promo.libertex.com Open in urlscan Pro
2606:4700::6810:245a Public Scan

Go To Rescan
Add Verdict Report

URL:
https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
Submission: On April 29 via manual (April 29th 2023, 5:50:28 pm UTC) from DE — Scanned from DE

Summary HTTP 164 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 67 IPs in 10 countries across 52 domains to perform 164 HTTP transactions. The main IP is 2606:4700::6810:245a, located in United States and belongs to CLOUDFLARENET, US. The main domain is promo.libertex.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 3rd 2022. Valid for: a year.

This is the only time promo.libertex.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
34	2606:4700::68... 2606:4700::6810:245a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
20	2600:9000:223... 2600:9000:223e:9400:7:2bfb:7c00:93a1	16509 (AMAZON-02) (AMAZON-02)
7	52.222.236.107 52.222.236.107	16509 (AMAZON-02) (AMAZON-02)
1	52.222.232.144 52.222.232.144	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:65b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3 7	2600:9000:225... 2600:9000:2250:1e00:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a04:4e42:400... 2a04:4e42:400::300	54113 (FASTLY) (FASTLY)
1	2a02:2638:d::10 2a02:2638:d::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
2	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
1	199.232.148.157 199.232.148.157	54113 (FASTLY) (FASTLY)
1	18.66.97.49 18.66.97.49	16509 (AMAZON-02) (AMAZON-02)
3	2400:52e0:1e0... 2400:52e0:1e00::865:1	200325 (BUNNYCDN) (BUNNYCDN)
2	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2.16.187.106 2.16.187.106	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.212.156.36 52.212.156.36	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:e933	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 5	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	52.222.236.122 52.222.236.122	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	2a05:d018:cc3... 2a05:d018:cc3:fe04:d73f:ab6c:26b5:4cd1	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.59 18.66.112.59	16509 (AMAZON-02) (AMAZON-02)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
2	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	18.66.112.19 18.66.112.19	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1 2	18.159.144.147 18.159.144.147	16509 (AMAZON-02) (AMAZON-02)
1 1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	3.68.153.114 3.68.153.114	16509 (AMAZON-02) (AMAZON-02)
1	185.86.138.152 185.86.138.152	201081 (SMARTADSE...) (SMARTADSERVER)
3	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	104.111.217.42 104.111.217.42	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1	37.157.6.247 37.157.6.247	198622 (ADFORM) (ADFORM)
1	185.255.84.152 185.255.84.152	200271 (IGUANE-) (IGUANE-)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 2	52.51.141.47 52.51.141.47	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
1 2	54.155.103.238 54.155.103.238	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.29.12.165 52.29.12.165	16509 (AMAZON-02) (AMAZON-02)
1	64.202.112.159 64.202.112.159	23352 (SERVERCEN...) (SERVERCENTRAL)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2600:1f18:612... 2600:1f18:612b:4232:7cbe:f340:efa9:d727	14618 (AMAZON-AES) (AMAZON-AES)
1	23.209.16.125 23.209.16.125	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.19.147.161 52.19.147.161	16509 (AMAZON-02) (AMAZON-02)
1	54.246.64.138 54.246.64.138	16509 (AMAZON-02) (AMAZON-02)
1	18.189.115.252 18.189.115.252	16509 (AMAZON-02) (AMAZON-02)
164	67

34 2606:4700::6810:245a (United States)

ASN13335 (CLOUDFLARENET, US)

promo.libertex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lib.libertex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2600:9000:223e:9400:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.222.236.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-107.fra56.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.232.144 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-232-144.fra56.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:65b (United States)

ASN13335 (CLOUDFLARENET, US)

api-account.libertex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-geo.libertex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:2250:1e00:6:9280:1080:93a1 (United States) 3 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

11442981.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.148.157 (Amsterdam, Netherlands)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-49.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2400:52e0:1e00::865:1 (Germany)

ASN200325 (BUNNYCDN, SI)

a.opmnstr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.16.187.106 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-187-106.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.156.36 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-156-36.eu-west-1.compute.amazonaws.com

tealium-proxy.libertex.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:e933 (United States)

ASN13335 (CLOUDFLARENET, US)

quote.fxclub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gaterest.fxclub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::c (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-122.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe04:d73f:ab6c:26b5:4cd1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-59.fra56.r.cloudfront.net

api.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-19.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.159.144.147 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-144-147.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.85 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.52 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.68.153.114 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-153-114.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.152 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.217.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.247 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.152 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.51.141.47 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-141-47.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.155.103.238 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-103-238.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.12.165 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-12-165.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.159 (Chicago, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:7cbe:f340:efa9:d727 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.209.16.125 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-209-16-125.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.19.147.161 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-147-161.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.246.64.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-64-138.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.189.115.252 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-189-115-252.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	libertex.com promo.libertex.com lib.libertex.com api-account.libertex.com api-geo.libertex.com	1 MB
20	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1219	76 KB
10	criteo.com 4 redirects dynamic.criteo.com — Cisco Umbrella Rank: 3191 gum.criteo.com — Cisco Umbrella Rank: 442 mug.criteo.com — Cisco Umbrella Rank: 1686 sslwidget.criteo.com — Cisco Umbrella Rank: 1930 dis.criteo.com — Cisco Umbrella Rank: 941	29 KB
8	taboola.com trc.taboola.com — Cisco Umbrella Rank: 839 cdn.taboola.com — Cisco Umbrella Rank: 1073 sync-t1.taboola.com — Cisco Umbrella Rank: 1472 trc-events.taboola.com — Cisco Umbrella Rank: 2128	21 KB
8	adroll.com 3 redirects s.adroll.com — Cisco Umbrella Rank: 3473 d.adroll.com — Cisco Umbrella Rank: 1979	26 KB
7	trustpilot.com widget.trustpilot.com — Cisco Umbrella Rank: 4411	33 KB
5	doubleclick.net 2 redirects 11442981.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 166 cm.g.doubleclick.net — Cisco Umbrella Rank: 313	2 KB
5	gstatic.com fonts.gstatic.com	79 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 319 secure.adnxs.com — Cisco Umbrella Rank: 604	4 KB
4	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 794	102 KB
3	google.de www.google.de — Cisco Umbrella Rank: 3425 adservice.google.de — Cisco Umbrella Rank: 5261	1 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 130 www.google.com — Cisco Umbrella Rank: 16	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91	21 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 189	91 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 812	878 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 277	2 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1838	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 427	878 B
2	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1442 ups.analytics.yahoo.com — Cisco Umbrella Rank: 402	1 KB
2	omappapi.com a.omappapi.com — Cisco Umbrella Rank: 6713 api.omappapi.com — Cisco Umbrella Rank: 7080	4 KB
2	fxclub.com quote.fxclub.com gaterest.fxclub.com	6 KB
2	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 5046	2 KB
2	opmnstr.com a.opmnstr.com — Cisco Umbrella Rank: 30276	25 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 899 script.hotjar.com — Cisco Umbrella Rank: 1171	72 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 631	7 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119 ajax.googleapis.com — Cisco Umbrella Rank: 607	32 KB
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 2576	268 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 807	338 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2613	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 3632	400 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2806	399 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 976	580 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 987	145 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1620	886 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 2879	274 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 612	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 1151	235 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1622	163 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 535	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2185	172 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 774	163 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 777	357 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 447	239 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 838	802 B
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2948	259 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	185 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 912	395 B
1	t.co t.co — Cisco Umbrella Rank: 584	378 B
1	libertex.org tealium-proxy.libertex.org — Cisco Umbrella Rank: 570845	19 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 964	15 KB
1	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 805	261 B
1	cloudfront.net d3e54v103j8qbb.cloudfront.net	31 KB
164	52

	Domain	Requested by
31	promo.libertex.com	promo.libertex.com
20	tags.tiqcdn.com	promo.libertex.com tags.tiqcdn.com
7	s.adroll.com	3 redirects tags.tiqcdn.com promo.libertex.com
7	widget.trustpilot.com	promo.libertex.com widget.trustpilot.com
5	gum.criteo.com	4 redirects dynamic.criteo.com
5	fonts.gstatic.com	fonts.googleapis.com
4	analytics.tiktok.com	tags.tiqcdn.com analytics.tiktok.com
4	trc.taboola.com	promo.libertex.com cdn.taboola.com
3	www.google-analytics.com	tags.tiqcdn.com www.google-analytics.com
3	connect.facebook.net	tags.tiqcdn.com connect.facebook.net
3	lib.libertex.com	promo.libertex.com lib.libertex.com
2	trc-events.taboola.com	cdn.taboola.com
2	ad.360yield.com	1 redirects
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	secure.adnxs.com	1 redirects
2	ib.adnxs.com	2 redirects
2	dis.criteo.com
2	x.bidswitch.net	1 redirects
2	www.google.de	promo.libertex.com
2	www.google.com	promo.libertex.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	dev.visualwebsiteoptimizer.com	tags.tiqcdn.com promo.libertex.com
2	a.opmnstr.com	tags.tiqcdn.com a.opmnstr.com
2	11442981.fls.doubleclick.net	1 redirects tags.tiqcdn.com
2	s.yimg.com	tags.tiqcdn.com s.yimg.com
1	s.thebrighttag.com
1	beacon.krxd.net
1	gaterest.fxclub.com	lib.libertex.com
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	criteo-partners.tremorhub.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	ups.analytics.yahoo.com
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	contextual.media.net
1	cm.g.doubleclick.net	1 redirects
1	adservice.google.de	adservice.google.com
1	sslwidget.criteo.com	dynamic.criteo.com
1	adservice.google.com	11442981.fls.doubleclick.net
1	vc.hotjar.io	script.hotjar.com
1	www.facebook.com	promo.libertex.com
1	mug.criteo.com	promo.libertex.com
1	sp.analytics.yahoo.com	promo.libertex.com
1	api.omappapi.com	a.opmnstr.com
1	a.omappapi.com	a.opmnstr.com
1	d.adroll.com	s.adroll.com
1	analytics.twitter.com	promo.libertex.com
1	t.co	promo.libertex.com
1	script.hotjar.com	static.hotjar.com
1	api-geo.libertex.com	lib.libertex.com
1	quote.fxclub.com	lib.libertex.com
1	tealium-proxy.libertex.org	promo.libertex.com
1	static.hotjar.com	tags.tiqcdn.com
1	static.ads-twitter.com	tags.tiqcdn.com
1	insight.adsrvr.org	promo.libertex.com
1	cdn.taboola.com	tags.tiqcdn.com
1	dynamic.criteo.com	tags.tiqcdn.com
1	api-account.libertex.com	lib.libertex.com
1	ajax.googleapis.com	promo.libertex.com
1	d3e54v103j8qbb.cloudfront.net	promo.libertex.com
1	fonts.googleapis.com	promo.libertex.com
164	73

This site contains links to these domains. Also see Links.

Domain
app.libertex.com
app.adjust.com
tps
twitter.com
www.instagram.com
www.youtube.com
www.linkedin.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M01	`2023-04-18` - `2024-05-17`	a year	crt.sh
*.trustpilot.com Amazon RSA 2048 M02	`2023-02-02` - `2024-03-02`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-06` - `2023-05-07`	3 months	crt.sh
s.adroll.com Amazon RSA 2048 M02	`2023-02-24` - `2023-08-01`	5 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-10` - `2023-05-31`	2 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
a.opmnstr.com R3	`2023-04-12` - `2023-07-11`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2022-07-04` - `2023-08-05`	a year	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2023-03-13` - `2024-04-12`	a year	crt.sh
tealium-proxy.libertex.org Amazon RSA 2048 M02	`2023-02-09` - `2023-10-05`	8 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2022-11-08` - `2023-12-07`	a year	crt.sh
a.omappapi.com R3	`2023-04-12` - `2023-07-11`	3 months	crt.sh
api.opmnstr.com Amazon RSA 2048 M01	`2023-03-01` - `2024-02-08`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-01-03` - `2023-06-28`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M02	`2023-02-10` - `2023-08-12`	6 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
teads.tv R3	`2023-02-21` - `2023-05-22`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-21` - `2023-08-16`	6 months	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
itm.ivitrack.com R3	`2023-04-04` - `2023-07-03`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M01	`2023-02-11` - `2023-08-04`	6 months	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2022-11-06` - `2023-11-28`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
Frame ID: 64C2EA13CAEE86969E3BCA129687EEE3
Requests: 128 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/index.html?templateId=5419b732fbfb950b10de65e5&businessunitId=5a1e8d6b0000ff0005b1ddbc
Frame ID: F0BAAD5C525E515C3AF35F0CD1A47C8F
Requests: 6 HTTP requests in this frame

Frame: https://11442981.fls.doubleclick.net/activityi;dc_pre=CMjUrMrTz_4CFRWYmgodarcETQ;src=11442981;type=testb0;cat=pagev0;ord=4274851634129.6836
Frame ID: 5F1E83A5E31502B14D0A8E6D91CA3883
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=promo.libertex.com&origin=onetag
Frame ID: 782AE20907C03B967C94EAA9C6B71D91
Requests: 2 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CMjUrMrTz_4CFRWYmgodarcETQ;src=11442981;type=testb0;cat=pagev0;ord=4274851634129.6836;~oref=https://promo.libertex.com/
Frame ID: 20E65BAC056E2FE6A7CB683454CB265B
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CMjUrMrTz_4CFRWYmgodarcETQ;src=11442981;type=testb0;cat=pagev0;ord=4274851634129.6836;~oref=https://promo.libertex.com/
Frame ID: B5519018D0DF0A06F243D9097AEC36E0
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-s0oMs29YkPmGoRA64TPfToBBx9c2RtmUBX899g&expires=30
Frame ID: 0A461F320EBBD552BEA83781AA40E0CE
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Libertex

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

164
Requests

85 %
HTTPS

34 %
IPv6

52
Domains

73
Subdomains

67
IPs

10
Countries

2186 kB
Transfer

4389 kB
Size

64
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://app.libertex.com/docs/de/privacy-and-cookies-policy.pdf
Title: Richtlinie zum Datenschutz und zu Cookies

Search URL Search Domain Scan URL

URL: https://app.libertex.com/docs/de/list-of-documents.pdf
Title: Allgemeinen Geschäftsbedingungen

Search URL Search Domain Scan URL

URL: https://app.adjust.com/s7pcyi_ut5lu2

Search URL Search Domain Scan URL

URL: https://app.adjust.com/9g14ljc

Search URL Search Domain Scan URL

URL: http://tps//www.facebook.com/Libertex.EU/

Search URL Search Domain Scan URL

URL: https://twitter.com/libertex_europe

Search URL Search Domain Scan URL

URL: https://www.instagram.com/libertex_official/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC3bsfQMKbfXxIRup8IRM-dw

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/libertex-group

Search URL Search Domain Scan URL

URL: https://app.libertex.com/docs/en/risk-disclosure-and-warnings-notice.pdf?_ga=2.45108132.1607792156.1617179538-999124008.1579601602
Title: Bitte klicken Sie hier

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70

https://11442981.fls.doubleclick.net/activityi;src=11442981;type=testb0;cat=pagev0;ord=4274851634129.6836 HTTP 302
https://11442981.fls.doubleclick.net/activityi;dc_pre=CMjUrMrTz_4CFRWYmgodarcETQ;src=11442981;type=testb0;cat=pagev0;ord=4274851634129.6836

Request Chain 80

https://s.adroll.com/j/exp/OR5H43ADMZATTDCWITJL2J/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 81

https://s.adroll.com/j/pre/OR5H43ADMZATTDCWITJL2J/YNLTJWUPKRGUFI3K3AH2ZC/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 82

https://s.adroll.com/j/pre/OR5H43ADMZATTDCWITJL2J/YNLTJWUPKRGUFI3K3AH2ZC/index.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 115

https://gum.criteo.com/sid/json?origin=onetag&domain=libertex.com&sn=ChromeSyncframe&so=0&topUrl=promo.libertex.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=2e6HW3wxdmMyekxNY2lhMjh2Qm81U29oV0FxL2VBUUk0OUVDZDRrVDZlR3JLUnJzSWpiYThvRC9WaHkwQStycjc1Sk1jb3poWU0waThVOEpsM3hoMzhtTnUyN2w1dEVXQWdBWDVnQTlCeWlnYlVZZnFEYitXNTJxdVJjV3B0c0xjTUtTbFJzdWZRVE8vaFQyaDByS2VZMjhpcFk0ckkrelg0M3hFYXhwN1FJNUJuZUdDdFpZL2dlWnpmbnYrSmo0S3NUckVObzMwalJLTHVEVHpxSVI4RTQrWUxxU3liMlZNYlZicEpPN29hS2lzcFh2c3RKVXBuaGFkN1JYWG80RzRuSVgzMkxNTSs2N1JxR1JrREFueGx0cUFvdz09fA&cppv=2

Request Chain 130

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-s0oMs29YkPmGoRA64TPfToBBx9c2RtmUBX899g&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-s0oMs29YkPmGoRA64TPfToBBx9c2RtmUBX899g&expires=30

Request Chain 131

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-ZSYwmm9YkPmGoRA64TPfToBBx9e-O3fVQcLhZw&google_cm&google_hm=ay1aU1l3bW05WWtQbUdvUkE2NFRQZlRvQkJ4OWUtTzNmVlFjTGhadw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-ZSYwmm9YkPmGoRA64TPfToBBx9e-O3fVQcLhZw&google_gid=CAESEDauKCPnQDRs6Wyw2qlMr2w&google_cver=1&google_ula=913071,0

Request Chain 132

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8157583201659426659

Request Chain 133

https://secure.adnxs.com/setuid?entity=52&code=k-noyvBG9YkPmGoRA64TPfToBBx9c_f33JzpJVUg HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-noyvBG9YkPmGoRA64TPfToBBx9c_f33JzpJVUg

Request Chain 144

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-WVedy29YkPmGoRA64TPfToBBx9frUnMG_s76bg HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-WVedy29YkPmGoRA64TPfToBBx9frUnMG_s76bg&C=1

Request Chain 145

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=1YZqfTUuMODooZN1-1zl6LCF5zB3-QxN HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=1YZqfTUuMODooZN1-1zl6LCF5zB3-QxN

Request Chain 147

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-K-eWq29YkPmGoRA64TPfToBBx9dBddx9FW6EXA HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-K-eWq29YkPmGoRA64TPfToBBx9dBddx9FW6EXA

Request Chain 161

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=kN4WtycLmQ5ky0HWmSqKlYmDQvXcuoaS

Request Chain 162

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=ARpwW7mwv9-cBf8fn8H6asotki1ktBma

164 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
promo.libertex.com/lp/de-de/shares/ 32 KB
8 KB 128ms
79ms Document
text/html 2606:4700::6810:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78d445e911744ede91e813739998f0d5055f09b25bd5e81cf110ccd89089b027

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7bf9630b7ef89107-FRA
content-encoding: br
content-type: text/html
date: Sat, 29 Apr 2023 17:50:22 GMT
last-modified: Fri, 28 Apr 2023 16:04:22 GMT
server: cloudflare
vary: Accept-Encoding
x-amz-id-2: 0JjWz1bbA+kaSeNEBeju4VoReV/pcfs0/7abnQR8ectdkV9dfVdi03zq2TFbajNtE2l88Z8G1H4=
x-amz-request-id: 43RMYSNDV5PNPC39

