a992de79e76b7bee99d79151dd3d0b09a11a3b9dc2a689da324c8c0579118ccc7419bf79335f35f791a433d97f91f24a82d26d07a13edda3e9ae9867f90b74342a30198c682ee88d549 expires Thu, 03 Aug 2023 02:06:50 GMT
GET H2	200	/ Show response adservice.google.fi/ddm/fls/i/dc_pre=CPfiy92zv4ADFYvomgodzykBqg;src=11442981;type=testb0;cat=pagev0;ord=5756060371325.429;~oref=https://promo.libertex.org/ Frame 42A0	194 B 515 B	271ms 101ms	Document text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.fi/ddm/fls/i/dc_pre=CPfiy92zv4ADFYvomgodzykBqg;src=11442981;type=testb0;cat=pagev0;ord=5756060371325.429;~oref=https://promo.libertex.org/ Requested by Host: adservice.google.com URL: https://adservice.google.com/ddm/fls/i/dc_pre=CPfiy92zv4ADFYvomgodzykBqg;src=11442981;type=testb0;cat=pagev0;ord=5756060371325.429;~oref=https://promo.libertex.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adservice.google.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-encoding br content-length 85 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 03 Aug 2023 02:06:50 GMT expires Thu, 03 Aug 2023 02:06:50 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	legacy-api.min.js Show response a.omappapi.com/app/js/	106 KB 31 KB	57ms 56ms	Script application/javascript	2400:52e0:1e00::1081:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://a.omappapi.com/app/js/legacy-api.min.js Requested by Host: a.opmnstr.com URL: https://a.opmnstr.com/app/js/api.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1081 / Resource Hash 7fd16f7b8b1eb0cd4721280578f80246ed39976369573ef3b86bb4cff8dee4fa Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:50 GMT content-encoding br cdn-edgestorageid 1080 perma-cache HIT cdn-storageserver DE-168 cdn-cachedat 08/01/2023 22:20:42 cdn-pullzone 293267 last-modified Tue, 04 Jul 2023 00:31:40 GMT server BunnyCDN-DE1-1081 cdn-fileserver 588 cdn-requestpullcode 200 cdn-proxyver 1.04 etag W/"64a3686c-1a7ad" vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid efcab737-66db-4b75-ab55-ed485d5a01dd access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-requestid 97f607aeabc281688af86fc7f839ac22 cdn-requestcountrycode FI access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
POST H2	204	collect region1.analytics.google.com/g/	0 54 B	34ms 33ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-8FE0VJVQNC&gtm=45je37v0&_p=714068435&_gaz=1&gdid=dYmQxMT&cid=2130088229.1691028410&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1691028410&sct=1&seg=0&dl=https%3A%2F%2Fpromo.libertex.org%2Flp%2Fes-lm%2Fcryptominer%2F%3Futm_id%3D4rKF%26utm_campaign%3Dminer%26utm_source%3Dcriptoinforme_libertex%26utm_content%3D728x90%26utm_medium%3Dmedia%26utm_country%3Dlm&dt=Vemos%20Crypto%20en%20tu%20Futuro&en=page_view&_fv=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-8FE0VJVQNC&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Thu, 03 Aug 2023 02:06:50 GMT server Golfe2 content-type text/plain access-control-allow-origin https://promo.libertex.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	collect stats.g.doubleclick.net/g/	0 17 B	65ms 65ms	Ping text/plain	2a00:1450:400c:c03::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8FE0VJVQNC&cid=2130088229.1691028410&gtm=45je37v0&aip=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-8FE0VJVQNC&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400c:c03::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Thu, 03 Aug 2023 02:06:50 GMT server Golfe2 content-type text/plain access-control-allow-origin https://promo.libertex.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.fi/ads/	42 B 107 B	71ms 71ms	Image image/gif	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.fi/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8FE0VJVQNC&cid=2130088229.1691028410&gtm=45je37v0&aip=1&z=1056965604 Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Thu, 03 Aug 2023 02:06:50 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.12.4/	95 KB 34 KB	203ms 60ms	Script text/javascript	2a00:1450:4001:82b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js Requested by Host: a.omappapi.com URL: https://a.omappapi.com/app/js/legacy-api.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 02 Aug 2023 08:01:03 GMT content-encoding gzip x-content-type-options nosniff age 65147 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33951 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Thu, 01 Aug 2024 08:01:03 GMT
GET H2	200	event Show response widget.us.criteo.com/ Redirect Chain https://sslwidget.criteo.com/event?a=%5B101568%2C61968%2C61966%2C101569%2C61967%2C101570%5D&v=5.17.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Ddis&adce=1&bundle=UjCKOV93Y0h3anRjSzMlMkJ1bXpUZiUyRlR2dDE5SnZO... https://widget.us.criteo.com/event?a=%5B101568%2C61968%2C61966%2C101569%2C61967%2C101570%5D&v=5.17.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Ddis&adce=1&bundle=UjCKOV93Y0h3anRjSzMlMkJ1bXpUZiUyRlR2dDE5SnZO...	40 KB 5 KB	466ms 164ms	Script application/x-javascript	74.119.119.150 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://widget.us.criteo.com/event?a=%5B101568%2C61968%2C61966%2C101569%2C61967%2C101570%5D&v=5.17.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Ddis&adce=1&bundle=UjCKOV93Y0h3anRjSzMlMkJ1bXpUZiUyRlR2dDE5SnZOWDR5bVNxbTMlMkYlMkYlMkJpOCUyQlNIcnR3czhaNVM2SHBIUEc1elZYdVlROEpSNEFVWjQlMkIwOCUyQnB5anpQZUZuTlFTUm94MzVka0VnbUpKeHd1TVE3MTNxdUVYQ0hlTnpKSEtFNnQ1M1J6TyUyQmRXb3NVVFVjWFZPeWVEcEhPVHE3Q3lac3clM0QlM0Q&tld=libertex.org&dy=1&fu=https%253A%252F%252Fpromo.libertex.org%252Flp%252Fes-lm%252Fcryptominer%252F%253Futm_id%253D4rKF%2526utm_campaign%253Dminer%2526utm_source%253Dcriptoinforme_libertex%2526utm_content%253D728x90%2526utm_medium%253Dmedia%2526utm_country%253Dlm&ceid=3ff51d13-dc32-4e1f-a6c1-6f1d22c46eff&dtycbr=68909 Requested by Host: promo.libertex.org URL: https://promo.libertex.org/lp/es-lm/cryptominer/?utm_id=4rKF&utm_campaign=miner&utm_source=criptoinforme_libertex&utm_content=728x90&utm_medium=media&utm_country=lm Protocol H2 Server 74.119.119.150 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash c4fdd3d3acee242d292803e7cb66087c62251fad6f0522887de74370c2d7dbbe Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language fi-FI,fi;q=0.9 Referer https://promo.libertex.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Thu, 03 Aug 2023 02:06:51 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; server Kestrel content-type application/x-javascript access-control-allow-origin * p3p NON DSP COR CURa PSA PSD OUR BUS NAV STA cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 31242893 timing-allow-origin * expires 0 Redirect headers pragma no-cache date Thu, 03 Aug 2023 02:06:50 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; server Kestrel access-control-allow-origin * location https://widget.us.criteo.com/event?a=%5B101568%2C61968%2C61966%2C101569%2C61967%2C101570%5D&v=5.17.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Ddis&adce=1&bundle=UjCKOV93Y0h3anRjSzMlMkJ1bXpUZiUyRlR2dDE5SnZOWDR5bVNxbTMlMkYlMkYlMkJpOCUyQlNIcnR3czhaNVM2SHBIUEc1elZYdVlROEpSNEFVWjQlMkIwOCUyQnB5anpQZUZuTlFTUm94MzVka0VnbUpKeHd1TVE3MTNxdUVYQ0hlTnpKSEtFNnQ1M1J6TyUyQmRXb3NVVFVjWFZPeWVEcEhPVHE3Q3lac3clM0QlM0Q&tld=libertex.org&dy=1&fu=https%253A%252F%252Fpromo.libertex.org%252Flp%252Fes-lm%252Fcryptominer%252F%253Futm_id%253D4rKF%2526utm_campaign%253Dminer%2526utm_source%253Dcriptoinforme_libertex%2526utm_content%253D728x90%2526utm_medium%253Dmedia%2526utm_country%253Dlm&ceid=3ff51d13-dc32-4e1f-a6c1-6f1d22c46eff&dtycbr=68909 cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 7649590 timing-allow-origin * content-length 0 expires 0
GET H2	200	sync x.bidswitch.net/ Frame 362E	43 B 146 B	245ms 55ms	Image image/gif	3.66.99.242 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/sync?dsp_id=46&user_id=k-_cF16oe4nk5Fb-CQZmdYKUC5nCQKpVJnomXo4A&expires=30 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.66.99.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-66-99-242.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:51 GMT cache-control no-cache, no-store, must-revalidate content-length 43 content-type image/gif