GET
H2 200 normalize.css
promo.libertex.com/lp/de-de/shares/css/ 8 KB
3 KB 139ms
138ms Stylesheet
text/css 2606:4700::6810:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promo.libertex.com/lp/de-de/shares/css/normalize.css
Requested by: Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c4a6fe64efc5d07833c35af9630d0f9b3d4d09a63f9358e441374e9102c9e81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Apr 2023 16:04:21 GMT
server: cloudflare
x-amz-request-id: 43RK7PQMFV1RP9RM
etag: W/"4951cc88307c632cf285d3ba988ab283"
vary: Accept-Encoding
content-type: text/css
cf-ray: 7bf9630c0f7c9107-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 5l/oiaJDyS9tJ+Fno3qTiOPhEn+1UFkFXTdfXeVnuhlCicaO5YTHqofRU8WvUeV3sUURWmdsgek=

GET
H2 200 components.css
promo.libertex.com/lp/de-de/shares/css/ 38 KB
10 KB 62ms
62ms Stylesheet
text/css 2606:4700::6810:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promo.libertex.com/lp/de-de/shares/css/components.css
Requested by: Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7deeee24b8c80bcca6c1c3ba09aaf3811aa99f88028732f2fce9e31e83a435f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Apr 2023 16:04:21 GMT
server: cloudflare
x-amz-request-id: 43RK5CC3ZR1W8MDB
etag: W/"1abf187626b86686f4810b05cc0e2433"
vary: Accept-Encoding
content-type: text/css
cf-ray: 7bf9630bff799107-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: v9hilLgGOwpQJKSTmWvh7OEWbNr9+mzzBZo7hYNDFVRMynBjMrKmlzg4YyaVzE1X/vtv4o4OfPU=

GET
H2 200 top-instruments-a-shares.css
promo.libertex.com/lp/de-de/shares/css/ 56 KB
9 KB 74ms
73ms Stylesheet
text/css 2606:4700::6810:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promo.libertex.com/lp/de-de/shares/css/top-instruments-a-shares.css?v2
Requested by: Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64169df3c52aa3235aa9bdfb145b23b36cded28a00eeacf80ab06f040ee8224a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Apr 2023 16:04:21 GMT
server: cloudflare
x-amz-request-id: 43RN3JDHQ0NE6AAA
etag: W/"0595cab4e092a9f3dbad64f34d49cae4"
vary: Accept-Encoding
content-type: text/css
cf-ray: 7bf9630bff7b9107-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 42v3WENrxFgPioJEIFKWuooigifepC/KDbDwXTlCckEIQiUyIr4VPjrMu6R3KqB+Q2v2w2tCV1Y=

GET
H2 200 css2
fonts.googleapis.com/ 27 KB
2 KB 122ms
44ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9fc14db76db260c7adb8ded4495b5fb3574507e0312553c3e43724e75c5b21c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 29 Apr 2023 17:50:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 29 Apr 2023 17:35:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 29 Apr 2023 17:50:22 GMT

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/fxclub/main/prod/ 109 B
550 B 118ms
8ms Script
application/javascript 2600:9000:223e:9400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.sync.js
Requested by: Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:9400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1db2de7a938ff4e3c33259309a5d42760407eaf524ddf7c01e20235234f9e14e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: 0fgig93nMldS2fyGbSCu0rODVDMF78cS
date: Sat, 29 Apr 2023 17:47:31 GMT
via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 178
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 109
last-modified: Tue, 25 Apr 2023 08:29:20 GMT
server: AmazonS3
etag: "34ef01cbaf0d229fb1ccfa9c58442799"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: PRBwlv42TNw-oycPd5GfI3luLQlfLBTEM3OVDqpfzQYLzc7dy7KLBA==

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 19 KB
6 KB 45ms
7ms Script
application/x-javascript 52.222.236.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-107.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c554fca59007cbb80fbb9ec9e8f1fe90c3c11fea692b53a60d730ee4a3ac8252

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 29 Apr 2023 13:47:51 GMT
via: 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 14552
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6124
x-xss-protection: 1; mode=block
last-modified: Wed, 26 Apr 2023 13:47:19 GMT
server: AmazonS3
etag: "fff1c1d393a3b4005d81879820ddc23b"
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: xhgjnfoDYy02molYQp_o3PDLB6z1O-zWfeo_7pSXqfrriJSmkqbAqw==

GET
H3 200 logo1.svg
promo.libertex.com/lp/de-de/shares/images/ 37 KB
13 KB 83ms
80ms Image
image/svg+xml 2606:4700::6810:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.com/lp/de-de/shares/images/logo1.svg
Requested by: Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b310070fd7fed0d97e6b3a215ec90d2cd24304f34afcbbe06525c717a5556b69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Apr 2023 16:04:22 GMT
server: cloudflare
x-amz-request-id: 43RJYXMFFNY94P8T
etag: W/"1e0ca9f1a6898650e704e335579c0ccf"
vary: Accept-Encoding
content-type: image/svg+xml
cf-ray: 7bf9630ce9213a6d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: W6VtCmUUCvsJPSZ4USeqUlYe+6Mp3Rh/4pQmsftWUeIXGBuzqRVWN5nKPRROvhSTtbstnNHzkI0=

GET
H3 200 Stocks.png
promo.libertex.com/lp/de-de/shares/images/ 624 KB
625 KB 97ms
93ms Image
image/png 2606:4700::6810:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.com/lp/de-de/shares/images/Stocks.png
Requested by: Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f1dbbc80c85b28a01d4696e30c74e0b6a48380038eed007507c145fdae16148

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:22 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Apr 2023 16:04:22 GMT
server: cloudflare
x-amz-request-id: 43RWGJ13Z0B4FC41
etag: "7e96d1fa2b7d7ad086b4251049dbec23"
vary: Accept-Encoding
content-type: image/png
cf-ray: 7bf9630ce9223a6d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 639159
x-amz-id-2: ABSlhOqxhEIujFuBrKgZ+DIPtFjO8lrb0KjekkDbbAWVq/76WbK7ubYFVfXLaS1jjJG2iH4SCb0=

GET
H3 200 shares-img.png
promo.libertex.com/lp/de-de/shares/images/ 71 KB
71 KB 93ms
90ms Image
image/png 2606:4700::6810:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.com/lp/de-de/shares/images/shares-img.png
Requested by: Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d552fc925cba72f27bcf889eaab6ccc61580029a775a03932c1efacbd0fe2514

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:22 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Apr 2023 16:04:22 GMT
server: cloudflare
x-amz-request-id: 43RTJWNFDEBYMTMQ
etag: "1dd77f5f1ec7a2b3c2a6ed6d5a895dfe"
vary: Accept-Encoding
content-type: image/png
cf-ray: 7bf9630ce9233a6d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 72324
x-amz-id-2: m7JxzqBEatNUg3GnVbsc3eToM+WT5vYSk30Iy+5SbndDmIyum8//n6u4YiV8PtdG+iPS4WWnvRA=

GET
H3 200 Rectangle-9.svg
promo.libertex.com/lp/de-de/shares/images/ 154 B
434 B 71ms
68ms Image
image/svg+xml 2606:4700::6810:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.com/lp/de-de/shares/images/Rectangle-9.svg
Requested by: Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d614fecee1c73f68d64ff931f0144778c0180e6e25d53307dba4ba91be1b78ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Apr 2023 16:04:22 GMT
server: cloudflare
x-amz-request-id: 43RJJTX6H3H4AQHG
etag: W/"6820d27accb2e38fddc29773421f2ae2"
vary: Accept-Encoding
content-type: image/svg+xml
cf-ray: 7bf9630ce9243a6d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: BxJWGMBBZu0zJfDzWgNLG2XeB96zJim4bwlIaPYRPTJf7V7WdDEqapuZpaC8vM9IU/oHX+OyfpY=

GET
H3 200 m2.svg
promo.libertex.com/lp/de-de/shares/images/ 1 KB
935 B 120ms
117ms Image
image/svg+xml 2606:4700::6810:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.com/lp/de-de/shares/images/m2.svg
Requested by: Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a96e59c36e39f72f4c16fe74445dc178f08f9b222a894cc6176a32ccc4fd935

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Apr 2023 16:04:22 GMT
server: cloudflare
x-amz-request-id: 43RKEAF8JWPGEB5Z
etag: W/"0de4e63351e07f2670ffc50dd96727f7"
vary: Accept-Encoding
content-type: image/svg+xml
cf-ray: 7bf9630ce9253a6d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ovJCIPkCCsXxua7IryoyJUeoaNGpN+7b9ZI9Sw9R+ws728VHTxdIVDeGlyR9sYOGNWfMH1KOy+8=

GET
H3 200 m3.svg
promo.libertex.com/lp/de-de/shares/images/ 1 KB
784 B 78ms
75ms Image
image/svg+xml 2606:4700::6810:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.com/lp/de-de/shares/images/m3.svg
Requested by: Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4586771549ba074edc21afb2db8f9a263a8a638e8123a6bac7a3f31e8d0454e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Apr 2023 16:04:22 GMT
server: cloudflare
x-amz-request-id: 43RPKF67JW2CG8AD
etag: W/"dd56b32f855f553cb836b4b838cc40ae"
vary: Accept-Encoding
content-type: image/svg+xml
cf-ray: 7bf9630ce9263a6d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: YZ5X75oxwJdzBcQ+FFKfaR7Xd5cPVlgckkSeCQoIFAR0fDX+EsQz5FL+wSHq7OXFnEbsH5aPp5Y=

GET
H3 200 m0.svg
promo.libertex.com/lp/de-de/shares/images/ 2 KB
1 KB 97ms
94ms Image
image/svg+xml 2606:4700::6810:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.com/lp/de-de/shares/images/m0.svg
Requested by: Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0dc8d6dc6609fc567bca9d358f4d62993405b2400d34e0354baf24d2c726f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Apr 2023 16:04:22 GMT
server: cloudflare
x-amz-request-id: 43RQFEETCBECC4Z6
etag: W/"e2ca4cd79c1b4aab2af2c7e8725f95ec"
vary: Accept-Encoding
content-type: image/svg+xml
cf-ray: 7bf9630ce9283a6d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 4nOseKRK0qINH4cjQ6EkBjqD2IyrUN8Sg5jgcHU2b6fsTuQshAThOAfx8m9g2ibz2i6sP2fnr6A=

GET
H3 200 m6.svg
promo.libertex.com/lp/de-de/shares/images/ 18 KB
8 KB 88ms
85ms Image
image/svg+xml 2606:4700::6810:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.com/lp/de-de/shares/images/m6.svg
Requested by: Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c68eeaa2d741254932a376eb9e014d2567d615ce6c22858ed32d654821933e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Apr 2023 16:04:22 GMT
server: cloudflare
x-amz-request-id: 43RKKHNR3MAENZN0
etag: W/"7f4ea5fd7e6f3158219ed2e02892bfea"
vary: Accept-Encoding
content-type: image/svg+xml
cf-ray: 7bf9630ce9293a6d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: /PajiVuPNIuTUAOZykjh3iOfF/MfVd0vThWKbzuUFSDx5p5N/aSRXwCtu1bW/D9Fvn9siuHAesY=

GET
H3 200 m4.svg
promo.libertex.com/lp/de-de/shares/images/ 1 KB
1 KB 102ms
100ms Image
image/svg+xml 2606:4700::6810:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.com/lp/de-de/shares/images/m4.svg
Requested by: Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd6d887436063fb3b31ffda0c9272028c0221e2046d6d7590a3b088a23251986

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Apr 2023 16:04:22 GMT
server: cloudflare
x-amz-request-id: 43RNN952N94KPGXV
etag: W/"5c9c5c7f40b36d3f9d0e8990e4e97ec4"
vary: Accept-Encoding
content-type: image/svg+xml
cf-ray: 7bf9630ce92a3a6d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ZWge37Yn5bFJv7MjLnHqjtr0pSCuJYY9L7qth1oYBAHwCktwjuPTqNUMnQ5eBCLC7jhHJ5zTPHI=

GET
H3 200 m1.svg
promo.libertex.com/lp/de-de/shares/images/ 593 B
664 B 85ms
83ms Image
image/svg+xml 2606:4700::6810:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.com/lp/de-de/shares/images/m1.svg
Requested by: Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba8cb7dd9a83f2b3567ad0a8359734f856f897e794bc886941b50c57920b4a92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Apr 2023 16:04:22 GMT
server: cloudflare
x-amz-request-id: 43RTTT0GVBZ4ME26
etag: W/"e4a1952ec184a7d14fc323b6088668a0"
vary: Accept-Encoding
content-type: image/svg+xml
cf-ray: 7bf9630ce92b3a6d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: u/vPk6PAhSJB6CjTbJvRBLyt8Y1q6G9SlSKqK6qqhq85+IkG9/VmBnUbclGe8HidSZWfjY08HCg=

GET
H3 200 Layer-2.svg
promo.libertex.com/lp/de-de/shares/images/ 2 KB
1 KB 99ms
96ms Image
image/svg+xml 2606:4700::6810:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.com/lp/de-de/shares/images/Layer-2.svg
Requested by: Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd31608cda35e0aae8edbb51c9609367451b0fadd79607108d4e8cb8c174ef15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Apr 2023 16:04:21 GMT
server: cloudflare
x-amz-request-id: 43RVPANW0CM25D6D
etag: W/"3f979823e83ebb1b9d10789b81698d80"
vary: Accept-Encoding
content-type: image/svg+xml
cf-ray: 7bf9630ce92d3a6d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: MSL1dbwir7lNvoD7NubOiZHuGMrrIbTtfhn3ftuxv4DuSyDnu9NQpdz1MaZQt4nZVsVjhLDUVRE=

GET
H3 200 icon-risk-management.svg
promo.libertex.com/lp/de-de/shares/images/ 2 KB
1 KB 89ms
87ms Image
image/svg+xml 2606:4700::6810:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.com/lp/de-de/shares/images/icon-risk-management.svg
Requested by: Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e816c1da072c1c06a0aa89bf5e0e5c0744ce1466500d87a7c58555fa870a67ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Apr 2023 16:04:22 GMT
server: cloudflare
x-amz-request-id: 43RX3YM514G22J1S
etag: W/"bbdecc70e5c1bae7a0c482d96a4660cf"
vary: Accept-Encoding
content-type: image/svg+xml
cf-ray: 7bf9630ce92e3a6d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 7CdirwAnq5hXZWGSAZmc5T0ZosJNb1GpgxUSETzXnbrAtgFEyto/Q8EiWq93SxzVeV4fG8yiCw0=

GET
H3 200 icon-tracker-dark.svg
promo.libertex.com/lp/de-de/shares/images/ 5 KB
3 KB 98ms
95ms Image
image/svg+xml 2606:4700::6810:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.com/lp/de-de/shares/images/icon-tracker-dark.svg
Requested by: Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f771cdf6facaad594e4384629f736115be6025289cc42158ec7d8bee716aead

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Apr 2023 16:04:22 GMT
server: cloudflare
x-amz-request-id: 43RQ611X65HP0241
etag: W/"6d143486455096565eefd89cad22ebe3"
vary: Accept-Encoding
content-type: image/svg+xml
cf-ray: 7bf9630ce92f3a6d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: fwy3fP1fbO5ScruSIJChxA+Y0ClSVDRYijOB6YOa/FAIYMN1IWSNPHK/tH8ze+kkgnFh4H5hGAw=

GET
H3 200 app.svg
promo.libertex.com/lp/de-de/shares/images/ 9 KB
4 KB 85ms
83ms Image
image/svg+xml 2606:4700::6810:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.com/lp/de-de/shares/images/app.svg
Requested by: Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04f85a6698c7bf8e899cc4ed78a8091b12de7be6765ff21939361c850a003c66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Apr 2023 16:04:22 GMT
server: cloudflare
x-amz-request-id: 43RHBFANC2A60355
etag: W/"c328b2902607150c0facb87a1346b4b2"
vary: Accept-Encoding
content-type: image/svg+xml
cf-ray: 7bf9630ce9303a6d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: E5wv2jQ3p5C2n9Vnb9pZWkKQR3qnCrFlMzDP1qMcD0umX+iUwShPCniDeo3B8i4p6vSPUR3pdLQ=

GET
H3 200 google.svg
promo.libertex.com/lp/de-de/shares/images/ 12 KB
5 KB 119ms
117ms Image
image/svg+xml 2606:4700::6810:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.com/lp/de-de/shares/images/google.svg
Requested by: Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c795916da68f8ae43f1b17de67fd2dccabc5e6a17ea6ad8fb7da5dc43e370c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Apr 2023 16:04:22 GMT
server: cloudflare
x-amz-request-id: 43RR8JWPFNQTYVDP
etag: W/"472ed958f36ccc594143a4b4e3fa3f59"
vary: Accept-Encoding
content-type: image/svg+xml
cf-ray: 7bf9630ce9323a6d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 5DlxwHzH+RGqGzI3jOVmZm7M1FJ3fwN0oPhaImoZvvztliwm3tdU+yoyJSeEi0jlz1hPUnWB/Ww=

GET
H3 200 huaweii.svg
promo.libertex.com/lp/de-de/shares/images/ 9 KB
4 KB 87ms
85ms Image
image/svg+xml 2606:4700::6810:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.com/lp/de-de/shares/images/huaweii.svg
Requested by: Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fabb73c94560863e581bd1d0bcf303a129d246905b9732190acfe49daf1b4a64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Apr 2023 16:04:22 GMT
server: cloudflare
x-amz-request-id: 43RJA91TDQ4PNA14
etag: W/"6d532001876ae32d74287c79a1d034a5"
vary: Accept-Encoding
content-type: image/svg+xml
cf-ray: 7bf9630ce9333a6d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: p4689iqUCa8Cvikr+tR9Aspq5fPhc/QCWIKE0/1XelrmhAWtmtBFbTd+jWKKZOpK2ycYmkftIxY=

GET
H3 200 devices.png
promo.libertex.com/lp/de-de/shares/images/ 83 KB
84 KB 89ms
87ms Image
image/png 2606:4700::6810:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.com/lp/de-de/shares/images/devices.png
Requested by: Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d3cb28bc053b76bb9ef2c0d709dbc26bf689b010da9f5ffd543281383f90ad6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:22 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Apr 2023 16:04:22 GMT
server: cloudflare
x-amz-request-id: 43RKK30VJQVY7HNJ
etag: "4adfa8309951ad653de5839dcd75eba4"
vary: Accept-Encoding
content-type: image/png
cf-ray: 7bf9630ce9353a6d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 85416
x-amz-id-2: CF6WOPkQ6Z8YASPAG9BXVUmLSFVySLsL/VLUur1h3QBSsk8nKTlJkdn9qMdkIE4Y6S8bZrTLZTc=

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 87 KB
31 KB 59ms
9ms Script
application/javascript 52.222.232.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=6050c73090e215c0e9cdc1c3
Requested by: Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.232.144 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-232-144.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://promo.libertex.com/
Origin: https://promo.libertex.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 01:04:09 GMT
content-encoding: gzip
via: 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
age: 60378
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: T5ub9V2o-j-SIp3HwmCoCX81W6ktutowWgu_Rj28s7c4lKVKDMuehQ==