GET H2	200	cookiematch.aspx dis.criteo.com/dis/rtb/google/ Frame 362E Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-aUSgSIe4nk5Fb-CQZmdYKUC5nCQVlq3CTpKB7g&google_cm&google_hm=ay1hVVNnU0llNG5rNUZiLUNRWm1kWUtVQzVuQ1FWbHEzQ... https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-aUSgSIe4nk5Fb-CQZmdYKUC5nCQVlq3CTpKB7g&google_gid=CAESEBJOoRZxhwG-HFSslc9z6ZA&google_cver=1&google_ula=913071,0	43 B 369 B	57ms 56ms	Image image/gif	178.250.1.9 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-aUSgSIe4nk5Fb-CQZmdYKUC5nCQVlq3CTpKB7g&google_gid=CAESEBJOoRZxhwG-HFSslc9z6ZA&google_cver=1&google_ula=913071,0 Protocol H2 Server 178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Thu, 03 Aug 2023 02:06:51 GMT strict-transport-security max-age=31536000; preload; server Kestrel p3p CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA' content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 613244 timing-allow-origin * expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers pragma no-cache date Thu, 03 Aug 2023 02:06:51 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-aUSgSIe4nk5Fb-CQZmdYKUC5nCQVlq3CTpKB7g&google_gid=CAESEBJOoRZxhwG-HFSslc9z6ZA&google_cver=1&google_ula=913071,0 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 398 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	cookiematch.aspx dis.criteo.com/dis/rtb/appnexus/ Frame 362E Redirect Chain https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5314594787817188162	43 B 369 B	56ms 56ms	Image image/gif	178.250.1.9 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5314594787817188162 Protocol H2 Server 178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Thu, 03 Aug 2023 02:06:51 GMT strict-transport-security max-age=31536000; preload; server Kestrel p3p CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA' content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 932012 timing-allow-origin * expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers pragma no-cache date Thu, 03 Aug 2023 02:06:51 GMT an-x-request-uuid d31591da-7e15-458f-97e4-168c5b59b071 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5314594787817188162 x-proxy-origin 185.204.1.185; 185.204.1.185; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	bounce secure.adnxs.com/ Frame 362E Redirect Chain https://secure.adnxs.com/setuid?entity=52&code=k-mmqlP4e4nk5Fb-CQZmdYKUC5nCSAD6LWEzRI2g https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-mmqlP4e4nk5Fb-CQZmdYKUC5nCSAD6LWEzRI2g	43 B 904 B	57ms 56ms	Image image/gif	185.89.210.46 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-mmqlP4e4nk5Fb-CQZmdYKUC5nCSAD6LWEzRI2g Protocol H2 Server 185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Thu, 03 Aug 2023 02:06:51 GMT an-x-request-uuid 41dbc3ea-0236-4ad4-8d4b-790fe65f8d45 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 185.204.1.185; 185.204.1.185; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Thu, 03 Aug 2023 02:06:51 GMT an-x-request-uuid 566a7b7d-737d-4188-a29e-186ec8d9dcfa server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 location https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-mmqlP4e4nk5Fb-CQZmdYKUC5nCSAD6LWEzRI2g cache-control no-store, no-cache, private x-proxy-origin 185.204.1.185; 185.204.1.185; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	cksync.php contextual.media.net/ Frame 362E	61 B 791 B	266ms 83ms	Image image/gif	184.30.20.22 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-RpcrrIe4nk5Fb-CQZmdYKUC5nCQkCt-xGZtrcw Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-30-20-22.deploy.static.akamaitechnologies.com Software Apache / Resource Hash cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000 date Thu, 03 Aug 2023 02:06:51 GMT server Apache p3p CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA content-type image/gif cache-control max-age=0, no-cache, no-store content-length 61 x-mnet-hl2 E expires Thu, 03 Aug 2023 02:06:51 GMT