GET
H3 200 top-instruments-a-shares.js Show response
promo.libertex.com/lp/de-de/shares/js/ 32 KB
12 KB 66ms
66ms Script
application/javascript 2606:4700::6810:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promo.libertex.com/lp/de-de/shares/js/top-instruments-a-shares.js
Requested by: Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40fe00bbcbba91d3e61e445f59b4bf433d29b5a77f8b6aabc7e8b9e399b58b0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Apr 2023 16:04:22 GMT
server: cloudflare
x-amz-request-id: 43RX1G2ZKFH6QF2Q
etag: W/"45638044e92a70a663a04ba3c6629f83"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 7bf9630cd9153a6d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: UXTsHhItC3qcD9me0UDeXJrnEVzFZe0ejkiqZCzDFYpe2hco56fpOjXX2y6bS0r632m79sxLAoA=

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 122ms
38ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 12:13:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106642
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Apr 2024 12:13:00 GMT

GET
H2 200 landing-api.min.2.2.2.js Show response
lib.libertex.com/landing/js/ 73 KB
23 KB 51ms
41ms Script
application/javascript 2606:4700::6810:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lib.libertex.com/landing/js/landing-api.min.2.2.2.js
Requested by: Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b1988143eed3f63d7f012eb450be5f09d98f34bb9635396192dfc943b866bdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:22 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
age: 6748
x-amz-request-id: DM0353FT64B86195
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: YefRlOV5PXU22jgG281tlXupgBJrmtAoVrh6EDChufp3cBagjRvEDxyGbQZDliOLs9LKnKBnMtA=
last-modified: Thu, 25 Nov 2021 10:54:36 GMT
cf-bgj: minify
server: cloudflare
etag: W/"7aedf0f7b359fba3b6e2598abdd7e6aa"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7bf9630ce8579107-FRA
expires: Sat, 29 Apr 2023 21:50:22 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/fxclub/main/prod/ 188 KB
29 KB 11ms
9ms Script
application/javascript 2600:9000:223e:9400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js
Requested by: Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:9400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ef4227e9ca65a1180a2e7df6a9a53e64b1d610eac38650bee7b22f129a2b895

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: qBt6JhuPS4WUCtyxbgDRhQxgRLqPlOV6
content-encoding: br
via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
date: Sat, 29 Apr 2023 17:47:31 GMT
last-modified: Tue, 25 Apr 2023 08:29:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 172
x-amz-server-side-encryption: AES256
etag: W/"4177ccff698395e43aa2d801422b5bba"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: 89xG8LwDpIvVzKqVXN7u-W-aqdpBs_P3mS3hN31y6yD-DikfAShvaQ==

GET
H3 200 hero.jpg
promo.libertex.com/lp/de-de/shares/images/ 314 KB
314 KB 95ms
95ms Image
image/jpeg 2606:4700::6810:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.com/lp/de-de/shares/images/hero.jpg
Requested by: Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/css/top-instruments-a-shares.css?v2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 272e1173a9cdbc9c67e3fceb669c0dd0d65f69aa46645b005e2432e54c5e7176

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/lp/de-de/shares/css/top-instruments-a-shares.css?v2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:22 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Apr 2023 16:04:22 GMT
server: cloudflare
x-amz-request-id: 43RSN7R0H4NFH8GM
etag: "5d769a25848dd0099e628847cfa31aa1"
vary: Accept-Encoding
content-type: image/jpeg
cf-ray: 7bf9630ce9363a6d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 321296
x-amz-id-2: KH/A2GIGz4M9pOtPoiaMAzH09CFEYnFVifCp1ORdb+D2Hbmimeb1fN5DbYE1u3qhSpGGHqhdGe4=

GET
H2 200 KFOkCnqEu92Fr1MmgVxIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 184ms
102ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://promo.libertex.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 19:41:54 GMT
x-content-type-options: nosniff
age: 598108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15764
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 19:41:54 GMT

GET
H3 200 check.svg
promo.libertex.com/lp/de-de/shares/images/ 226 B
484 B 115ms
115ms Image
image/svg+xml 2606:4700::6810:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.com/lp/de-de/shares/images/check.svg
Requested by: Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/css/top-instruments-a-shares.css?v2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23583fd1699ac3d53041f1ecea3dec3c1c3ac6634a4080948687446ddccf7a94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/lp/de-de/shares/css/top-instruments-a-shares.css?v2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Apr 2023 16:04:22 GMT
server: cloudflare
x-amz-request-id: 43RYRZDE77VKHA7R
etag: W/"c9af325bdedf9fea51c892ed3e490d4d"
vary: Accept-Encoding
content-type: image/svg+xml
cf-ray: 7bf9630ce93a3a6d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: +i9kv02zwvjgnddZc3UcQTBtMvVAcoRiaNkcZQKMYqcCAK9trNq0WhlXK8699CNfDbFBMjQul7Y=

GET
H3 200 b-btc-bottom-bg.jpg
promo.libertex.com/lp/de-de/shares/images/ 63 KB
64 KB 64ms
64ms Image
image/jpeg 2606:4700::6810:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.com/lp/de-de/shares/images/b-btc-bottom-bg.jpg
Requested by: Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/css/top-instruments-a-shares.css?v2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87094602ccf46a05eb4b472c76395de4a8a079a5928ed7a0f21df38d2923d6e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/lp/de-de/shares/css/top-instruments-a-shares.css?v2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:22 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Apr 2023 16:04:22 GMT
server: cloudflare
x-amz-request-id: 43RJHFHBMH7MD7H9
etag: "87b8caa0b3a2ba7e8a470d91d02b047e"
vary: Accept-Encoding
content-type: image/jpeg
cf-ray: 7bf9630ce93c3a6d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 64933
x-amz-id-2: bY1D3zFxfOJnZjJL6WFCFLI4ebjS5IwnDrDKjKb7vfMtJJ8jcSNY77uanxdZO2uSr7b3vkEghtk=

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 116ms
37ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://promo.libertex.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 02:06:17 GMT
x-content-type-options: nosniff
age: 143045
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Apr 2024 02:06:17 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 153ms
74ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://promo.libertex.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 2767
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 17:04:15 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 166ms
87ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://promo.libertex.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 16:54:27 GMT
x-content-type-options: nosniff
age: 3355
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17032
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 16:54:27 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 125ms
45ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://promo.libertex.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 21:03:36 GMT
x-content-type-options: nosniff
age: 593206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 21:03:36 GMT

GET
H3 200 logo-footer.svg
promo.libertex.com/lp/de-de/shares/images/ 3 KB
2 KB 73ms
73ms Image
image/svg+xml 2606:4700::6810:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.com/lp/de-de/shares/images/logo-footer.svg
Requested by: Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d8cafc959a76307c856671e47ab4dcdef48ff6df286d9507b890c11007dd394

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Apr 2023 16:04:22 GMT
server: cloudflare
x-amz-request-id: 43RG815SH7HH1FX2
etag: W/"889d19eb3bd588a61875535c35e8882f"
vary: Accept-Encoding
content-type: image/svg+xml
cf-ray: 7bf9630d095f3a6d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: IjCSJshnpGnoyfBVtpKw0CFxflR9Svmx3kijpRbbChH8uKdeW7WKOlOaWTLbp2vgg8KrqkAT2Q8=

GET
H3 200 Facebook.svg
promo.libertex.com/lp/de-de/shares/images/ 685 B
680 B 153ms
153ms Image
image/svg+xml 2606:4700::6810:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.com/lp/de-de/shares/images/Facebook.svg
Requested by: Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba654bf52a73c95ab86cf426331d407547c5334a98d697ff69f3b3358bd837c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Apr 2023 16:04:21 GMT
server: cloudflare
x-amz-request-id: 43RPQX0FTDYSKDBF
etag: W/"9b2c6980218d12444a4454b0ad8d190e"
vary: Accept-Encoding
content-type: image/svg+xml
cf-ray: 7bf9630d09643a6d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: /J5PrG5BVJDBq+/ieGFKhgHAfGRS8ZT6d0n/Mud56SgLiZ+yGCorgCgktDGG579KYk03qEO86Zk=

GET
H3 200 Twitter.svg
promo.libertex.com/lp/de-de/shares/images/ 1 KB
979 B 111ms
110ms Image
image/svg+xml 2606:4700::6810:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.com/lp/de-de/shares/images/Twitter.svg
Requested by: Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f594a5fe85101548f60a607b49e011c9928a118c607f722d4fa5d5d64e095bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Apr 2023 16:04:22 GMT
server: cloudflare
x-amz-request-id: 43RY0ESQ3JBDBNCR
etag: W/"299a80580124ec5aeaf4b68ed04ac35f"
vary: Accept-Encoding
content-type: image/svg+xml
cf-ray: 7bf9630d09663a6d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ZwSyJTK7TjJXQn17EDd6UzTquCF1Kuq0fB51sDRqw9T4597quyEqIReidqHE4DbDRSKbsTDE/5k=

GET
H3 200 Instagram.svg
promo.libertex.com/lp/de-de/shares/images/ 3 KB
2 KB 97ms
97ms Image
image/svg+xml 2606:4700::6810:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.com/lp/de-de/shares/images/Instagram.svg
Requested by: Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3fbe93fb83b570717b12363cc84b5760dba1de2e71d41bc6b992d63bea7bd80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Apr 2023 16:04:21 GMT
server: cloudflare
x-amz-request-id: 43RHJ23EBB1PDP5W
etag: W/"0b6fc6975844821989702659d61fec1f"
vary: Accept-Encoding
content-type: image/svg+xml
cf-ray: 7bf9630d096a3a6d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: J+nZrpskNfLIRwa4+JJV4z97G4S0P/rWRScqFooVxqaboVXiFM+XaYJ49FovtR5wLr3YfHLm38k=

GET
H3 200 YouTube.svg
promo.libertex.com/lp/de-de/shares/images/ 1019 B
751 B 103ms
102ms Image
image/svg+xml 2606:4700::6810:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.com/lp/de-de/shares/images/YouTube.svg
Requested by: Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45b0d86420fc6234ec95ef7335ac20664d2e2fc61d6808901fd39635dfb3034b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Apr 2023 16:04:22 GMT
server: cloudflare
x-amz-request-id: 43RZZ0RTB61CZBQ8
etag: W/"a8141da119501887d58a0fceae835acd"
vary: Accept-Encoding
content-type: image/svg+xml
cf-ray: 7bf9630d096d3a6d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 8tqgGJHVoMLsBtJAYV5PZ7Qv2SjHs00JKKhubz8949SHlUFnRcCQXHAUYmdZSWDgNl5CFKYEnvE=

GET
H3 200 LinkedIn.svg
promo.libertex.com/lp/de-de/shares/images/ 1 KB
1 KB 61ms
61ms Image
image/svg+xml 2606:4700::6810:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.libertex.com/lp/de-de/shares/images/LinkedIn.svg
Requested by: Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a602aa07b27454bdcf95245d54d508842959059c97738d574afc651c95b667e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Apr 2023 16:04:21 GMT
server: cloudflare
x-amz-request-id: 43RJ0DK9WHQ0EZZE
etag: W/"b279dcf4739da6887e5c256bef9c37fc"
vary: Accept-Encoding
content-type: image/svg+xml
cf-ray: 7bf9630d09703a6d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: oaZ3OAtlxIbHEH0zqnfls99ZqOFzW5GA6/V34HYsX3AEBHyTkNVzC+ID5bbv0w32wLgtQYfoxWA=

GET
H2 200 0b515ed817be710b5be3ad129788a47f5bede108 Show response
api-account.libertex.com/v1/init/ 6 KB
3 KB 199ms
144ms XHR
application/json 2606:4700::6810:65b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-account.libertex.com/v1/init/0b515ed817be710b5be3ad129788a47f5bede108?sdk=javascript&v=1682790622401
Requested by: Host: lib.libertex.com
URL: https://lib.libertex.com/landing/js/landing-api.min.2.2.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:65b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ad68a0007212c6776431b6152fbbf7030602e55e0c6c6908b3be351d19f390e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cf-ray: 7bf9630e5901bbce-FRA
access-control-allow-headers: X-Forwarded-For
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 bundle-1.5.0.js Show response
lib.libertex.com/widgets/live-quotes/ 244 KB
78 KB 38ms
38ms Script
application/javascript 2606:4700::6810:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lib.libertex.com/widgets/live-quotes/bundle-1.5.0.js
Requested by: Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27d17ce788769f026427355d4e4350c354d28aa8edf89fc76396b1ce571cee33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:22 GMT
x-amz-version-id: MShMMalvYWSc_9grWxa.3Nqt5M6gC3tn
content-encoding: br
cf-cache-status: HIT
age: 273
x-amz-request-id: 0DWTM6Y7T4V2CHK3
cf-polished: origSize=250164
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: nIZNg/akpxok208Yh2iMm1eoTKEi13BpzWnKdSKzYFF6dXha3GYW52Py43sZi+U/7cfdwwx7n/Y=
last-modified: Thu, 24 Nov 2022 09:15:18 GMT
cf-bgj: minify
server: cloudflare
etag: W/"36d816a57b3f2ade5bbb16d0a89ce4ae"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7bf9630dfad93a6d-FRA
expires: Sat, 29 Apr 2023 21:50:22 GMT

GET
H2 200 utag.505.js Show response
tags.tiqcdn.com/utag/fxclub/main/prod/ 20 KB
5 KB 15ms
15ms Script
application/javascript 2600:9000:223e:9400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.505.js?utv=ut4.46.202102051128
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:9400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 49ca6f4981bd438bd3759a99a9d50b40f804f0d608cc58e16d65fe1e93982d8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: EzKAjxySWTBjLX8FGq5FAQVOhNfHjF1z
content-encoding: br
via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
date: Sat, 29 Apr 2023 17:45:39 GMT
last-modified: Tue, 25 Apr 2023 08:29:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 284
x-amz-server-side-encryption: AES256
etag: W/"27c8f6e09bf042e66b40c9024dc74c11"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 8lD29cZFpTxBjT9ZIkP_3NVzB71mnqzxjqbzY4rz3dVIk1GY9ByflQ==

GET
H2 200 utag.503.js Show response
tags.tiqcdn.com/utag/fxclub/main/prod/ 9 KB
3 KB 10ms
9ms Script
application/javascript 2600:9000:223e:9400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.503.js?utv=ut4.46.202111081405
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:9400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8238dd7db4d0ab5b5be400505bec4dd83f4a4ecbd3f845f59a4a9c638245c503

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: SyQ_7JET0mrbRJiyUBQ3yePNKIQoQvcb
content-encoding: br
via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
date: Sat, 29 Apr 2023 17:49:11 GMT
last-modified: Tue, 25 Apr 2023 08:29:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 71
x-amz-server-side-encryption: AES256
etag: W/"63e8520e6dd6e69b366c279da72a7de8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: Q_Hbw50hLTTQIZEttKoOyh0ue9gIfCgvm5TKILZ-u0tABxrl7N38yw==

GET
H2 200 utag.596.js Show response
tags.tiqcdn.com/utag/fxclub/main/prod/ 7 KB
2 KB 10ms
10ms Script
application/javascript 2600:9000:223e:9400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.596.js?utv=ut4.46.201907011259
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:9400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 55cf321c7f746d802fe3b1850f8bab38d10912edeba77a213565d0becf7a0718

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: VlTE2ltxh1peRjolNsqMH_vEg9dccaBZ
content-encoding: br
via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
date: Sat, 29 Apr 2023 17:48:32 GMT
last-modified: Tue, 25 Apr 2023 08:29:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 113
x-amz-server-side-encryption: AES256
etag: W/"8d001c66da73850590c08b66a185d13f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 1Afj3CAZsp1mrNVaaBZaFKMoigAE4un_Idpx-YkHUVtrjo4G1I0X7w==

GET
H2 200 utag.536.js Show response
tags.tiqcdn.com/utag/fxclub/main/prod/ 2 KB
1 KB 10ms
10ms Script
application/javascript 2600:9000:223e:9400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.536.js?utv=ut4.46.202011231640
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:9400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f879358ab1e27b8b72befc7185e79354d6f6e7c4000a70325b366d7b65b90337

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: nzaPr5BM85IzU_P5a4NCgDGMI_WoM0Qr
content-encoding: br
via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
date: Sat, 29 Apr 2023 17:48:15 GMT
last-modified: Tue, 25 Apr 2023 08:29:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 128
x-amz-server-side-encryption: AES256
etag: W/"4ee6e55002e19f9a884744aa21b348d9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 4Bibg0pif01k2iuoQJ8NGWojEYWmxAOHJ3cqKhJJoV7JlnVUJhvCMg==

GET
H2 200 utag.537.js Show response
tags.tiqcdn.com/utag/fxclub/main/prod/ 20 KB
5 KB 9ms
8ms Script
application/javascript 2600:9000:223e:9400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.537.js?utv=ut4.46.202205301418
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:9400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 97adefd70e7c7673f34396f9ca1195f93f025e41c18c2eba0c14530d11d70e01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: 2QOXFPAgN_DnbEPo22Lb2ghgDZGktLVy
content-encoding: br
via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
date: Sat, 29 Apr 2023 17:46:30 GMT
last-modified: Tue, 25 Apr 2023 08:29:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 248
x-amz-server-side-encryption: AES256
etag: W/"bfb583f04568a9567b381932d6d17bbb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: MvyS5QHtOTfWb62V7JSruA2o_Wd2y-0LNIRIn0zKA6zmRtX2REZTtA==

GET
H2 200 utag.541.js Show response
tags.tiqcdn.com/utag/fxclub/main/prod/ 3 KB
2 KB 14ms
14ms Script
application/javascript 2600:9000:223e:9400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.541.js?utv=ut4.46.202304110819
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:9400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e045d73cd7beb944053eec97c7188824be11281ee4f9f71b3df7bf508f2266c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: gOSkS3ZKcAV0MAxq5CrwVGvrk8YnumPK
content-encoding: br
via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
date: Sat, 29 Apr 2023 17:49:21 GMT
last-modified: Tue, 25 Apr 2023 08:29:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 66
x-amz-server-side-encryption: AES256
etag: W/"effad3f68290fd0f3b5a70f97e22294f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: BZ7IV6itjbg_zOqY-Ng7UDCKJwpiGBd2IwfcujXm4RJ8KBxyy0O8hA==

GET
H2 200 utag.548.js Show response
tags.tiqcdn.com/utag/fxclub/main/prod/ 10 KB
3 KB 16ms
16ms Script
application/javascript 2600:9000:223e:9400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.548.js?utv=ut4.46.201804170814
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:9400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1302e8492a9712ff71fc58e808a5321ed6a28c612b533b8d08505a0d17c41293

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: cJFZldexJzOpWZJlt4CdNG7tHKcYQdQq
content-encoding: br
via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
date: Sat, 29 Apr 2023 17:45:39 GMT
last-modified: Tue, 25 Apr 2023 08:29:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 284
x-amz-server-side-encryption: AES256
etag: W/"0bf36544b400ba921647fa1e745e750c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: vh42SVguVAQscakqb4bVhzMeHAQeFOxo8P4mvqQnFVSXtVYKRG7GCw==

GET
H2 200 utag.561.js Show response
tags.tiqcdn.com/utag/fxclub/main/prod/ 4 KB
2 KB 10ms
10ms Script
application/javascript 2600:9000:223e:9400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.561.js?utv=ut4.46.201807231117
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:9400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e395b6a8c584e1ab0e477b43dd9c4fd1621346e0aa1328dcc5dc883ab414bd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: 8qEe.Xzrs6r1_YabR8yPoK0te3gGwzQd
content-encoding: br
via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
date: Sat, 29 Apr 2023 17:46:30 GMT
last-modified: Tue, 25 Apr 2023 08:29:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 248
x-amz-server-side-encryption: AES256
etag: W/"8ef6d3a04bfb7860e891fc885b69f1a9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: TU9WschEWYzbyoakut7x_ACDqnOevfBiaCP9Vs9Jlt8vF-MQ_t28gA==

GET
H2 200 utag.607.js Show response
tags.tiqcdn.com/utag/fxclub/main/prod/ 4 KB
2 KB 11ms
10ms Script
application/javascript 2600:9000:223e:9400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.607.js?utv=ut4.46.202201100844
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:9400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 238e41ba722b75570902990d1dbaa7401835fd05148b512aa71dc199e259794a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: uPnfFHNDOQl7zL6LiCEwyiTd9Eqv2b8w
content-encoding: br
via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
date: Sat, 29 Apr 2023 17:46:32 GMT
last-modified: Tue, 25 Apr 2023 08:29:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 231
x-amz-server-side-encryption: AES256
etag: W/"a4116a686ec3c1877fb4d78f5c337468"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: _WLy-fOz7C7XjEJijI2ymXja0LcX_0RTe7xKt30H6Reezi_3o-hXNQ==

GET
H2 200 utag.633.js Show response
tags.tiqcdn.com/utag/fxclub/main/prod/ 5 KB
2 KB 15ms
15ms Script
application/javascript 2600:9000:223e:9400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.633.js?utv=ut4.46.202107090829
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:9400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4b07f6b6046bab2aa8587187da268bf956c9d3ead94ab1ab7d8fa4eba6e8cc2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: 0CHGqTTdUHgD08JjaVPdnXNi3TcfdSkT
content-encoding: br
via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
date: Sat, 29 Apr 2023 17:48:15 GMT
last-modified: Tue, 25 Apr 2023 08:29:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 129
x-amz-server-side-encryption: AES256
etag: W/"f7afdbb9e18fbb5fcf7852121f4d422f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: pUXe1T7yqp0OW7pVmUPQfjhIHSxXKiWdn0MHxDz7LJk6_TBbc3IjAg==

GET
H2 200 utag.654.js Show response
tags.tiqcdn.com/utag/fxclub/main/prod/ 3 KB
2 KB 17ms
17ms Script
application/javascript 2600:9000:223e:9400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.654.js?utv=ut4.46.202010010807
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:9400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6d825982264d26a23124faa543531e61881051965bed197fcea9e26ca35360d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: 3yTi5I6aOg.LJc1N6x.5UvNLFjaHOa3A
content-encoding: br
via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
date: Sat, 29 Apr 2023 17:48:15 GMT
last-modified: Tue, 25 Apr 2023 08:29:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 128
x-amz-server-side-encryption: AES256
etag: W/"5aa437501d35324c5ba42612e7c10fe5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 9q5YNFwDZlUgrZSlhKmO1VhcrCHJQQsM2w3COpqfwr7UPK7-khN7vA==

GET
H2 200 utag.657.js Show response
tags.tiqcdn.com/utag/fxclub/main/prod/ 8 KB
3 KB 19ms
19ms Script
application/javascript 2600:9000:223e:9400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.657.js?utv=ut4.46.202304121450
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:9400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ac5ed30e2b3cc1f9020130d04a10060c2378dc07d7d0024097974f30b2e70135

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: hpJfTJb7iPbTge2qGGY3pROfvNOETBe4
content-encoding: br
via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
date: Sat, 29 Apr 2023 17:48:35 GMT
last-modified: Tue, 25 Apr 2023 08:29:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 113
x-amz-server-side-encryption: AES256
etag: W/"dbad8c5b606f9e1e9ca84120442e0352"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: JlK_54iU-v_NnxeDG_ybE14xlS8gAzwPAsgc69q1oeJayv78D0A_hA==

GET
H2 200 utag.692.js Show response
tags.tiqcdn.com/utag/fxclub/main/prod/ 4 KB
2 KB 19ms
19ms Script
application/javascript 2600:9000:223e:9400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.692.js?utv=ut4.46.202110210846
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:9400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9dd549054d5d78222a14dd31544cae78b8d2bfa0394a16fe14baf66a08b646c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: IfCxE_7JlTHRqH.XbHbNLtlwVBwFcHIq
content-encoding: br
via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
date: Sat, 29 Apr 2023 17:48:58 GMT
last-modified: Tue, 25 Apr 2023 08:29:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 87
x-amz-server-side-encryption: AES256
etag: W/"7913c2c5204fe401f11f9beabad59818"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: Go5d2waM0ybj-G5leA_SX5W9H2X9LhH-Jn0-rum6trNuLxfVCX0XPg==

GET
H2 200 utag.705.js Show response
tags.tiqcdn.com/utag/fxclub/main/prod/ 16 KB
6 KB 19ms
19ms Script
application/javascript 2600:9000:223e:9400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.705.js?utv=ut4.46.202205050828
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:9400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91f097fcc7974e439bd1c78aee43ff54a0435ae4a329d7f9de0eb2fc35e81ea7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: 0xMDpyKfE_RhUger.7EXZ86UYsM3XswO
content-encoding: br
via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
date: Sat, 29 Apr 2023 17:45:39 GMT
last-modified: Tue, 25 Apr 2023 08:29:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 284
x-amz-server-side-encryption: AES256
etag: W/"e9d14a0a382928d5cf5087acf121e689"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: iMoj-WIvxijx5u7XfHtVnQ0P0qCU8o3cdP5WRbqkAYrb8OYQrs5Zmg==

GET
H2 200 utag.728.js Show response
tags.tiqcdn.com/utag/fxclub/main/prod/ 7 KB
3 KB 16ms
15ms Script
application/javascript 2600:9000:223e:9400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.728.js?utv=ut4.46.202302071603
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:9400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cacb5aed592935de9837b267a03c7d0abd3bc5886b667d290f3914cba9e472eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: Fu2fuNGc9VXkdxx87spYZh5M06xBpGXK
content-encoding: br
via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
date: Sat, 29 Apr 2023 17:47:06 GMT
last-modified: Tue, 25 Apr 2023 08:29:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 197
x-amz-server-side-encryption: AES256
etag: W/"e76af12bb759fe366bd9731aad653875"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: UI7mmFWRDk0if1t7p_ru-HvhtbH2AaUrRCdiNggfTVEIlGSqbb7HrQ==

GET
H2 200 utag.746.js Show response
tags.tiqcdn.com/utag/fxclub/main/prod/ 2 KB
1 KB 19ms
19ms Script
application/javascript 2600:9000:223e:9400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.746.js?utv=ut4.46.202301301117
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:9400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7450e0ca95b6444ec6b082dab0e55950593525c5bbe707dbc5c98d4fa3c9ef91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: L1rQOjLzxajVJZpq_xRnFG6pWmtRSXS.
content-encoding: br
via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
date: Sat, 29 Apr 2023 17:45:39 GMT
last-modified: Tue, 25 Apr 2023 08:29:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 284
x-amz-server-side-encryption: AES256
etag: W/"1c6c0c21b8e20d35fdb07864e3452faa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: tDiSlHmQ-qMbg96eLuiPjDn26JTNTTVaoFEn_dntOU-w_upslC6SEw==

GET
H2 200 utag.762.js Show response
tags.tiqcdn.com/utag/fxclub/main/prod/ 5 KB
2 KB 16ms
16ms Script
application/javascript 2600:9000:223e:9400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.762.js?utv=ut4.46.202304131455
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:9400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0d946172ef040e8e1616133fac8246c01a9aee6150e9e6abcaef38cb86f285b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: zIKOvggq99c6UfNYTRekoO2rCCDHuob6
content-encoding: br
via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
date: Sat, 29 Apr 2023 17:46:30 GMT
last-modified: Tue, 25 Apr 2023 08:29:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 248
x-amz-server-side-encryption: AES256
etag: W/"4491ff91773d661c073e4d8557dd89f4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: IhBrOsJUqayUJBeTKG8TTQVMuLev96S4-6E6dYEcsWp_5-EurCiwKg==

GET
H2 200 index.html Show response
widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/ Frame F0BA 7 KB
2 KB 14ms
14ms Document
text/html 52.222.236.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/index.html?templateId=5419b732fbfb950b10de65e5&businessunitId=5a1e8d6b0000ff0005b1ddbc

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-107.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

81ed0a57854f0316f79f3e8e67156586ff841c8b986cef10f1f2341109792bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://promo.libertex.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 42839
cache-control: max-age=86400
content-encoding: gzip
content-length: 2019
content-type: text/html
date: Sat, 29 Apr 2023 05:56:24 GMT
etag: "15c1a833433e5fb3549558663ab35585"
last-modified: Tue, 04 Oct 2022 10:32:17 GMT
server: AmazonS3
strict-transport-security: max-age=31536000
via: 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
x-amz-cf-id: TipCG-JZ1UMJhyPkHmG8Q2q8oWrMlQQ7b6mxj4enArIJ-PJWu38pSQ==
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 31ms
7ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 29 Apr 2023 17:50:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27967
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: WFqhCd5g1xYg06gOChKxxzDM9BrWr9ywqMHzhZ8F1jtLTDtfIQJqjJL6iVaOR94Pah9kOLr+TZHhUV5E85GDFA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 67 KB
22 KB 48ms
8ms Script
text/javascript 2600:9000:2250:1e00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:1e00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46fb5dc9bc2c62510524ff7d023d1acdd98a693e2c4c6bc6adbe8dce242d5246

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

X-Amz-Version-Id: t2odp6E0L3gMv4oaa6APyl80R6IDi46D
Content-Encoding: gzip
Via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
Date: Sat, 29 Apr 2023 17:48:54 GMT
Age: 88
X-Amz-Cf-Pop: FRA60-P2
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 27 Apr 2023 15:01:40 GMT
Server: AmazonS3
Etag: W/"ad8051d4b1764868cb152a1dc4edad0b"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: donmU9Spsypghr1tS1UB6txH6MaLb8LrgFbMTKbHterF0OHdmlEahA==

GET
H2 204 mark
trc.taboola.com/forexclub-sc/log/3/ 0
331 B 38ms
15ms Image
image/gif 2a04:4e42:400::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/forexclub-sc/log/3/mark?marking-type=visitor&item-url=https%3A%2F%2Fpromo.libertex.com%2Flp%2Fde-de%2Fshares%2F%3Faff_id%3D37544%26cxd%3D37544_486346
Requested by: Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Sat, 29 Apr 2023 17:50:22 GMT
via: 1.1 varnish
x-served-by: cache-fra-eddf8230092-FRA
server: nginx
x-timer: S1682790622.464462,VS0,VE9
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 44 KB
15 KB 73ms
31ms Script
application/javascript 2a02:2638:d::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=61962,101098,101097,61960,61961,101967,101968

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

062bde0c800a2dca5cb3352d700f51cc3e479bcda19fc5a8dfaedab3d4dfec56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 120ms
35ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 29 Apr 2023 16:35:44 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 4478
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Sat, 29 Apr 2023 18:35:44 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1311468/ 58 KB
18 KB 30ms
8ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1311468/tfa.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2bc28a5d8f6a4e42c2bac13de3d641a235df2e55af6ee1206e3ac1d728bce898

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: _QydFY9uQGOw3JuRKipHDsxkR2NNoc.A
content-encoding: gzip
via: 1.1 varnish
date: Sat, 29 Apr 2023 17:50:22 GMT
x-amz-request-id: CJ2CHAMSRYMAA1A7
age: 110
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 18204
x-amz-id-2: svXER8qKX/QGNfF3n9SOEdhGMDFNy8EZ/nemn4NloMI4EmIgJXpAuSDubEqakb8PAH/NX7prhSM=
x-served-by: cache-fra-eddf8230124-FRA
last-modified: Sun, 23 Apr 2023 11:08:22 GMT
server: AmazonS3
x-timer: S1682790622.467744,VS0,VE2
etag: "f8fe5804040d4020b028a3de4baeb6fd"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 26
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 17 KB
7 KB 75ms
23ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.536.js?utv=ut4.46.202011231640

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

72750dc5cdcaa538491728c6a58d6d1d97d28024f227ce7f13e63ddeba908226

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:49:47 GMT
x-amz-version-id: JGW8wXvjjj83MVu5c5k1Bd2u8_DD2rYy
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: KFPD4A8TGYZJSH19
age: 36
x-amz-server-side-encryption: AES256
x-amz-id-2: BcmDeBzQRZ+YGhY2IWE+S+VK5VjnK41Q+71m/N/UESZrnKGbpY9FnevlyoWZS5XjsPK7Fki4BPc=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Fri, 31 May 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Wed, 26 Apr 2023 11:08:30 GMT
server: ATS
etag: "e896178ac557f4e393e0a05405c33633-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 /
insight.adsrvr.org/track/conv/ 70 B
261 B 101ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/conv/?adv=tqnk6tl&ct=0:m158x1u&fmt=3
Requested by: Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 29 Apr 2023 17:50:22 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

activityi;dc_pre=CMjUrMrTz_4CFRWYmgodarcETQ;src=11442981;type=testb0;cat=pagev0;ord=4274851634129.6836 Show response
11442981.fls.doubleclick.net/ Frame 5F1E
Redirect Chain

https://11442981.fls.doubleclick.net/activityi;src=11442981;type=testb0;cat=pagev0;ord=4274851634129.6836?
https://11442981.fls.doubleclick.net/activityi;dc_pre=CMjUrMrTz_4CFRWYmgodarcETQ;src=11442981;type=testb0;cat=pagev0;ord=4274851634129.6836?

441 B
402 B

75ms
74ms

Document
text/html

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11442981.fls.doubleclick.net/activityi;dc_pre=CMjUrMrTz_4CFRWYmgodarcETQ;src=11442981;type=testb0;cat=pagev0;ord=4274851634129.6836?

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

07463b6cd3e714bcbfd7d3d438a63db1868da6c6604e5ae36a94852fc2b7eeed

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://promo.libertex.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 227
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Apr 2023 17:50:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Apr 2023 17:50:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11442981.fls.doubleclick.net/activityi;dc_pre=CMjUrMrTz_4CFRWYmgodarcETQ;src=11442981;type=testb0;cat=pagev0;ord=4274851634129.6836?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 61ms
14ms Script
application/javascript 199.232.148.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.548.js?utv=ut4.46.201804170814
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.148.157 Amsterdam, Netherlands, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:22 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-ams12729-AMS

GET
H2 200 main.js Show response
widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/ Frame F0BA 54 KB
17 KB 8ms
8ms Script
application/x-javascript 52.222.236.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/main.js

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/index.html?templateId=5419b732fbfb950b10de65e5&businessunitId=5a1e8d6b0000ff0005b1ddbc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-107.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

eea4732fd936bb62e7997d61fdb54d604f903ab6d15d0a4d8f15c2de18f50bce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/index.html?templateId=5419b732fbfb950b10de65e5&businessunitId=5a1e8d6b0000ff0005b1ddbc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 29 Apr 2023 03:12:37 GMT
via: 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 52666
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 17024
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Oct 2022 10:32:19 GMT
server: AmazonS3
etag: "0fccf519b5d67017eb600402cc8bf1da"
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: -k3ia7FY-CoyEUrvj8AqCNA6KTBwXKsAN2zHNi-4epph1kWkRbJ7kA==

GET
H2 200 hotjar-898554.js Show response
static.hotjar.com/c/ 9 KB
4 KB 36ms
11ms Script
application/javascript 18.66.97.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-898554.js?sv=

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-49.fra56.r.cloudfront.net

Software

Resource Hash

a3193f1314e610aa8ecc61183daa847db8f2e42bee6878095b99eda4165f5df7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Sat, 29 Apr 2023 17:50:22 GMT
via: 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 40
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/011e9ee004b8ae31b4c62eaabb89ee1d
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: BbP-dha9kmBm0tw0vsyXpt-11howJaameDUt_VFNciUhKqNCJLzuDQ==

GET
H2 200 api.min.js Show response
a.opmnstr.com/app/js/ 50 KB
19 KB 75ms
13ms Script
application/javascript 2400:52e0:1e00::865:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/api.min.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::865:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-865 /
Resource Hash: b240f6825e701e2e5dd89198a9153002cb17bd3c6ca617acab792a681bb0a8f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:22 GMT
content-encoding: br
cdn-edgestorageid: 722
perma-cache: HIT
cdn-storageserver: DE-51
cdn-cachedat: 04/25/2023 22:20:15
cdn-pullzone: 293267
last-modified: Tue, 25 Apr 2023 22:14:01 GMT
server: BunnyCDN-DE1-865
cdn-fileserver: 572
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"644850a9-c83e"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 7714ae0c0e5821e9e398223dc5df4aa8
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 3 KB
1 KB 60ms
22ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=677842&u=https%3A%2F%2Fpromo.libertex.com%2Flp%2Fde-de%2Fshares%2F%3Faff_id%3D37544%26cxd%3D37544_486346&r=0.06060318877775828
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.746.js?utv=ut4.46.202301301117
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: 5966e1e8ccb5f67ae2427e66e16d6e019a316e0c6c0f185995bac2dc3ffdaa77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:21 GMT
content-encoding: gzip
via: 1.1 google
server: gams1
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 363ms
339ms Script
application/javascript 2.16.187.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BVJ114SOLA0CA89TMT5G&lib=ttq
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.187.106 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-187-106.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7fd38ef1dd16b2d4cdff31de3303a3870c035854a66f6721bb4869d0f06be6e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-akamai-request-id: a0c75040.16231c8c
date: Sat, 29 Apr 2023 17:50:22 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-187-102.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
x-parent-response-time: 209,2.16.187.102
server-timing: cdn-cache; desc=MISS, edge; dur=270, origin; dur=8, inner; dur=4
content-length: 1220
pragma: no-cache
server: nginx
x-tt-logid: 20230429175022879341187816483B4FC6
x-cache-remote: TCP_MISS from a23-220-105-18.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.220.105.18
x-tt-trace-host: 01729846d87a9d1c755e813f21343df2b7fcce2b6602f5a8d9de51b409a80a40245665b2bfc6e3b5cc712c5634ac7cceaf87141fff5fd0866cd71640f25b22ff7e812c34ca18ac48194b02367aec94ff4ce19a5b791474c5f9bab5e775c4c4d05983fe8d17f3e67f34929609fa498458e7
expires: Sat, 29 Apr 2023 17:50:22 GMT

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
432 B 7ms
7ms Script
application/javascript 2600:9000:223e:9400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=fxclub/main/202304250827&cb=1682790622511
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fxclub/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:9400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date: Sat, 29 Apr 2023 17:48:50 GMT
via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 93
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
server: AmazonS3
etag: "7bc0ee636b3b83484fc3b9348863bd22"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: czSrRBR6wuetfNR3vVtg5vGTaBAxunAvFuF7KQZHj7dC_vY6wxQ5Ng==