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Frame 362E	0 239 B	243ms 56ms	Image image/gif	69.173.144.165 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-OXWUW4e4nk5Fb-CQZmdYKUC5nCTVyoFfgm01lA&expires=30 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate X-RPHost a66cbf3142c6ef39e3614b84a34262cf P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	204	v1 match.sharethrough.com/sync/ Frame 362E	0 35 B	235ms 52ms	Image text/plain	3.125.84.164 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-ImfxtIe4nk5Fb-CQZmdYKUC5nCQfIF6d3b7wRw Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.125.84.164 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-125-84-164.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:51 GMT
GET H/1.1	200 OK	/ rtb-csync.smartadserver.com/redir/ Frame 362E	43 B 163 B	318ms 66ms	Image image/gif	185.86.138.154 SMARTADSERVER
General Check archive.org Show headers Download Go to Show image Full URL https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-tDdAhoe4nk5Fb-CQZmdYKUC5nCTKosTqg9OikA Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR), Reverse DNS Software / Resource Hash 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7 Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:50 GMT transfer-encoding chunked content-type image/gif
GET H2	200	/ sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 362E	0 99 B	224ms 59ms	Image text/plain	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-ePFr3Ye4nk5Fb-CQZmdYKUC5nCQhOdJ3m-ERSg Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:51 GMT access-control-allow-credentials true server nginx x-fastly-to-nlb-rtt 56142
GET H2	200	um criteo-sync.teads.tv/ Frame 362E	23 B 163 B	272ms 80ms	Image image/gif	23.192.153.28 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://criteo-sync.teads.tv/um?eid=80&uid=k-zTHEO4e4nk5Fb-CQZmdYKUC5nCSuv4HHr9WzxQ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.192.153.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-192-153-28.deploy.static.akamaitechnologies.com Software akka-http/10.2.10 / Resource Hash 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7 Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers expires Thu, 03 Aug 2023 02:06:51 GMT pragma no-cache date Thu, 03 Aug 2023 02:06:51 GMT cache-control max-age=0, no-cache, no-store server akka-http/10.2.10 content-length 23 content-type image/gif
GET H2	200	xuid eb2.3lift.com/ Frame 362E	37 B 140 B	147ms 54ms	Image image/gif	13.248.245.213 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/xuid?mid=2711&xuid=k-oDPbsYe4nk5Fb-CQZmdYKUC5nCTRvCjsHdkm0Q&dongle=013b Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.248.245.213 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a0f671730127a0812.awsglobalaccelerator.com Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:51 GMT cache-control no-cache, no-store, must-revalidate content-length 37 content-type image/gif
GET H2	204	sync ups.analytics.yahoo.com/ups/58301/ Frame 362E	0 125 B	234ms 56ms	Image text/plain	3.75.62.37 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-D6WyzYe4nk5Fb-CQZmdYKUC5nCQibhx3ynJi9g Protocol H2 Security TLS 1.3, , AES_256_GCM Server 3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-75-62-37.eu-central-1.compute.amazonaws.com Software ATS/9.1.10.64 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:51 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.64 age 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H2	200	pixel cm.adform.net/ Frame 362E	43 B 163 B	160ms 44ms	Image image/gif	37.157.6.233 ADFORM