GET
H2 200 /
tealium-proxy.libertex.org/ 19 B
19 B 123ms
29ms Image
text/plain 52.212.156.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tealium-proxy.libertex.org/?t_profile=main&abtest_experiments_bucket=&abtest_experiments_name=&client_browser=Chrome&client_id=&customer_accounts_info_code=&customer_cur_account_balance_available=&customer_cur_account_count_of_deals_total=&customer_cur_account_deposit_init_value=&customer_cur_account_deposit_total_value=&customer_cur_account_id=&customer_cur_account_info_code=&customer_cur_account_is_deposit=&customer_cur_account_type=&customer_email=&customer_id=&customer_login=&customer_profile_broker=&customer_profile_business_unit=&customer_profile_country=&customer_profile_is_first_launch_open=&customer_profile_lifecycle=&customer_profile_network=&customer_profile_network_name=&event_account_id=&event_account_name=&event_currency=&event_date=&event_date_utc=2023-04-29+17%3A50&event_id=&event_ref=&event_type=&event_value=&fbp=&fbclid=&fx_visitor_id=&ga_cid=&gclid=&icid_sf=&mixlib=undefined&page_activitytime=&page_category=&page_channel=&page_dom_referrer=&page_dom_url=https%3A%2F%2Fpromo.libertex.com%2Flp%2Fde-de%2Fshares%2F%3Faff_id%3D37544%26cxd%3D37544_486346&page_environment=prod&page_language=de&page_loadingtime=&page_loadingtime_tti=&page_name=&page_path=&page_referrer_long=&page_system=promo&page_type=&product_category=&product_id=&product_name=&product_subcategory=&segment_web=b&session_id=1682790622256&sf_campaignId=&user_agent=mozilla%2F5.0+%28windows+nt+10.0%3B+win64%3B+x64%29+applewebkit%2F537.36+%28khtml%2C+like+gecko%29+chrome%2F112.0.5615.121+safari%2F537.36&visitor_id=0187ce23242f005f5a9afe833e5803074004906c00b08
Requested by: Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.156.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-156-36.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:22 GMT
content-length: 19
content-type: text/plain; charset=utf-8

GET
H2 200 503697863149680 Show response
connect.facebook.net/signals/config/ 150 KB
41 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/503697863149680?v=2.9.102&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b15695cff235373af82dbe38232047ce1f0bb06afb15bfc473066dcb31649e11

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 29 Apr 2023 17:50:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 42279
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 7gmV4DkKDXAp8JrIYNAR3aPmC8+cOZq5xaDgS4v/LJgJTQwGGheAbnfBAPjVtoJPU25aZ+EpKzHT1UdFT13tVQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/OR5H43ADMZATTDCWITJL2J/index.js
https://s.adroll.com/j/exp/index.js

28 B
785 B

8ms
8ms

Script
application/javascript

2600:9000:2250:1e00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
Protocol: HTTP/1.1
Server: 2600:9000:2250:1e00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

X-Amz-Version-Id: KLTaAvzmAP.1_rS.URSLlTS3u46mZQHP
Date: Sat, 29 Apr 2023 14:07:16 GMT
Via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
Age: 13387
X-Amz-Cf-Pop: FRA60-P2
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28
Last-Modified: Tue, 21 Mar 2023 16:39:30 GMT
Server: AmazonS3
Etag: "5816cced8568d223aa09d889f300692b"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: Skk9crWINqRvsZJ7EIARXy4Mi-ZpPqfBoCy56p6Hf-n_cBccR_MGxg==

Redirect headers

Date: Sat, 29 Apr 2023 06:43:06 GMT
Via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
Age: 40035
X-Amz-Cf-Pop: FRA60-P2
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: J1vt-t3u4qMOBCcwoFhgDOeEcmVaGmagM0JdCRYxYg3zxJ8V2h01TQ==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/OR5H43ADMZATTDCWITJL2J/YNLTJWUPKRGUFI3K3AH2ZC/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
756 B

12ms
12ms

Script
application/javascript

2600:9000:2250:1e00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
Protocol: HTTP/1.1
Server: 2600:9000:2250:1e00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date: Sat, 29 Apr 2023 14:40:18 GMT
Via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
Age: 11405
X-Amz-Cf-Pop: FRA60-P2
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 79bpw53Sq1yz0xC9DpieI4haYQ4-FjbQfcjqG5MyVZN9B7D1SB4Z5A==

Redirect headers

Date: Fri, 28 Apr 2023 23:22:32 GMT
Via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
Age: 66469
X-Amz-Cf-Pop: FRA60-P2
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: VoDOxtXj9aJHUTUPibmm7Lq5pjXsT6tGGJ9amjPApPOU-avI_bgHng==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/OR5H43ADMZATTDCWITJL2J/YNLTJWUPKRGUFI3K3AH2ZC/index.js
https://s.adroll.com/j/pre/index.js

0
756 B

10ms
8ms

Script
application/javascript

2600:9000:2250:1e00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346
Protocol: HTTP/1.1
Server: 2600:9000:2250:1e00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date: Sat, 29 Apr 2023 14:40:21 GMT
Via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
Age: 11405
X-Amz-Cf-Pop: FRA60-P2
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 2AdWjWcVtDQ98JRIL87DkrX7GimiIxeaO7sgQtPK04yKLc6XvJHnsQ==

Redirect headers

Date: Sat, 29 Apr 2023 13:16:31 GMT
Via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
Age: 16430
X-Amz-Cf-Pop: FRA60-P2
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: _nOenEhxYdpmADT-9cVL_2JnBXfi5470ShMLviH6HIeEv7-33AQ84w==

GET
BLOB 200
OK afcc9ddb-f9d7-422a-8ce4-da0c3daa5f2c
https://promo.libertex.com/ 2 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://promo.libertex.com/afcc9ddb-f9d7-422a-8ce4-da0c3daa5f2c
Requested by: Host: lib.libertex.com
URL: https://lib.libertex.com/widgets/live-quotes/bundle-1.5.0.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9af88cced150893a8d1d75091c263c3e202622497246baa0728fcec35cd03020

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 1794
Content-Type: text/css

GET
BLOB 200
OK 0ef3682d-62dd-4ee2-8816-179dfe69ca62
https://promo.libertex.com/ 559 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://promo.libertex.com/0ef3682d-62dd-4ee2-8816-179dfe69ca62
Requested by: Host: lib.libertex.com
URL: https://lib.libertex.com/widgets/live-quotes/bundle-1.5.0.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 758d250afe36b24b24b7496f3313f22119c48c19f948ab6d64f851eafde303da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 559
Content-Type: text/css

GET
BLOB 200
OK f834f01b-8ee6-4a71-9094-204306938239
https://promo.libertex.com/ 171 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://promo.libertex.com/f834f01b-8ee6-4a71-9094-204306938239
Requested by: Host: lib.libertex.com
URL: https://lib.libertex.com/widgets/live-quotes/bundle-1.5.0.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f578f5019f515a785d71e131d4c1f8724f1d07d80061f2b5af77de4d572f608

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 171
Content-Type: text/css

GET
BLOB 200
OK 47cf4903-674c-48ff-9289-a65dfdf850bd
https://promo.libertex.com/ 179 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://promo.libertex.com/47cf4903-674c-48ff-9289-a65dfdf850bd
Requested by: Host: lib.libertex.com
URL: https://lib.libertex.com/widgets/live-quotes/bundle-1.5.0.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b584b97516d6246da2b4e9ca1e57880bbbda026f8a1e9d23509d2c2d4a0569d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 179
Content-Type: text/css

GET
BLOB 200
OK 5bd2b9a6-92f0-43f6-be59-2ef6d112bb63
https://promo.libertex.com/ 174 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://promo.libertex.com/5bd2b9a6-92f0-43f6-be59-2ef6d112bb63
Requested by: Host: lib.libertex.com
URL: https://lib.libertex.com/widgets/live-quotes/bundle-1.5.0.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b5f27ddd74f2fc480d230d9bbc55a8bdf2a3db479fdc84001f2d1916c7298ca2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 174
Content-Type: text/css

GET
BLOB 200
OK 26925fee-75b0-49cb-bc95-2bbaaa4e2ccc
https://promo.libertex.com/ 8 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://promo.libertex.com/26925fee-75b0-49cb-bc95-2bbaaa4e2ccc
Requested by: Host: lib.libertex.com
URL: https://lib.libertex.com/widgets/live-quotes/bundle-1.5.0.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10c1ee52945d0256c4fe0a4a6ec9368b3752d361d036a08b5fe8fd40bdba51a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 7698
Content-Type: text/css

GET
BLOB 200
OK 86329602-1c3e-46f6-996c-bbe2359f59f5
https://promo.libertex.com/ 862 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://promo.libertex.com/86329602-1c3e-46f6-996c-bbe2359f59f5
Requested by: Host: lib.libertex.com
URL: https://lib.libertex.com/widgets/live-quotes/bundle-1.5.0.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c056eee36ff70bb798cbf0e7906e4cc733da4004a365e1ff43c9b4429ea77386

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 862
Content-Type: text/css

GET
BLOB 200
OK aa8aee48-1e00-455c-a774-0ab963f8cb9e
https://promo.libertex.com/ 11 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://promo.libertex.com/aa8aee48-1e00-455c-a774-0ab963f8cb9e
Requested by: Host: lib.libertex.com
URL: https://lib.libertex.com/widgets/live-quotes/bundle-1.5.0.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9bf23dbf9dab0e72de9dbe1d0d5899a64effc3c7c4bd9f2b3d285ffd498018d9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 11123
Content-Type: text/css

GET
BLOB 200
OK 78daffef-43c4-46ce-8133-93dc40d5a5e7
https://promo.libertex.com/ 4 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://promo.libertex.com/78daffef-43c4-46ce-8133-93dc40d5a5e7
Requested by: Host: lib.libertex.com
URL: https://lib.libertex.com/widgets/live-quotes/bundle-1.5.0.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d8052a73bb805d0f3dcbbe96ef26ed38c7b480dc19c62697a51f6a4754d98ac8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 4517
Content-Type: text/css

GET
H2 200 en Show response
quote.fxclub.com/info/ 666 B
972 B 626ms
586ms XHR
application/json 2606:4700::6810:e933
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://quote.fxclub.com/info/en?intervals=D1&fields=description,market,type&symbols=SIE&markets=

Requested by

Host: lib.libertex.com
URL: https://lib.libertex.com/widgets/live-quotes/bundle-1.5.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e933 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1890a0e02dcc6ad52365244c07f4f5d93c8fc910a0da6242f656e28959813230

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://promo.libertex.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cf-ray: 7bf9630f3d6d9034-FRA
access-control-allow-headers: Accept, Accept-Language, Origin, Content-Type, Content-Language, X-Forwarded-For
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 unip Show response
trc.taboola.com/1311468/log/3/ 0
76 B 16ms
16ms XHR
image/gif 2a04:4e42:400::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1311468/log/3/unip?en=view_content&item-url=https%3A%2F%2Fpromo.libertex.com%2Flp%2Fde-de%2Fshares%2F%3Faff_id%3D37544%26cxd%3D37544_486346&tim=1682790622570&mrir=u&vi=1682790622564&ref=null&cv=20230423-3-RELEASE&tos=3&ssd=1&scd=0
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1311468/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Sat, 29 Apr 2023 17:50:22 GMT
via: 1.1 varnish
x-served-by: cache-fra-eddf8230092-FRA
server: nginx
x-timer: S1682790623.569669,VS0,VE9
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://promo.libertex.com
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 json Show response
trc.taboola.com/1311468/trc/3/ 3 KB
1 KB 25ms
25ms Script
application/javascript 2a04:4e42:400::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1311468/trc/3/json?tim=1682790622571&data=%7B%22id%22%3A660%2C%22ii%22%3A%22%2Flp%2Fde-de%2Fshares%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1682790622564%2C%22cv%22%3A%2220230423-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fpromo.libertex.com%2Flp%2Fde-de%2Fshares%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Faff_id%3D37544%26cxd%3D37544_486346%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dforexclubinternationallimited-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22item-url%22%3A%22https%3A%2F%2Fpromo.libertex.com%2Flp%2Fde-de%2Fshares%2F%3Faff_id%3D37544%26cxd%3D37544_486346%22%2C%22tim%22%3A1682790622571%2C%22ref%22%3Anull%2C%22tos%22%3A4%2C%22ssd%22%3A1%2C%22scd%22%3A0%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1311468/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6c5869be674fa4122c582c6d4040fc5e21e6bebb760804a12dc6816e1be9161f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms: 18
date: Sat, 29 Apr 2023 17:50:22 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-fra-eddf8230092-FRA
server: nginx
x-timer: S1682790623.572712,VS0,VE18
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 10032341.json Show response
s.yimg.com/wi/config/ 2 B
450 B 61ms
22ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10032341.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:42:41 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: MZKH81552FF0GN5R
age: 461
content-length: 2
x-amz-id-2: OFhF2qeKIxLj6CYoYReuchSWXOyoLv4+jTRwHJPnj8udpd7RfCLropqYWgvM+qznPs57oogmClI=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

GET
H2 200 all Show response
api-geo.libertex.com/v1/ 80 KB
17 KB 195ms
135ms XHR
application/json 2606:4700::6810:65b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-geo.libertex.com/v1/all?locale=de&v=1682790622610

Requested by

Host: lib.libertex.com
URL: https://lib.libertex.com/landing/js/landing-api.min.2.2.2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:65b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19747ba1e3ea873d0e31c2e52f330710a20edf0ab8e961e5ce9cee841c9a9f3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cf-ray: 7bf9630fab1abbce-FRA
access-control-allow-headers: Accept, Accept-Language, Origin, Content-Type, Content-Language, X-Forwarded-For
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 782A 15 KB
6 KB 53ms
15ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=promo.libertex.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=61962,101098,101097,61960,61961,101967,101968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://promo.libertex.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 29 Apr 2023 17:50:21 GMT
server: Kestrel
server-processing-duration-in-ticks: 310413
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 modules.50a80ed62b384955a8b2.js Show response
script.hotjar.com/ 263 KB
68 KB 31ms
8ms Script
application/javascript 52.222.236.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.50a80ed62b384955a8b2.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-898554.js?sv=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-122.fra56.r.cloudfront.net

Software

Resource Hash

e60eac0f2636af6308d91526e82dff118e961332236bbe87a134f7e5d0d5037e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 11:06:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 110655
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 69259
last-modified: Fri, 28 Apr 2023 11:05:08 GMT
etag: "64d5841f997872b89ef043f224290bdf"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: ZAFxn9VWUfNIVOAJkMDLqbrxCKSvqVBP4jXuiO5xXiXvcbSLTtDT5g==

GET
H2 200 adsct
t.co/i/ 43 B
378 B 149ms
119ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=1edb1fea-3a98-42e2-9441-481fe0184782&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=50a2d6c7-9936-4bb3-9fc0-0cf45f292e66&tw_document_href=https%3A%2F%2Fpromo.libertex.com%2Flp%2Fde-de%2Fshares%2F%3Faff_id%3D37544%26cxd%3D37544_486346&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzaqg&type=javascript&version=2.3.29

Requested by

Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-response-time: 113
date: Sat, 29 Apr 2023 17:50:21 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 541ab73dd54cff13
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 1c3116b7335b78489aefe4384eb7a1831e4659ddfc8bff8e304d5f4b0c209a5a
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
395 B 139ms
116ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=1edb1fea-3a98-42e2-9441-481fe0184782&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=50a2d6c7-9936-4bb3-9fc0-0cf45f292e66&tw_document_href=https%3A%2F%2Fpromo.libertex.com%2Flp%2Fde-de%2Fshares%2F%3Faff_id%3D37544%26cxd%3D37544_486346&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzaqg&type=javascript&version=2.3.29

Requested by

Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-response-time: 110
date: Sat, 29 Apr 2023 17:50:21 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 707be316d9a9d281
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: c7433a0af57faa82c7230d35acd36cb506c643598184501734bd0c5fdb6e1fca
content-length: 43

GET
H3 200 inferredevents.js Show response
connect.facebook.net/signals/plugins/ 72 KB
22 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.102

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 29 Apr 2023 17:50:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 21972
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: hcGyDNRylwmuwaqhU6eqsJoOdpRq7bLv2baVn3jFwNuV9cRPZOgXZcuQwqE+qwmVLJ4VDEBBbrfR4fBKDx/Dsw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/eu01/ 35 B
215 B 20ms
20ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/eu01/v.gif?cd=0&a=677842&d=promo.libertex.com&u=D0FBA3FE8FE397E7AA8AC8E5A27175E40&h=c92a7b05e5c25b9258b2d72a65fb92b1&t=false&r=0.4364914114323848

Requested by

Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gbel1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Apr 2023 17:50:22 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gbel1c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
211 B 43ms
42ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1635109610&t=pageview&_s=1&dl=https%3A%2F%2Fpromo.libertex.com%2Flp%2Fde-de%2Fshares%2F%3Faff_id%3D37544%26cxd%3D37544_486346&ul=en-us&de=UTF-8&dt=Libertex&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACAABBAAAACAAI~&jid=1310092718&gjid=1959826614&cid=1680450534.1682790623&tid=UA-49381759-1&_gid=1892772553.1682790623&_r=1&_slc=1&cd7=de&z=693533693

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://promo.libertex.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 29 Apr 2023 17:50:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promo.libertex.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
69 B 42ms
41ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1635109610&t=pageview&_s=1&dl=https%3A%2F%2Fpromo.libertex.com%2Flp%2Fde-de%2Fshares%2F%3Faff_id%3D37544%26cxd%3D37544_486346&ul=en-us&de=UTF-8&dt=Libertex&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACAABBAAAACgAI~&jid=2134220534&gjid=1651437502&cid=1680450534.1682790623&tid=UA-49381759-31&_gid=1892772553.1682790623&_r=1&_slc=1&cd7=de&z=2033068058

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://promo.libertex.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 29 Apr 2023 17:50:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promo.libertex.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 OR5H43ADMZATTDCWITJL2J Show response
d.adroll.com/consent/check/ 463 B
556 B 116ms
31ms Script
application/javascript 2a05:d018:cc3:fe04:d73f:ab6c:26b5:4cd1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/OR5H43ADMZATTDCWITJL2J?pv=93751492752.99704&arrfrr=https%3A%2F%2Fpromo.libertex.com%2Flp%2Fde-de%2Fshares%2F%3Faff_id%3D37544%26cxd%3D37544_486346&_s=c0e5bfec167de99d43a6cba845c470c7&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe04:d73f:ab6c:26b5:4cd1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 6228300e53eb720c1cb61bec20db453a6ef254741ad255955e9f126c57f6338e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:22 GMT
server: nginx/1.22.1
content-length: 463
content-type: application/javascript

GET
H2 200 api.min.css
a.omappapi.com/app/js/ 18 KB
3 KB 44ms
7ms Stylesheet
text/css 2400:52e0:1e00::865:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.css
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::865:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-865 /
Resource Hash: 103f4d3fbc08fff41f2ddb722186887b3d8977d2a7da27e7ed0f2f5752dc339f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:22 GMT
content-encoding: br
cdn-edgestorageid: 863
perma-cache: HIT
cdn-storageserver: DE-569
cdn-cachedat: 04/25/2023 22:14:04
cdn-pullzone: 293267
last-modified: Tue, 25 Apr 2023 22:14:03 GMT
server: BunnyCDN-DE1-865
cdn-fileserver: 590
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"644850ab-464c"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 5fbc0a488fd92c9001df80f59ea50ffb
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 8811 Show response
api.omappapi.com/v2/embed/ 227 B
825 B 152ms
98ms XHR
application/json 18.66.112.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/8811?d=promo.libertex.com
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-59.fra56.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: 5aa4142a40b5a1e0cdee8d5416c145c0e3d8b785254a566b5393069dcd2e0de8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:22 GMT
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
x-cache-config: 0 0
x-amz-cf-pop: FRA56-P5
x-cache-status: HIT
x-cache: Miss from cloudfront
content-length: 227
x-optinmonster-account: 2794
x-user-agent: standard--
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Pagely Gateway/1.5.1
etag: "b91e5dc54e033e761837b7b846da520f"
vary: Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: X-OptinMonster-Account, X-User-Agent
cache-control: public, max-age=30, stale-while-revalidate=1800
access-control-allow-headers: X-CSRF-Token
x-amz-cf-id: QXYCCOWZJBrH6Q0r3paPGWZRMQ0xM4Vr9eL2xntcGwQlGxSTBMqVrQ==
expires: Sat, 29 Apr 2023 17:39:11 GMT

GET
H2 204 unip Show response
trc.taboola.com/1311468/log/3/ 0
56 B 16ms
15ms XHR
image/gif 2a04:4e42:400::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1311468/log/3/unip?en=page_view&item-url=https%3A%2F%2Fpromo.libertex.com%2Flp%2Fde-de%2Fshares%2F%3Faff_id%3D37544%26cxd%3D37544_486346&tim=1682790622571&ref=null&cv=20230423-3-RELEASE&tos=121&ssd=1&scd=0&vi=1682790622564&ri=f1ce93a14b9299e93a18492aebe4babe
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1311468/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Sat, 29 Apr 2023 17:50:22 GMT
via: 1.1 varnish
x-served-by: cache-fra-eddf8230092-FRA
server: nginx
x-timer: S1682790623.686831,VS0,VE9
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://promo.libertex.com
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 5419b732fbfb950b10de65e5 Show response
widget.trustpilot.com/trustbox-data/ Frame F0BA 855 B
819 B 9ms
9ms XHR
application/json 52.222.236.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustbox-data/5419b732fbfb950b10de65e5?businessUnitId=5a1e8d6b0000ff0005b1ddbc&locale=de-DE

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-107.fra56.r.cloudfront.net

Software

Kestrel /

Resource Hash

e9362b569572fc690369607ab99e6d8365904592c04dfbdb99f9b7a552bce09e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/index.html?templateId=5419b732fbfb950b10de65e5&businessunitId=5a1e8d6b0000ff0005b1ddbc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 29 Apr 2023 17:25:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 1502
x-cache: Hit from cloudfront
content-length: 387
x-xss-protection: 1; mode=block
server: Kestrel
etag: "b8865cbc74b7e25bdda57739803d4e71"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: public,max-age=1800
x-amz-cf-id: Lm8GWZ3IIYWFxPdXnMY5mj5ylug4JkjziXuOvSixuz7bT15uvL7faw==

GET
H2 204 TrustboxImpression Show response
widget.trustpilot.com/stats/ Frame F0BA 0
320 B 43ms
43ms XHR
text/plain 52.222.236.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/stats/TrustboxImpression?locale=de-DE&styleHeight=24px&styleWidth=100%25&theme=dark&fontFamily=Montserrat&url=https%3A%2F%2Fpromo.libertex.com%2Flp%2Fde-de%2Fshares%2F%3Faff_id%3D37544%26cxd%3D37544_486346&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F112.0.5615.121%20Safari%2F537.36&language=en-US&platform=Win32&nosettings=1&businessUnitId=5a1e8d6b0000ff0005b1ddbc&widgetId=5419b732fbfb950b10de65e5

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-107.fra56.r.cloudfront.net

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/index.html?templateId=5419b732fbfb950b10de65e5&businessunitId=5a1e8d6b0000ff0005b1ddbc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 29 Apr 2023 17:50:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
server: Kestrel
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
cache-control: no-store,no-cache
x-amz-cf-id: QeDgktcMoUalivef_QrkhUAl-MpGs3pP4_1jrwitUQX0L11POJ17AA==
x-xss-protection: 1; mode=block

GET
H2 204 TrustboxView Show response
widget.trustpilot.com/stats/ Frame F0BA 0
322 B 39ms
39ms XHR
text/plain 52.222.236.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/stats/TrustboxView?locale=de-DE&styleHeight=24px&styleWidth=100%25&theme=dark&fontFamily=Montserrat&url=https%3A%2F%2Fpromo.libertex.com%2Flp%2Fde-de%2Fshares%2F%3Faff_id%3D37544%26cxd%3D37544_486346&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F112.0.5615.121%20Safari%2F537.36&language=en-US&platform=Win32&nosettings=1&businessUnitId=5a1e8d6b0000ff0005b1ddbc&widgetId=5419b732fbfb950b10de65e5

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-107.fra56.r.cloudfront.net

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/index.html?templateId=5419b732fbfb950b10de65e5&businessunitId=5a1e8d6b0000ff0005b1ddbc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 29 Apr 2023 17:50:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
server: Kestrel
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
cache-control: no-store,no-cache
x-amz-cf-id: JtOTXTU72BIQGiy5vwz1ofBI_Lbn0UXll5BKeer3j6_e7xPNGWRsUA==
x-xss-protection: 1; mode=block

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
633 B 120ms
36ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Sat%2C%2029%20Apr%202023%2017%3A50%3A22%20GMT&n=0&b=Libertex&.yp=10032341&f=https%3A%2F%2Fpromo.libertex.com%2Flp%2Fde-de%2Fshares%2F%3Faff_id%3D37544%26cxd%3D37544_486346&enc=UTF-8&yv=1.14.0&tagmgr=tealium

Requested by

Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Apr 2023 17:50:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Sat, 29 Apr 2023 17:50:22 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
351 B 82ms
18ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-49381759-1&cid=1680450534.1682790623&jid=1310092718&gjid=1959826614&_gid=1892772553.1682790623&_u=YGBACAAABAAAACAAI~&z=1185690360

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://promo.libertex.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 29 Apr 2023 17:50:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promo.libertex.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 82ms
19ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-49381759-31&cid=1680450534.1682790623&jid=2134220534&gjid=1651437502&_gid=1892772553.1682790623&_u=YGDACAABBAAAACgAI~&z=1324375207

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://promo.libertex.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 29 Apr 2023 17:50:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promo.libertex.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 782A
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=libertex.com&sn=ChromeSyncframe&so=0&topUrl=promo.libertex.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=2e6HW3wxdmMyekxNY2lhMjh2Qm81U29oV0FxL2VBUUk0OUVDZDRrVDZlR3JLUnJzSWpiYThvRC9WaHkwQStycjc1Sk1jb3poWU0waThVOEpsM3hoMzhtTnUyN2w1dEVXQWdBWDVnQTlCeWlnYlVZZnFEYitXNTJxdVJjV3...

435 B
652 B

116ms
17ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=2e6HW3wxdmMyekxNY2lhMjh2Qm81U29oV0FxL2VBUUk0OUVDZDRrVDZlR3JLUnJzSWpiYThvRC9WaHkwQStycjc1Sk1jb3poWU0waThVOEpsM3hoMzhtTnUyN2w1dEVXQWdBWDVnQTlCeWlnYlVZZnFEYitXNTJxdVJjV3B0c0xjTUtTbFJzdWZRVE8vaFQyaDByS2VZMjhpcFk0ckkrelg0M3hFYXhwN1FJNUJuZUdDdFpZL2dlWnpmbnYrSmo0S3NUckVObzMwalJLTHVEVHpxSVI4RTQrWUxxU3liMlZNYlZicEpPN29hS2lzcFh2c3RKVXBuaGFkN1JYWG80RzRuSVgzMkxNTSs2N1JxR1JrREFueGx0cUFvdz09fA&cppv=2

Requested by

Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

090fa589721b63c7c5e6678c4616fd7eefc1fb0a537029dc227e3e1fdaa1f24e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Apr 2023 17:50:22 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2492040
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 29 Apr 2023 17:50:21 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=2e6HW3wxdmMyekxNY2lhMjh2Qm81U29oV0FxL2VBUUk0OUVDZDRrVDZlR3JLUnJzSWpiYThvRC9WaHkwQStycjc1Sk1jb3poWU0waThVOEpsM3hoMzhtTnUyN2w1dEVXQWdBWDVnQTlCeWlnYlVZZnFEYitXNTJxdVJjV3B0c0xjTUtTbFJzdWZRVE8vaFQyaDByS2VZMjhpcFk0ckkrelg0M3hFYXhwN1FJNUJuZUdDdFpZL2dlWnpmbnYrSmo0S3NUckVObzMwalJLTHVEVHpxSVI4RTQrWUxxU3liMlZNYlZicEpPN29hS2lzcFh2c3RKVXBuaGFkN1JYWG80RzRuSVgzMkxNTSs2N1JxR1JrREFueGx0cUFvdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 349155
content-length: 0
expires: 0

GET
H2 200 montserrat.css
widget.trustpilot.com/fonts/ Frame F0BA 5 KB
5 KB 7ms
7ms Stylesheet
text/css 52.222.236.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.trustpilot.com/fonts/montserrat.css
Requested by: Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-107.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 099dbee82bc5da3a74f1ffe461982b51c3b7b951e23912f677d89091de4bcd15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/index.html?templateId=5419b732fbfb950b10de65e5&businessunitId=5a1e8d6b0000ff0005b1ddbc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 04:13:11 GMT
via: 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
last-modified: Mon, 03 Oct 2022 14:37:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 49032
etag: "7360fedbb670f7675b8ccc934355c686"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 4924
x-amz-cf-id: hM97kEbqctcwqswWmI_t7hcnpz4kvC5J2gj8Eh6WNeikKOVHf48hxA==

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 126ms
102ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=503697863149680&ev=PageView&dl=https%3A%2F%2Fpromo.libertex.com%2Flp%2Fde-de%2Fshares%2F%3Faff_id%3D37544%26cxd%3D37544_486346&rl=&if=false&ts=1682790622709&sw=1600&sh=1200&v=2.9.102&r=stable&a=tmtealium&ec=0&o=28&cs_est=true&fbp=fb.1.1682790622708.1969826732&it=1682790622524&coo=false&rqm=GET

Requested by

Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 29 Apr 2023 17:50:22 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 204 898554 Show response
vc.hotjar.io/sessions/ 0
259 B 95ms
36ms XHR
text/plain 18.66.112.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/898554?s=0.25&r=0.13361933932416226
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.50a80ed62b384955a8b2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-19.fra56.r.cloudfront.net
Software: Python/3.8 aiohttp/3.8.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:22 GMT
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
server: Python/3.8 aiohttp/3.8.4
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: JIhFoaVcVWCgYcK_gdynPshfQvHLTgS8qz6jvbE0IUbOBEflvvw1Vw==

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CMjUrMrTz_4CFRWYmgodarcETQ;src=11442981;type=testb0;cat=pagev0;ord=4274851634129.6836;~oref=https://promo.libertex.com/ Frame 20E6 440 B
601 B 166ms
72ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CMjUrMrTz_4CFRWYmgodarcETQ;src=11442981;type=testb0;cat=pagev0;ord=4274851634129.6836;~oref=https://promo.libertex.com/

Requested by

Host: 11442981.fls.doubleclick.net
URL: https://11442981.fls.doubleclick.net/activityi;dc_pre=CMjUrMrTz_4CFRWYmgodarcETQ;src=11442981;type=testb0;cat=pagev0;ord=4274851634129.6836?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f78d4ac2eb7c10c5ebf077169661dc2c07e759d4124756a5317922c393dbd4df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11442981.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 227
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Apr 2023 17:50:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 139ms
60ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-49381759-1&cid=1680450534.1682790623&jid=1310092718&_u=YGBACAAABAAAACAAI~&z=1121145825

Requested by

Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Apr 2023 17:50:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 145ms
58ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-49381759-1&cid=1680450534.1682790623&jid=1310092718&_u=YGBACAAABAAAACAAI~&z=1121145825

Requested by

Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Apr 2023 17:50:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 137ms
59ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-49381759-31&cid=1680450534.1682790623&jid=2134220534&_u=YGDACAABBAAAACgAI~&z=1584021733

Requested by

Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Apr 2023 17:50:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 144ms
59ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-49381759-31&cid=1680450534.1682790623&jid=2134220534&_u=YGDACAABBAAAACgAI~&z=1584021733

Requested by

Host: promo.libertex.com
URL: https://promo.libertex.com/lp/de-de/shares/?aff_id=37544&cxd=37544_486346

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Apr 2023 17:50:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5.112e6dc7.min.js Show response
a.opmnstr.com/app/js/ 16 KB
6 KB 12ms
12ms Script
application/javascript 2400:52e0:1e00::865:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/5.112e6dc7.min.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::865:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-865 /
Resource Hash: f77582bed375bcc38f36c2b1a15e9deb97f387905b0c087a77448add795cd0c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:22 GMT
content-encoding: br
cdn-edgestorageid: 1075
perma-cache: HIT
cdn-storageserver: DE-168
cdn-cachedat: 04/25/2023 22:14:02
cdn-pullzone: 293267
last-modified: Tue, 25 Apr 2023 22:14:02 GMT
server: BunnyCDN-DE1-865
cdn-fileserver: 567
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"644850aa-3f86"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: f9e39b6e4fccd9b51410fd9bd456196d
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 event Show response
sslwidget.criteo.com/ 44 KB
5 KB 75ms
38ms Script
application/x-javascript 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=%5B61962%2C101098%2C101097%2C61960%2C61961%2C101967%2C101968%5D&v=5.15.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Ddis&adce=1&bundle=jEAYBF84RCUyQkFXa0Q4OWdGaEJaTTFZUU8lMkJiUGQ2ZVVBSUNYNXp6R1pJJTJCdWZ0OWNWZHo4SHk5WHRVRnFlUlQyanFyamYzVSUyQlZNSm5WQVNnR1Y4cEhsQTFXelB4dlhmWlNYN05QdyUyQndub0VDb1ZQWmphUEFJc0tDRWQ4WnMzMlNpOHVvQ0xaaGlKUzhUc2QwNEY1UXViQkpNMzF3JTNEJTNE&tld=libertex.com&dy=1&fu=https%253A%252F%252Fpromo.libertex.com%252Flp%252Fde-de%252Fshares%252F%253Faff_id%253D37544%2526cxd%253D37544_486346&ceid=27a556a0-7f90-4808-a973-1646e1f377b6&dtycbr=13896

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=61962,101098,101097,61960,61961,101967,101968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5dd3eb05235570f3273274d2796ce15f6f3ee7c1c96ed97f0ac87c6f4b4b11aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Apr 2023 17:50:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 22767610
timing-allow-origin: *
expires: 0

GET
H2 200 / Show response
adservice.google.de/ddm/fls/i/dc_pre=CMjUrMrTz_4CFRWYmgodarcETQ;src=11442981;type=testb0;cat=pagev0;ord=4274851634129.6836;~oref=https://promo.libertex.com/ Frame B551 194 B
515 B 188ms
84ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CMjUrMrTz_4CFRWYmgodarcETQ;src=11442981;type=testb0;cat=pagev0;ord=4274851634129.6836;~oref=https://promo.libertex.com/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CMjUrMrTz_4CFRWYmgodarcETQ;src=11442981;type=testb0;cat=pagev0;ord=4274851634129.6836;~oref=https://promo.libertex.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Apr 2023 17:50:23 GMT
expires: Sat, 29 Apr 2023 17:50:23 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 main.MTYwYzA3NDgwMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 256 KB
69 KB 31ms
31ms Script
application/javascript 2.16.187.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTYwYzA3NDgwMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BVJ114SOLA0CA89TMT5G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.187.106 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-187-106.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4cf6e848e33259be37270940325f323d4a3a9c4a324ee8e9653c200b02181726

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-akamai-request-id: 16231e1f
date: Sat, 29 Apr 2023 17:50:23 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2023042512310652E2941154792AB0BFC0
vary: Accept-Encoding
x-cache: TCP_HIT from a2-16-187-102.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01b71dd4408c997037e35e9a11dbfe2ffe39ea294d34c07c50088219540a4930871420a383b83a20370d46b968ef2a8f16e0c26838efaf6f51569f6547c622076f71759105f66356c0a2970422d55deadb1600c7a8ff1d06aca84a74b4a948bc3f
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
content-length: 69807

GET
H2 200 identify_79a0c.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
30 KB 10ms
10ms Script
application/javascript 2.16.187.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_79a0c.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTYwYzA3NDgwMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.187.106 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-187-106.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-akamai-request-id: 16231e33
date: Sat, 29 Apr 2023 17:50:23 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230425123104D4AA58CE3CFA604FAE0E
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-16-187-102.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01a1034c0962ec6c2f0976b7b8bc1ce254605165bdfd5c13c455ba829502dbaa87c53ac0881a25a905895425e28260b8c2f42d4826d476de0cd5f47c4dd09738a5b6617b95970f1b73febd535c53b4a6b46ce5d62be24e704209571fea0fed2eb7
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 30626

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
693 B 158ms
158ms Ping
text/plain 2.16.187.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTYwYzA3NDgwMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.187.106 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-187-106.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://promo.libertex.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 754b8c5c.16231e5c
date: Sat, 29 Apr 2023 17:50:23 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-187-102.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
x-parent-response-time: 144,2.16.187.102
server-timing: cdn-cache; desc=MISS, edge; dur=115, origin; dur=34, inner; dur=22
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023042917502373A119E2628F179457FD
x-cache-remote: TCP_MISS from a23-59-251-118.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 34,23.59.251.118
x-tt-trace-host: 01729846d87a9d1c755e813f21343df2b7fcce2b6602f5a8d9de51b409a80a4024ca26c7e9be1e0c5869e5ac32642cdff2897afb3aa63ffdb35d44bfd1fe27f2f003cc0bf6ddb5c7d37a9c2a82d52513224cca919a38c407c7bbad1f15b710e54b550911e36c55e6f1ef77486afa99444f
expires: Sat, 29 Apr 2023 17:50:23 GMT

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame 0A46
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-s0oMs29YkPmGoRA64TPfToBBx9c2RtmUBX899g&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-s0oMs29YkPmGoRA64TPfToBBx9c2RtmUBX899g&expires=30