General Check archive.org Show headers Download Go to Show image Full URL https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-W1fI9Ie4nk5Fb-CQZmdYKUC5nCS8AS7VGREaEQ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.6.233 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:51 GMT last-modified Mon, 14 Nov 2022 09:52:50 GMT server nginx accept-ranges bytes etag "63720ff2-2b" content-length 43 content-type image/gif
GET H2	200	sync visitor.omnitagjs.com/visitor/ Frame 362E	49 B 341 B	216ms 67ms	Image image/gif	185.255.84.153 IGUANE-
General Check archive.org Show headers Download Go to Show image Full URL https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-csaaDIe4nk5Fb-CQZmdYKUC5nCR8fQDRzXfBZw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.255.84.153 , France, ASN200271 (IGUANE-, FR), Reverse DNS Software ayl-lb-fra02 / Resource Hash d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Thu, 03 Aug 2023 02:06:51 GMT x-content-type-options nosniff server ayl-lb-fra02 vary Accept-Encoding p3p CP="CAO PSA OUR" content-type image/gif cache-control no-cache, no-store, must-revalidate x-envoy-upstream-service-time 3 content-length 49 expires 0
GET H/1.1	200 OK	rum r.casalemedia.com/ Frame 362E Redirect Chain https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-eqbpPoe4nk5Fb-CQZmdYKUC5nCQnGWGKrhs-Lg https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-eqbpPoe4nk5Fb-CQZmdYKUC5nCQnGWGKrhs-Lg&C=1	43 B 766 B	59ms 55ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-eqbpPoe4nk5Fb-CQZmdYKUC5nCQnGWGKrhs-Lg&C=1 Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers Pragma no-cache Date Thu, 03 Aug 2023 02:06:52 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=499 Content-Length 43 Expires 0 Redirect headers Pragma no-cache Date Thu, 03 Aug 2023 02:06:51 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location /rum?cm_dsp_id=20&external_user_id=k-eqbpPoe4nk5Fb-CQZmdYKUC5nCQnGWGKrhs-Lg&C=1 Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=500 Content-Length 0 Expires 0
GET H/1.1	200 OK	demconf.jpg dpm.demdex.net/ Frame 362E Redirect Chain https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 https://dpm.demdex.net/ibs:dpid=28645&dpuuid=N7lF6C5wmfoJV0d42bOfxM_-Key3i1ah https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=N7lF6C5wmfoJV0d42bOfxM_-Key3i1ah	42 B 942 B	76ms 75ms	Image image/gif	34.251.218.113 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=N7lF6C5wmfoJV0d42bOfxM_-Key3i1ah Protocol HTTP/1.1 Server 34.251.218.113 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-251-218-113.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers DCS dcs-prod-irl1-1-v050-02e2ff31f.edge-irl1.demdex.com 1 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID HWnf+a0bT4s= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Content-Type image/gif Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers DCS dcs-prod-irl1-1-v050-0a2868ca3.edge-irl1.demdex.com 0 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID a4gg2/loTrs= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Location https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=N7lF6C5wmfoJV0d42bOfxM_-Key3i1ah Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H/1.1	200	9.gif id5-sync.com/s/966/ Frame 362E	43 B 1 KB	216ms 65ms	Image image/gif	162.19.138.118 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://id5-sync.com/s/966/9.gif?puid=k-NQvujoe4nk5Fb-CQZmdYKUC5nCTC1WgjjENriw Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR), Reverse DNS ns31533569.ip-162-19-138.eu Software / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers content-type image/gif;charset=UTF-8 date Thu, 03 Aug 2023 02:06:51 GMT strict-transport-security max-age=63072000; includeSubDomains; preload vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers transfer-encoding chunked p3p CP="CAO PSA OUR"