43 B
345 B

11ms
11ms

Image
image/gif

18.159.144.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-s0oMs29YkPmGoRA64TPfToBBx9c2RtmUBX899g&expires=30
Protocol: H2
Server: 18.159.144.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-144-147.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-s0oMs29YkPmGoRA64TPfToBBx9c2RtmUBX899g&expires=30
date: Sat, 29 Apr 2023 17:50:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 0A46
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-ZSYwmm9YkPmGoRA64TPfToBBx9e-O3fVQcLhZw&google_cm&google_hm=ay1aU1l3bW05WWtQbUdvUkE2NFRQZlRvQkJ4OWUtTzNmV...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-ZSYwmm9YkPmGoRA64TPfToBBx9e-O3fVQcLhZw&google_gid=CAESEDauKCPnQDRs6Wyw2qlMr2w&google_cver=1&google_ula=913071,0

43 B
369 B

17ms
17ms

Image
image/gif

178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-ZSYwmm9YkPmGoRA64TPfToBBx9e-O3fVQcLhZw&google_gid=CAESEDauKCPnQDRs6Wyw2qlMr2w&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Apr 2023 17:50:22 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 718772
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 29 Apr 2023 17:50:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-ZSYwmm9YkPmGoRA64TPfToBBx9e-O3fVQcLhZw&google_gid=CAESEDauKCPnQDRs6Wyw2qlMr2w&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 0A46
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8157583201659426659

43 B
371 B

61ms
18ms

Image
image/gif

178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8157583201659426659

Protocol

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Apr 2023 17:50:22 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1297334
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sat, 29 Apr 2023 17:50:23 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.137; 185.213.155.137; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 3fae0276-7c87-46e8-af25-46ff96105f84
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8157583201659426659
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 0A46
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-noyvBG9YkPmGoRA64TPfToBBx9c_f33JzpJVUg
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-noyvBG9YkPmGoRA64TPfToBBx9c_f33JzpJVUg

43 B
1 KB

11ms
10ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-noyvBG9YkPmGoRA64TPfToBBx9c_f33JzpJVUg

Protocol

HTTP/1.1

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 29 Apr 2023 17:50:23 GMT
AN-X-Request-Uuid: 1ecd002a-fafe-435d-9461-ad019094b700
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.137; 185.213.155.137; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 29 Apr 2023 17:50:23 GMT
AN-X-Request-Uuid: e0785ea7-ed8b-49c9-8f28-0f6b06dcc9a5
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-noyvBG9YkPmGoRA64TPfToBBx9c_f33JzpJVUg
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.137; 185.213.155.137; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame 0A46 61 B
802 B 115ms
71ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-2qtAb29YkPmGoRA64TPfToBBx9eOdLin_mp9xw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sat, 29 Apr 2023 17:50:23 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Sat, 29 Apr 2023 17:50:23 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 0A46 0
239 B 57ms
7ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-WCOyQ29YkPmGoRA64TPfToBBx9cB0AFiymZXzA&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 0A46 0
357 B 39ms
9ms Image
text/plain 3.68.153.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-Z9vcQ29YkPmGoRA64TPfToBBx9fdyIGZamanDg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.68.153.114 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-68-153-114.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:23 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 0A46 43 B
163 B 90ms
17ms Image
image/gif 185.86.138.152
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-ptwHhW9YkPmGoRA64TPfToBBx9e_GgqEiL7oMg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.152 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:22 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 0A46 0
99 B 57ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-ai18cW9YkPmGoRA64TPfToBBx9eVjZLOXvzinw
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:23 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13511

GET
H2 200 um
criteo-sync.teads.tv/ Frame 0A46 23 B
172 B 74ms
32ms Image
image/gif 104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-GMfUTm9YkPmGoRA64TPfToBBx9eC8_YOd205WQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires: Sat, 29 Apr 2023 17:50:23 GMT
pragma: no-cache
date: Sat, 29 Apr 2023 17:50:23 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 0A46 37 B
140 B 39ms
9ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-4h3OiW9YkPmGoRA64TPfToBBx9cY1nUq8fWKXg&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame 0A46 0
399 B 37ms
10ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-iVwJS29YkPmGoRA64TPfToBBx9d1P4U7ELzKdg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:23 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame 0A46 43 B
163 B 91ms
21ms Image
image/gif 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-QL2LW29YkPmGoRA64TPfToBBx9fNpgWXnG7XhQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:23 GMT
last-modified: Tue, 22 May 2018 14:15:49 GMT
server: nginx
accept-ranges: bytes
etag: "5b042615-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 0A46 49 B
235 B 64ms
22ms Image
image/gif 185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-Qu8e529YkPmGoRA64TPfToBBx9cmhcODHLlglQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.152 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Apr 2023 17:50:22 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 4
content-length: 49
expires: 0

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame 0A46
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-WVedy29YkPmGoRA64TPfToBBx9frUnMG_s76bg
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-WVedy29YkPmGoRA64TPfToBBx9frUnMG_s76bg&C=1

43 B
766 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-WVedy29YkPmGoRA64TPfToBBx9frUnMG_s76bg&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 29 Apr 2023 17:50:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sat, 29 Apr 2023 17:50:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=20&external_user_id=k-WVedy29YkPmGoRA64TPfToBBx9frUnMG_s76bg&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 0A46
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=1YZqfTUuMODooZN1-1zl6LCF5zB3-QxN
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=1YZqfTUuMODooZN1-1zl6LCF5zB3-QxN

42 B
942 B

33ms
33ms

Image
image/gif

52.51.141.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=1YZqfTUuMODooZN1-1zl6LCF5zB3-QxN

Protocol

HTTP/1.1

Server

52.51.141.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-141-47.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v048-0f9a952db.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: sJZGF2u8TFQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v048-059e93707.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: FD7xu1JPR6U=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=1YZqfTUuMODooZN1-1zl6LCF5zB3-QxN
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame 0A46 43 B
1 KB 89ms
27ms Image
image/gif 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-1rQIMG9YkPmGoRA64TPfToBBx9cDx277zOnvqg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Sat, 29 Apr 2023 17:50:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 0A46
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-K-eWq29YkPmGoRA64TPfToBBx9dBddx9FW6EXA
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-K-eWq29YkPmGoRA64TPfToBBx9dBddx9FW6EXA

43 B
448 B

32ms
31ms

Image
image/gif

54.155.103.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-K-eWq29YkPmGoRA64TPfToBBx9dBddx9FW6EXA
Protocol: H2
Server: 54.155.103.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-103-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 29 Apr 2023 17:50:23 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-K-eWq29YkPmGoRA64TPfToBBx9dBddx9FW6EXA
access-control-allow-origin: *
date: Sat, 29 Apr 2023 17:50:23 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame 0A46 42 B
274 B 65ms
21ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-EcAR029YkPmGoRA64TPfToBBx9fPg8NiElWscg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:23 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 0A46 0
886 B 39ms
9ms Image
text/html 52.29.12.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-ANteWm9YkPmGoRA64TPfToBBx9etG8vk36-Bzw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.12.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-12-165.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:23 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 0A46 0
145 B 441ms
117ms Image
text/plain 64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-49VCvW9YkPmGoRA64TPfToBBx9cbTN62-xZNMw&initiator=partner
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sat, 29 Apr 2023 17:50:23 GMT
Cache-Control: no-cache
X-TraceId: d1999312e1061609098b40cd6e0dd1b8
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 0A46 42 B
580 B 57ms
15ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-5GnXHm9YkPmGoRA64TPfToBBx9czZUEed-p1Hg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 29 Apr 2023 17:50:22 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 0A46 43 B
399 B 329ms
106ms Image
image/gif 2600:1f18:612b:4232:7cbe:f340:efa9:d727
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-TRibiG9YkPmGoRA64TPfToBBx9d8RRtKpklZXg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:7cbe:f340:efa9:d727 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Sat, 29 Apr 2023 17:50:23 GMT
server: nginx
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 0A46 0
400 B 94ms
41ms Image
text/plain 23.209.16.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-mq8h9G9YkPmGoRA64TPfToBBx9f_yrV6tiSMgQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.209.16.125 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-209-16-125.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 29 Apr 2023 17:50:23 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Fri, 28 Apr 2023 17:50:23 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 0A46 0
38 B 132ms
28ms Image
text/plain 52.19.147.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-X3A-vG9YkPmGoRA64TPfToBBx9dwUkjfSAeE5A&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.147.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-147-161.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:23 GMT
content-length: 0

GET
H3 200 0.bundle-1.5.0.js Show response
lib.libertex.com/widgets/live-quotes/ 393 KB
131 KB 25ms
25ms Script
application/javascript 2606:4700::6810:245a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lib.libertex.com/widgets/live-quotes/0.bundle-1.5.0.js
Requested by: Host: lib.libertex.com
URL: https://lib.libertex.com/widgets/live-quotes/bundle-1.5.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:245a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 798ae615741bb7a3b5c96f2f5419906fbd7fd5f24116f4802fea72dd19f729ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:23 GMT
x-amz-version-id: PbzKbKV7zqthjpHs2iLFZxGvQ7fA4nkr
content-encoding: br
cf-cache-status: HIT
age: 5605
x-amz-request-id: T3P6225W2K74YV17
cf-polished: origSize=402515
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: k+UDScRzIlhn6xk4MaqvrQSo3hiaKwi+URZZcoYvtw15h1ASNkNm0NtpRvxcDpa+1QjQ3RYEkNc=
last-modified: Thu, 24 Nov 2022 09:15:18 GMT
cf-bgj: minify
server: cloudflare
etag: W/"e47a3b96e935a97cee6947043598bd14"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7bf96312da343a6d-FRA
expires: Sat, 29 Apr 2023 21:50:23 GMT

GET
BLOB 200
OK b74087c9-3312-4dfd-b728-5b7a911ba4ae
https://promo.libertex.com/ 12 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://promo.libertex.com/b74087c9-3312-4dfd-b728-5b7a911ba4ae
Requested by: Host: lib.libertex.com
URL: https://lib.libertex.com/widgets/live-quotes/bundle-1.5.0.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f6ca70621a04cbe8f09e9c062f9af3d93156107c8ee1ffbec2e6fe07d18a37d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 12641
Content-Type: text/css

GET
BLOB 200
OK d6796569-59c8-41e3-bf14-0f1f28016a2f
https://promo.libertex.com/ 6 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://promo.libertex.com/d6796569-59c8-41e3-bf14-0f1f28016a2f
Requested by: Host: lib.libertex.com
URL: https://lib.libertex.com/widgets/live-quotes/bundle-1.5.0.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d134df6831633c0a78e1fe89e5657648b59fc5fc6b641dffbe7ea100e25031b9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 6000
Content-Type: text/css

GET
H2 200 historyquotes Show response
gaterest.fxclub.com/real/restapi/quotes/ 17 KB
5 KB 279ms
268ms XHR
application/json 2606:4700::6810:e933
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gaterest.fxclub.com/real/restapi/quotes/historyquotes?symbol=SIE&interval=W1
Requested by: Host: lib.libertex.com
URL: https://lib.libertex.com/widgets/live-quotes/bundle-1.5.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:e933 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d6d27ce08f0f2f5be5564a4e62f4cd6534b2a14677dfd3bfccf206c910fb76

Request headers

Accept: application/json, text/plain, */*
Referer: https://promo.libertex.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:23 GMT
content-encoding: gzip
x-gateway-hostname: f4e94ca1c27e
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 7bf963139ad19034-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 417 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 03ffed8c53dfe4a4b1496a5402baedf584376578e917233dabdbabab68a2463f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1018 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf0569941e44ecf298c98fdfd42a86ce22dcd2598e70ec7b3f2e56f4c4cc3e32

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 0A46
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=kN4WtycLmQ5ky0HWmSqKlYmDQvXcuoaS

0
338 B

107ms
29ms

Image
text/plain

54.246.64.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=kN4WtycLmQ5ky0HWmSqKlYmDQvXcuoaS
Protocol: H2
Server: 54.246.64.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-64-138.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by: beacon-n004-dub-prod.krxd.net
date: Sat, 29 Apr 2023 17:50:23 GMT
cache-control: private, no-cache, no-store
x-request-time: D=27 t=1682790623
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=kN4WtycLmQ5ky0HWmSqKlYmDQvXcuoaS
date: Sat, 29 Apr 2023 17:50:22 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 813710
content-length: 0

GET
H2

200

cs
s.thebrighttag.com/ Frame 0A46
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=ARpwW7mwv9-cBf8fn8H6asotki1ktBma

35 B
268 B

356ms
114ms

Image
image/gif

18.189.115.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=ARpwW7mwv9-cBf8fn8H6asotki1ktBma
Protocol: H2
Server: 18.189.115.252 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-189-115-252.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Apr 2023 17:50:23 GMT
x-bt-requestid: 511fac60-e6b6-11ed-a50d-0000ac1702cb
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=ARpwW7mwv9-cBf8fn8H6asotki1ktBma
date: Sat, 29 Apr 2023 17:50:22 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 790524
content-length: 0

GET
H2 204 unip Show response
trc-events.taboola.com/1311468/log/3/ 0
248 B 15ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1311468/log/3/unip?en=pre_d_eng_tb&tos=1594&scd=0&ssd=1&est=1682790622566&ver=36&isls=true&src=i&invt=1500&msa=2690&rv=1&tim=1682790624161&vi=1682790622564&ri=f1ce93a14b9299e93a18492aebe4babe&ref=null&cv=20230423-3-RELEASE&item-url=https%3A%2F%2Fpromo.libertex.com%2Flp%2Fde-de%2Fshares%2F%3Faff_id%3D37544%26cxd%3D37544_486346
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1311468/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://promo.libertex.com
pragma: no-cache
date: Sat, 29 Apr 2023 17:50:24 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1311468/log/3/ 0
248 B 15ms
15ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1311468/log/3/unip?en=pre_d_eng_tb&tos=4595&scd=0&ssd=1&est=1682790622566&ver=36&isls=true&src=i&invt=3000&msa=2690&rv=1&tim=1682790627162&vi=1682790622564&ri=f1ce93a14b9299e93a18492aebe4babe&ref=null&cv=20230423-3-RELEASE&item-url=https%3A%2F%2Fpromo.libertex.com%2Flp%2Fde-de%2Fshares%2F%3Faff_id%3D37544%26cxd%3D37544_486346
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1311468/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.libertex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://promo.libertex.com
pragma: no-cache
date: Sat, 29 Apr 2023 17:50:27 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