GET H2	200	match ad.360yield.com/ul_cb/ Frame 362E Redirect Chain https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-9w3asoe4nk5Fb-CQZmdYKUC5nCQ1GvzRe-M3uA https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-9w3asoe4nk5Fb-CQZmdYKUC5nCQ1GvzRe-M3uA	43 B 447 B	77ms 76ms	Image image/gif	54.194.151.158 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-9w3asoe4nk5Fb-CQZmdYKUC5nCQ1GvzRe-M3uA Protocol H2 Server 54.194.151.158 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-194-151-158.eu-west-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers access-control-allow-origin * date Thu, 03 Aug 2023 02:06:52 GMT content-type image/gif content-length 43 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Redirect headers location https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-9w3asoe4nk5Fb-CQZmdYKUC5nCQ1GvzRe-M3uA access-control-allow-origin * date Thu, 03 Aug 2023 02:06:52 GMT content-type text/plain content-length 0 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
GET H2	200	sync matching.ivitrack.com/ Frame 362E	42 B 274 B	145ms 65ms	Image image/gif	34.117.157.22 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://matching.ivitrack.com/sync?realm=criteo&uid=k-w2xp24e4nk5Fb-CQZmdYKUC5nCSZ0tbG25-qbg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 22.157.117.34.bc.googleusercontent.com Software istio-envoy / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:51 GMT x-envoy-decorator-operation tag-manager.programmatic.svc.cluster.local:3000/* via 1.1 google server istio-envoy content-type image/gif cache-control public, max-age=86400 x-envoy-upstream-service-time 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42
GET H2	200	push exchange.mediavine.com/usersync/ Frame 362E	0 883 B	186ms 55ms	Image text/html	52.58.161.8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-dO-AO4e4nk5Fb-CQZmdYKUC5nCR15JyNAVwaZQ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.58.161.8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-58-161-8.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:51 GMT cache-control private, no-cache access-control-allow-credentials true content-encoding gzip vary Origin, Accept-Encoding content-type text/html; charset=utf-8
GET H/1.1	200 OK	cookie-sync sync.outbrain.com/ Frame 362E	0 145 B	534ms 133ms	Image text/plain	70.42.32.63 AS-OUTBRAIN
General Check archive.org Show headers Download Go to Show image Full URL https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-cKZKxoe4nk5Fb-CQZmdYKUC5nCSq1kA6W7v98Q&initiator=partner Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US), Reverse DNS ny.outbrain.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers Date Thu, 03 Aug 2023 02:06:52 GMT Cache-Control no-cache X-TraceId a5120372d0fb3cf0e64d2edefea29fe6 Content-Length 0
GET H2	200	Pug simage2.pubmatic.com/AdServer/ Frame 362E	42 B 582 B	194ms 58ms	Image image/gif	198.47.127.205 GTT-BACKBONE GTT
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-53WdCYe4nk5Fb-CQZmdYKUC5nCSsMGS7spNjZA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers content-type image/gif; charset=utf-8 date Thu, 03 Aug 2023 02:06:50 GMT cache-control no-store, no-cache, private server nginx content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H2	200	sync criteo-partners.tremorhub.com/ Frame 362E	43 B 400 B	451ms 145ms	Image image/gif	2600:1f18:612b:4280:deca:219:b07a:54cc AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://criteo-partners.tremorhub.com/sync?UICR=k-3bf9RIe4nk5Fb-CQZmdYKUC5nCRwamNQXNyVHQ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:612b:4280:deca:219:b07a:54cc Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/' date Thu, 03 Aug 2023 02:06:52 GMT server nginx content-type image/gif
GET H/1.1	204 No Content	m ad.yieldlab.net/ Frame 362E	0 235 B	191ms 64ms	Image text/plain	184.30.17.243 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-P5lSuYe4nk5Fb-CQZmdYKUC5nCQcdGxTVmO27w Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 184.30.17.243 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-30-17-243.deploy.static.akamaitechnologies.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers Pragma no-cache Date Thu, 03 Aug 2023 02:06:52 GMT Cache-Control no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0 Connection keep-alive Expires Wed, 02 Aug 2023 02:06:52 GMT