64 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.libertex.com/	1970-01-20 11:26:32	Name: __cf_bm Value: YnhKLgGD1tILtFF7x3iYz3hVeTALd7Xk9TZUTFO_St8-1682790622-0-AW6sPQzRL/LzJZJjrG0ASv1lj9Bx2ij4qQt85q0aVRzt3n5UK5Wi6TowBMJ8z+uO61dcQMV8EzrOiMAxkocwaqo=
.libertex.com/	1970-01-20 21:02:30	Name: segment Value: 2
.libertex.com/	1970-01-20 20:12:06	Name: utag_main Value: v_id:0187ce23242f005f5a9afe833e5803074004906c00b08$_sn:1$_se:1$_ss:1$_st:1682792422256$ses_id:1682790622256%3Bexp-session$_pn:1%3Bexp-session$_prevpage:undefined%3Bexp-1682794222281
.libertex.com/	1969-12-31 23:59:59	Name: cookie_conversion_utm Value: undefined
.libertex.com/	1970-01-20 21:02:30	Name: segment_web Value: b
.libertex.com/	1969-12-31 23:59:59	Name: icid_sf_cookie Value: undefined
.promo.libertex.com/	1970-01-20 20:13:33	Name: _vwo_uuid_v2 Value: D0FBA3FE8FE397E7AA8AC8E5A27175E40\|c92a7b05e5c25b9258b2d72a65fb92b1
.libertex.com/	1970-01-20 21:02:30	Name: _ga Value: GA1.2.1680450534.1682790623
.libertex.com/	1970-01-20 11:27:57	Name: _gid Value: GA1.2.1892772553.1682790623
.libertex.com/	1970-01-20 11:26:30	Name: _gat_tealium_0 Value: 1
.fxclub.com/	1970-01-20 11:26:32	Name: __cf_bm Value: X3F26sLglKEN5_eDMJrvB.naVGFpkez2oXFWNQ6NZk8-1682790622-0-Aa19/qJ9HbB740NR0IMwB5kPqpnGLKq8UZ3QkfOS/t5MOGflePZ/XYAGOZTpYunD3zHFQOBL1jz/QErpKj79L3I=
.libertex.com/	1970-01-20 11:26:30	Name: _gat_tealium_1 Value: 1
.criteo.com/	1970-01-20 20:48:06	Name: uid Value: 0f920d64-6caf-43b2-9608-66d8f98813e3
promo.libertex.com/	1970-01-20 21:02:30	Name: _omappvp Value: P4euUtqo6hwzZZ6d0KyJwkAIffpB34cE766Pl82Lo3hCNTL9zCprgKUcGeYIJ3JX91OROlWVzvSa3e0Ya6i6D45dOYTKrZU0
promo.libertex.com/	1970-01-20 11:26:31	Name: _omappvs Value: 1682790622680
.libertex.com/	1970-01-20 13:36:06	Name: _fbp Value: fb.1.1682790622708.1969826732
.libertex.com/	1970-01-20 20:12:06	Name: _hjSessionUser_898554 Value: eyJpZCI6IjQyNWMwNDY4LTM5MDEtNWJkZC05Mjc1LWJmNjVkOWEzYzFlYSIsImNyZWF0ZWQiOjE2ODI3OTA2MjI3MzAsImV4aXN0aW5nIjpmYWxzZX0=
.libertex.com/	1970-01-20 11:26:32	Name: _hjFirstSeen Value: 1
.libertex.com/	1970-01-20 11:26:30	Name: _hjIncludedInSessionSample_898554 Value: 1
.libertex.com/	1970-01-20 11:26:32	Name: _hjSession_898554 Value: eyJpZCI6IjRhNjUzMjgwLWU4NzItNDVmMC1iNGY4LTY1ZDZmN2MyYjc3OSIsImNyZWF0ZWQiOjE2ODI3OTA2MjI3MzgsImluU2FtcGxlIjp0cnVlfQ==
.libertex.com/	1970-01-20 11:26:32	Name: _hjAbsoluteSessionInProgress Value: 1
.twitter.com/	1970-01-20 21:02:30	Name: personalization_id Value: "v1_hqASfKEvu6+KS38+dv6DzA=="
.t.co/	1970-01-20 21:02:30	Name: muc_ads Value: 7bd6d6ea-89f1-452c-9bf7-a4322a60463e
.yahoo.com/	1970-01-20 20:12:28	Name: A3 Value: d=AQABBN5YTWQCEAIjZcvgA0uMKy08QN4J7ngFEgEBAQGqTmRXZOANyiMA_eMAAA&S=AQAAAlng6AzA_4GYCycZm3Es3SA
.libertex.com/	1970-01-20 20:55:54	Name: cto_bundle Value: jEAYBF84RCUyQkFXa0Q4OWdGaEJaTTFZUU8lMkJiUGQ2ZVVBSUNYNXp6R1pJJTJCdWZ0OWNWZHo4SHk5WHRVRnFlUlQyanFyamYzVSUyQlZNSm5WQVNnR1Y4cEhsQTFXelB4dlhmWlNYN05QdyUyQndub0VDb1ZQWmphUEFJc0tDRWQ4WnMzMlNpOHVvQ0xaaGlKUzhUc2QwNEY1UXViQkpNMzF3JTNEJTNE
.tiktok.com/	1970-01-20 20:48:06	Name: _ttp Value: 2P6w1MnbQl2rPM2I8OwkUfnwZ51
.libertex.com/	1970-01-20 20:48:06	Name: _tt_enable_cookie Value: 1
.libertex.com/	1970-01-20 20:48:06	Name: _ttp Value: wM2w71fKC4zbXx3Vw0ri2sUel-c
match.sharethrough.com/	1970-01-20 11:36:35	Name: AWSALBCORS Value: iM3yLDU7dcMbp/rEz60GyPvzmctUft6gA6lHue0sQuKlOlwurpQqE+1ozhfaEkt3uQ5c3PRIb7xAOBG0KQhz6dStWfr808hAldEnOB6tLTragByZNgY6hM3seGo+
.bidswitch.net/	1970-01-20 20:12:06	Name: tuuid Value: b2e598cd-37c7-4b24-a6ae-bcf3d359d543
.bidswitch.net/	1970-01-20 20:12:06	Name: c Value: 1682790623
.bidswitch.net/	1970-01-20 20:12:06	Name: tuuid_lu Value: 1682790623
.adnxs.com/	1970-01-20 13:36:06	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2GVVs_-qx!]tbPl@/D!9hy6]/Cr+`cXz+-mleM.T2gDfS26[/Xs_fmtZp:40'TGka!:+cflwrC2^d']hl[bpRzqF1`*bdAt+nJ`w
.adnxs.com/	1970-01-20 13:36:06	Name: uuid2 Value: 8157583201659426659
.analytics.yahoo.com/	1970-01-20 20:12:06	Name: IDSYNC Value: 18zh~2bd5
.media.net/	1970-01-20 20:12:06	Name: visitor-id Value: 3257922238394553000V10
.media.net/	1970-01-20 12:09:42	Name: data-c-ts Value: 1682790623
.media.net/	1970-01-20 12:09:42	Name: data-c Value: k-2qtAb29YkPmGoRA64TPfToBBx9eOdLin_mp9xw~~3
exchange.mediavine.com/	1970-01-20 11:46:40	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%2250d29dd0-e6b6-11ed-99f6-a94693ddb859%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 11:46:40	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%2250d29dd0-e6b6-11ed-99f6-a94693ddb859%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 11:46:40	Name: am_tokens Value: %7B%22mv_uuid%22%3A%2250d29dd0-e6b6-11ed-99f6-a94693ddb859%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 11:46:40	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%2250d29dd0-e6b6-11ed-99f6-a94693ddb859%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 11:46:40	Name: criteo Value: %7B%22id%22%3A%22k-ANteWm9YkPmGoRA64TPfToBBx9etG8vk36-Bzw%22%2C%22version%22%3A%22criteo%22%7D
.casalemedia.com/	1970-01-20 20:12:06	Name: CMID Value: ZE1Y34quxGCN0WSmPNOx1AAA
.casalemedia.com/	1970-01-20 13:36:06	Name: CMPS Value: 5175
.casalemedia.com/	1970-01-20 13:36:06	Name: CMPRO Value: 5175
.doubleclick.net/	1970-01-20 20:48:06	Name: IDE Value: AHWqTUlHyKCwFS5COmDSKRoMhJ0pZhxAcKfdXcVve07yYLp2UNfSsvcsV_hwaRA4ya0
.demdex.net/	1970-01-20 15:45:42	Name: demdex Value: 51281200654068815454324457605651559572
.id5-sync.com/	1970-01-20 11:26:30	Name: cf Value:
.id5-sync.com/	1970-01-20 11:26:30	Name: cip Value:
.id5-sync.com/	1970-01-20 11:26:30	Name: cnac Value:
.id5-sync.com/	1970-01-20 11:26:30	Name: car Value:
.id5-sync.com/	1970-01-20 11:26:30	Name: gdpr Value:
.id5-sync.com/	1970-01-20 11:26:30	Name: callback Value:
.pubmatic.com/	1970-01-20 12:09:42	Name: KRTBCOOKIE_97 Value: 3385-uid:k-5GnXHm9YkPmGoRA64TPfToBBx9czZUEed-p1Hg&KRTB&23144-uid:k-5GnXHm9YkPmGoRA64TPfToBBx9czZUEed-p1Hg&KRTB&23286-uid:k-5GnXHm9YkPmGoRA64TPfToBBx9czZUEed-p1Hg&KRTB&23287-uid:k-5GnXHm9YkPmGoRA64TPfToBBx9czZUEed-p1Hg
.pubmatic.com/	1970-01-20 12:09:42	Name: PugT Value: 1682790622
.dpm.demdex.net/	1970-01-20 15:45:42	Name: dpm Value: 51281200654068815454324457605651559572
.360yield.com/	1970-01-20 13:36:06	Name: tuuid Value: 33ba991d-5a3b-42fb-b29f-e1c7e52cbf6c
.360yield.com/	1970-01-20 13:36:06	Name: tuuid_lu Value: 1682790623
.360yield.com/	1970-01-20 13:36:06	Name: um Value: !38,L22.CLKwsuCHf5KDBbArAUFi7.h.dfIGj5HVib.SDygfZ-m18zyhA3PAZIWKgl0PqKhF88bV,1690566623
.360yield.com/	1970-01-20 13:36:06	Name: umeh Value: !38,0,1744998623,-1
.krxd.net/	1970-01-20 15:45:42	Name: _kuid_ Value: Phl1Qbay
.tremorhub.com/	1970-01-20 20:12:27	Name: tvid Value: 1dda78da26f5488f8bc1a6b69dd501f3
.tremorhub.com/	1970-01-20 12:09:42	Name: tv_UICR Value: k-TRibiG9YkPmGoRA64TPfToBBx9d8RRtKpklZXg

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11442981.fls.doubleclick.net
a.omappapi.com
a.opmnstr.com
ad.360yield.com
ad.yieldlab.net
adservice.google.com
adservice.google.de
ajax.googleapis.com
analytics.tiktok.com
analytics.twitter.com
api-account.libertex.com
api-geo.libertex.com
api.omappapi.com
beacon.krxd.net
cdn.taboola.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
d.adroll.com
d3e54v103j8qbb.cloudfront.net
dev.visualwebsiteoptimizer.com
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
eb2.3lift.com
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
gaterest.fxclub.com
gum.criteo.com
ib.adnxs.com
id5-sync.com
insight.adsrvr.org
lib.libertex.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
pixel.rubiconproject.com
promo.libertex.com
quote.fxclub.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.adroll.com
s.thebrighttag.com
s.yimg.com
script.hotjar.com
secure.adnxs.com
simage2.pubmatic.com
sp.analytics.yahoo.com
sslwidget.criteo.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
t.co
tags.tiqcdn.com
tealium-proxy.libertex.org
trc-events.taboola.com
trc.taboola.com
ups.analytics.yahoo.com
vc.hotjar.io
visitor.omnitagjs.com
widget.trustpilot.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
x.bidswitch.net
104.111.217.42
104.244.42.195
104.244.42.5
13.248.245.213
141.226.228.48
142.250.186.70
15.197.193.217
151.101.129.44
162.19.138.118
172.217.16.130
178.250.1.11
178.250.1.9
178.250.7.11
18.159.144.147
18.189.115.252
18.66.112.19
18.66.112.59
18.66.97.49
185.255.84.152
185.64.189.110
185.80.39.216
185.86.138.152
199.232.148.157
2.16.187.106
2.18.235.93
212.82.100.181
23.209.16.125
2400:52e0:1e00::865:1
2600:1f18:612b:4232:7cbe:f340:efa9:d727
2600:9000:223e:9400:7:2bfb:7c00:93a1
2600:9000:2250:1e00:6:9280:1080:93a1
2606:4700::6810:245a
2606:4700::6810:65b
2606:4700::6810:e933
2a00:1288:80:807::1
2a00:1450:4001:806::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2003
2a00:1450:4001:813::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82f::200a
2a00:1450:400c:c00::9c
2a02:2638:3::c
2a02:2638:d::10
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:400::300
2a05:d018:cc3:fe04:d73f:ab6c:26b5:4cd1
3.68.153.114
3.71.149.231
34.117.157.22
34.96.102.137
37.157.6.247
37.252.171.52
37.252.171.85
52.19.147.161
52.212.156.36
52.222.232.144
52.222.236.107
52.222.236.122
52.29.12.165
52.51.141.47
54.155.103.238
54.246.64.138
64.202.112.159
69.173.144.165
03ffed8c53dfe4a4b1496a5402baedf584376578e917233dabdbabab68a2463f
04f85a6698c7bf8e899cc4ed78a8091b12de7be6765ff21939361c850a003c66
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
062bde0c800a2dca5cb3352d700f51cc3e479bcda19fc5a8dfaedab3d4dfec56
07463b6cd3e714bcbfd7d3d438a63db1868da6c6604e5ae36a94852fc2b7eeed
090fa589721b63c7c5e6678c4616fd7eefc1fb0a537029dc227e3e1fdaa1f24e
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
099dbee82bc5da3a74f1ffe461982b51c3b7b951e23912f677d89091de4bcd15
0a96e59c36e39f72f4c16fe74445dc178f08f9b222a894cc6176a32ccc4fd935
0b1988143eed3f63d7f012eb450be5f09d98f34bb9635396192dfc943b866bdd
0d946172ef040e8e1616133fac8246c01a9aee6150e9e6abcaef38cb86f285b4
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18
103f4d3fbc08fff41f2ddb722186887b3d8977d2a7da27e7ed0f2f5752dc339f
10c1ee52945d0256c4fe0a4a6ec9368b3752d361d036a08b5fe8fd40bdba51a3
1302e8492a9712ff71fc58e808a5321ed6a28c612b533b8d08505a0d17c41293
1890a0e02dcc6ad52365244c07f4f5d93c8fc910a0da6242f656e28959813230
19747ba1e3ea873d0e31c2e52f330710a20edf0ab8e961e5ce9cee841c9a9f3c
1db2de7a938ff4e3c33259309a5d42760407eaf524ddf7c01e20235234f9e14e
1ef4227e9ca65a1180a2e7df6a9a53e64b1d610eac38650bee7b22f129a2b895
1f578f5019f515a785d71e131d4c1f8724f1d07d80061f2b5af77de4d572f608
1f6ca70621a04cbe8f09e9c062f9af3d93156107c8ee1ffbec2e6fe07d18a37d
23583fd1699ac3d53041f1ecea3dec3c1c3ac6634a4080948687446ddccf7a94
238e41ba722b75570902990d1dbaa7401835fd05148b512aa71dc199e259794a
272e1173a9cdbc9c67e3fceb669c0dd0d65f69aa46645b005e2432e54c5e7176
27d17ce788769f026427355d4e4350c354d28aa8edf89fc76396b1ce571cee33
2bc28a5d8f6a4e42c2bac13de3d641a235df2e55af6ee1206e3ac1d728bce898
2d8cafc959a76307c856671e47ab4dcdef48ff6df286d9507b890c11007dd394
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3e395b6a8c584e1ab0e477b43dd9c4fd1621346e0aa1328dcc5dc883ab414bd9
40fe00bbcbba91d3e61e445f59b4bf433d29b5a77f8b6aabc7e8b9e399b58b0a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4586771549ba074edc21afb2db8f9a263a8a638e8123a6bac7a3f31e8d0454e3
45b0d86420fc6234ec95ef7335ac20664d2e2fc61d6808901fd39635dfb3034b
46fb5dc9bc2c62510524ff7d023d1acdd98a693e2c4c6bc6adbe8dce242d5246
49ca6f4981bd438bd3759a99a9d50b40f804f0d608cc58e16d65fe1e93982d8b
4b07f6b6046bab2aa8587187da268bf956c9d3ead94ab1ab7d8fa4eba6e8cc2b
4b584b97516d6246da2b4e9ca1e57880bbbda026f8a1e9d23509d2c2d4a0569d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c68eeaa2d741254932a376eb9e014d2567d615ce6c22858ed32d654821933e9
4cf6e848e33259be37270940325f323d4a3a9c4a324ee8e9653c200b02181726
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55cf321c7f746d802fe3b1850f8bab38d10912edeba77a213565d0becf7a0718
5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a
5966e1e8ccb5f67ae2427e66e16d6e019a316e0c6c0f185995bac2dc3ffdaa77
5aa4142a40b5a1e0cdee8d5416c145c0e3d8b785254a566b5393069dcd2e0de8
5c4a6fe64efc5d07833c35af9630d0f9b3d4d09a63f9358e441374e9102c9e81
5c795916da68f8ae43f1b17de67fd2dccabc5e6a17ea6ad8fb7da5dc43e370c3
5dd3eb05235570f3273274d2796ce15f6f3ee7c1c96ed97f0ac87c6f4b4b11aa
6228300e53eb720c1cb61bec20db453a6ef254741ad255955e9f126c57f6338e
64169df3c52aa3235aa9bdfb145b23b36cded28a00eeacf80ab06f040ee8224a
6a602aa07b27454bdcf95245d54d508842959059c97738d574afc651c95b667e
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
6c5869be674fa4122c582c6d4040fc5e21e6bebb760804a12dc6816e1be9161f
6d3cb28bc053b76bb9ef2c0d709dbc26bf689b010da9f5ffd543281383f90ad6
6d825982264d26a23124faa543531e61881051965bed197fcea9e26ca35360d6
6f771cdf6facaad594e4384629f736115be6025289cc42158ec7d8bee716aead
70d6d27ce08f0f2f5be5564a4e62f4cd6534b2a14677dfd3bfccf206c910fb76
72750dc5cdcaa538491728c6a58d6d1d97d28024f227ce7f13e63ddeba908226
7450e0ca95b6444ec6b082dab0e55950593525c5bbe707dbc5c98d4fa3c9ef91
758d250afe36b24b24b7496f3313f22119c48c19f948ab6d64f851eafde303da
78d445e911744ede91e813739998f0d5055f09b25bd5e81cf110ccd89089b027
798ae615741bb7a3b5c96f2f5419906fbd7fd5f24116f4802fea72dd19f729ee
7deeee24b8c80bcca6c1c3ba09aaf3811aa99f88028732f2fce9e31e83a435f6
7fd38ef1dd16b2d4cdff31de3303a3870c035854a66f6721bb4869d0f06be6e3
81ed0a57854f0316f79f3e8e67156586ff841c8b986cef10f1f2341109792bfd
8238dd7db4d0ab5b5be400505bec4dd83f4a4ecbd3f845f59a4a9c638245c503
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
87094602ccf46a05eb4b472c76395de4a8a079a5928ed7a0f21df38d2923d6e8
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ad68a0007212c6776431b6152fbbf7030602e55e0c6c6908b3be351d19f390e
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f1dbbc80c85b28a01d4696e30c74e0b6a48380038eed007507c145fdae16148
8f594a5fe85101548f60a607b49e011c9928a118c607f722d4fa5d5d64e095bf
91f097fcc7974e439bd1c78aee43ff54a0435ae4a329d7f9de0eb2fc35e81ea7
97adefd70e7c7673f34396f9ca1195f93f025e41c18c2eba0c14530d11d70e01
9af88cced150893a8d1d75091c263c3e202622497246baa0728fcec35cd03020
9bf23dbf9dab0e72de9dbe1d0d5899a64effc3c7c4bd9f2b3d285ffd498018d9
9dd549054d5d78222a14dd31544cae78b8d2bfa0394a16fe14baf66a08b646c6
9fc14db76db260c7adb8ded4495b5fb3574507e0312553c3e43724e75c5b21c9
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3193f1314e610aa8ecc61183daa847db8f2e42bee6878095b99eda4165f5df7
ac5ed30e2b3cc1f9020130d04a10060c2378dc07d7d0024097974f30b2e70135
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15695cff235373af82dbe38232047ce1f0bb06afb15bfc473066dcb31649e11
b240f6825e701e2e5dd89198a9153002cb17bd3c6ca617acab792a681bb0a8f4
b310070fd7fed0d97e6b3a215ec90d2cd24304f34afcbbe06525c717a5556b69
b5f27ddd74f2fc480d230d9bbc55a8bdf2a3db479fdc84001f2d1916c7298ca2
ba654bf52a73c95ab86cf426331d407547c5334a98d697ff69f3b3358bd837c2
ba8cb7dd9a83f2b3567ad0a8359734f856f897e794bc886941b50c57920b4a92
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd6d887436063fb3b31ffda0c9272028c0221e2046d6d7590a3b088a23251986
c056eee36ff70bb798cbf0e7906e4cc733da4004a365e1ff43c9b4429ea77386
c554fca59007cbb80fbb9ec9e8f1fe90c3c11fea692b53a60d730ee4a3ac8252
cacb5aed592935de9837b267a03c7d0abd3bc5886b667d290f3914cba9e472eb
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
cf0569941e44ecf298c98fdfd42a86ce22dcd2598e70ec7b3f2e56f4c4cc3e32
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d134df6831633c0a78e1fe89e5657648b59fc5fc6b641dffbe7ea100e25031b9
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d552fc925cba72f27bcf889eaab6ccc61580029a775a03932c1efacbd0fe2514
d614fecee1c73f68d64ff931f0144778c0180e6e25d53307dba4ba91be1b78ca
d8052a73bb805d0f3dcbbe96ef26ed38c7b480dc19c62697a51f6a4754d98ac8
e045d73cd7beb944053eec97c7188824be11281ee4f9f71b3df7bf508f2266c2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e60eac0f2636af6308d91526e82dff118e961332236bbe87a134f7e5d0d5037e
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e816c1da072c1c06a0aa89bf5e0e5c0744ce1466500d87a7c58555fa870a67ed
e9362b569572fc690369607ab99e6d8365904592c04dfbdb99f9b7a552bce09e
eea4732fd936bb62e7997d61fdb54d604f903ab6d15d0a4d8f15c2de18f50bce
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3fbe93fb83b570717b12363cc84b5760dba1de2e71d41bc6b992d63bea7bd80
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f77582bed375bcc38f36c2b1a15e9deb97f387905b0c087a77448add795cd0c2
f78d4ac2eb7c10c5ebf077169661dc2c07e759d4124756a5317922c393dbd4df
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f879358ab1e27b8b72befc7185e79354d6f6e7c4000a70325b366d7b65b90337
fabb73c94560863e581bd1d0bcf303a129d246905b9732190acfe49daf1b4a64
fd0dc8d6dc6609fc567bca9d358f4d62993405b2400d34e0354baf24d2c726f8
fd31608cda35e0aae8edbb51c9609367451b0fadd79607108d4e8cb8c174ef15

promo.libertex.com Open in urlscan Pro 2606:4700::6810:245a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

164 Requests

85 %HTTPS

34 %IPv6

52 Domains

73 Subdomains

67 IPs

10 Countries

2186 kBTransfer

4389 kBSize

64 Cookies

10 Outgoing links

Redirected requests

164 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

promo.libertex.com Open in urlscan Pro
2606:4700::6810:245a Public Scan

Screenshot
Live screenshot

Full Image

164
Requests

85 %
HTTPS

34 %
IPv6

52
Domains

73
Subdomains

67
IPs

10
Countries

2186 kB
Transfer

4389 kB
Size

64
Cookies

164 HTTP transactions
2 data transactions