GET H2	200	sync sync-criteo.ads.yieldmo.com/ Frame 362E	0 38 B	249ms 74ms	Image text/plain	34.250.36.253 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync-criteo.ads.yieldmo.com/sync?id=k-mQXVzYe4nk5Fb-CQZmdYKUC5nCS9cGJawgF89Q&pn_id=criteo&ext=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.250.36.253 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-250-36-253.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:52 GMT content-length 0
GET H2	204	put e1.emxdgt.com/ Frame 362E	0 44 B	190ms 56ms	Image text/plain	18.184.162.173 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://e1.emxdgt.com/put?d=d53&uid=k-MUgP64e4nk5Fb-CQZmdYKUC5nCQHOmdgkbC9Yw Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.184.162.173 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-184-162-173.eu-central-1.compute.amazonaws.com Software awselb/2.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 03 Aug 2023 02:06:52 GMT server awselb/2.0
GET H2	204	usermatch.gif beacon.krxd.net/ Frame 362E Redirect Chain https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Lb47rSoxHv1HGZhRRq4iqPEaS2KdpEEn	0 337 B	236ms 73ms	Image text/plain	52.31.154.19 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Lb47rSoxHv1HGZhRRq4iqPEaS2KdpEEn Protocol H2 Server 52.31.154.19 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-31-154-19.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers x-served-by beacon-n004-dub-prod.krxd.net date Thu, 03 Aug 2023 02:06:52 GMT cache-control private, no-cache, no-store x-request-time D=36 t=1691028412 p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers location https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Lb47rSoxHv1HGZhRRq4iqPEaS2KdpEEn date Thu, 03 Aug 2023 02:06:51 GMT cache-control private, max-age=0, no-cache, no-store, must-revalidate strict-transport-security max-age=31536000; preload; server Kestrel server-processing-duration-in-ticks 649451 content-length 0
GET H2	200	cs s.thebrighttag.com/ Frame 362E Redirect Chain https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=KnoqjhlhaoVR7bWuLTTf5Ypr91Dw8xQz	35 B 268 B	510ms 152ms	Image image/gif	3.23.201.151 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=KnoqjhlhaoVR7bWuLTTf5Ypr91Dw8xQz Protocol H2 Server 3.23.201.151 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-23-201-151.us-east-2.compute.amazonaws.com Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Thu, 03 Aug 2023 02:06:52 GMT x-bt-requestid 69fd6060-31a2-11ee-ac87-0000ac1702e3 server nginx content-type image/gif access-control-allow-origin p3p CP=NOI DSP COR NID cache-control private, must-revalidate content-length 35 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers location https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=KnoqjhlhaoVR7bWuLTTf5Ypr91Dw8xQz date Thu, 03 Aug 2023 02:06:51 GMT cache-control private, max-age=0, no-cache, no-store, must-revalidate strict-transport-security max-age=31536000; preload; server Kestrel server-processing-duration-in-ticks 603611 content-length 0
POST		collect region1.analytics.google.com/g/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

region1.analytics.google.com

URL

https://region1.analytics.google.com/g/collect?v=2&tid=G-GGPG0HTS88&gtm=45je37v0&_p=714068435&gdid=dYmQxMT&cid=2130088229.1691028410&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1691028410&sct=1&seg=0&dl=https%3A%2F%2Fpromo.libertex.org%2Flp%2Fes-lm%2Fcryptominer%2F%3Futm_id%3D4rKF%26utm_campaign%3Dminer%26utm_source%3Dcriptoinforme_libertex%26utm_content%3D728x90%26utm_medium%3Dmedia%26utm_country%3Dlm&dt=Vemos%20Crypto%20en%20tu%20Futuro&en=view&_ee=1&ep.visitor_id=0189b925ce130020c23f0d2cc12c0307400a406c00b08&ep.page_system=promo&_et=4