promotions.windsorbrokers.finance Open in urlscan Pro
2606:4700:20::ac43:49af Public Scan

Go To Rescan
Add Verdict Report

URL:
https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
Submission: On June 30 via api (June 30th 2023, 4:22:01 am UTC) from US — Scanned from DE

Summary HTTP 81 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 24 IPs in 7 countries across 17 domains to perform 81 HTTP transactions. The main IP is 2606:4700:20::ac43:49af, located in United States and belongs to CLOUDFLARENET, US. The main domain is promotions.windsorbrokers.finance.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 11th 2023. Valid for: a year.

This is the only time promotions.windsorbrokers.finance was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
28	2606:4700:20:... 2606:4700:20::ac43:49af	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f04... 2a03:2880:f045:10:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	172.66.40.165 172.66.40.165	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	172.66.43.91 172.66.43.91	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	37.157.6.234 37.157.6.234	198622 (ADFORM) (ADFORM)
4	2a03:2880:f14... 2a03:2880:f145:82:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2 4	37.157.6.254 37.157.6.254	198622 (ADFORM) (ADFORM)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
2	2620:1ec:46::44 2620:1ec:46::44	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	3.92.120.28 3.92.120.28	14618 (AMAZON-AES) (AMAZON-AES)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	20.231.53.73 20.231.53.73	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
81	24

28 2606:4700:20::ac43:49af (United States)

ASN13335 (CLOUDFLARENET, US)

promotions.windsorbrokers.finance	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f045:10:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.66.40.165 (United States)

ASN13335 (CLOUDFLARENET, US)

mywbwidget.myuserhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.66.43.91 (United States)

ASN13335 (CLOUDFLARENET, US)

marketing-api.myuserhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.234 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f145:82:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.254 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

a1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.92.120.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-120-28.compute-1.amazonaws.com

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.231.53.73 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

q.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	windsorbrokers.finance promotions.windsorbrokers.finance	2 MB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1040 c.clarity.ms — Cisco Umbrella Rank: 1589 q.clarity.ms — Cisco Umbrella Rank: 8943	27 KB
5	adform.net 2 redirects s2.adform.net — Cisco Umbrella Rank: 6835 a1.adform.net — Cisco Umbrella Rank: 13023	34 KB
4	google.de www.google.de — Cisco Umbrella Rank: 4752	777 B
4	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2556 www.google.com — Cisco Umbrella Rank: 10	936 B
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	249 B
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 390 c.bing.com — Cisco Umbrella Rank: 258	15 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 stats.g.doubleclick.net — Cisco Umbrella Rank: 130	4 KB
4	gstatic.com fonts.gstatic.com	84 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	242 KB
2	pardot.com pi.pardot.com — Cisco Umbrella Rank: 4787	4 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 538	7 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63	21 KB
2	myuserhub.com mywbwidget.myuserhub.com marketing-api.myuserhub.com	859 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	153 KB
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1150	634 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	2 KB
81	17

	Domain	Requested by
28	promotions.windsorbrokers.finance	promotions.windsorbrokers.finance
4	a1.adform.net	2 redirects promotions.windsorbrokers.finance
4	www.google.de	promotions.windsorbrokers.finance
4	www.facebook.com	promotions.windsorbrokers.finance
4	fonts.gstatic.com	fonts.googleapis.com
3	www.google.com	promotions.windsorbrokers.finance
3	bat.bing.com	promotions.windsorbrokers.finance bat.bing.com
3	connect.facebook.net	promotions.windsorbrokers.finance connect.facebook.net
2	q.clarity.ms	www.clarity.ms
2	c.clarity.ms	1 redirects
2	pi.pardot.com	promotions.windsorbrokers.finance pi.pardot.com
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	s.yimg.com	promotions.windsorbrokers.finance s.yimg.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	promotions.windsorbrokers.finance www.googletagmanager.com
1	c.bing.com	1 redirects
1	sp.analytics.yahoo.com	promotions.windsorbrokers.finance
1	region1.analytics.google.com	www.googletagmanager.com
1	s2.adform.net	promotions.windsorbrokers.finance
1	marketing-api.myuserhub.com	promotions.windsorbrokers.finance
1	mywbwidget.myuserhub.com	promotions.windsorbrokers.finance mywbwidget.myuserhub.com
1	fonts.googleapis.com	promotions.windsorbrokers.finance
81	24

This site contains links to these domains. Also see Links.

Domain
en.windsorbrokers.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-11` - `2024-04-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-08` - `2023-07-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
mywbwidget.myuserhub.com Cloudflare Inc ECC CA-3	`2023-03-03` - `2024-03-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
myuserhub.com Cloudflare Inc ECC CA-3	`2023-04-04` - `2024-04-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-22` - `2023-07-12`	2 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-30` - `2023-11-22`	6 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
pi.pardot.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-13` - `2023-09-12`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
Frame ID: 4FDB1A85B609E009F13DF0E7958C3C89
Requests: 71 HTTP requests in this frame

Frame: https://mywbwidget.myuserhub.com/registration_widget.html?language=ar
Frame ID: B064DBC2FD0FB7BD15B1CE42B9FD56B3
Requests: 8 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 23EBFE8DF254169C05CF548E265199B5
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 9442A96CAE402FFC21B2E710054C1BFF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Multi-Asset - Windsor Brokers

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

81
Requests

88 %
HTTPS

65 %
IPv6

17
Domains

24
Subdomains

24
IPs

7
Countries

2196 kB
Transfer

6459 kB
Size

29
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://en.windsorbrokers.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

https://a1.adform.net/Serving/TrackPoint/?pm=2886155&ADFPageName=All%20Pages%20-%20Universal&ADFdivider=%7C&ord=898522822199&ADFtpmode=2&loc=https%3A%2F%2Fpromotions.windsorbrokers.finance%2Far%2Fmulti-asset%2F%3Futm_source%3Dyahoo_display&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=2886155&ADFPageName=All%20Pages%20-%20Universal&ADFdivider=%7C&ord=898522822199&ADFtpmode=2&loc=https%3A%2F%2Fpromotions.windsorbrokers.finance%2Far%2Fmulti-asset%2F%3Futm_source%3Dyahoo_display&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 67

https://a1.adform.net/Serving/TrackPoint/?pm=2886155&ADFdivider=%7C&ord=672370701761&ADFtpmode=2&loc=https%3A%2F%2Fpromotions.windsorbrokers.finance%2Far%2Fmulti-asset%2F%3Futm_source%3Dyahoo_display&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=2886155&ADFdivider=%7C&ord=672370701761&ADFtpmode=2&loc=https%3A%2F%2Fpromotions.windsorbrokers.finance%2Far%2Fmulti-asset%2F%3Futm_source%3Dyahoo_display&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 74

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=01D3A505C70E48D8B57B01D07390A18C&RedC=c.clarity.ms&MXFR=27164EA1637761E803995DE167776F8F HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=01D3A505C70E48D8B57B01D07390A18C&MUID=1C037EB001B064D624B76DF0001C65F3

81 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
promotions.windsorbrokers.finance/ar/multi-asset/ 327 KB
33 KB 213ms
55ms Document
text/html 2606:4700:20::ac43:49af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.20 PleskLin
Resource Hash: 43dff9b2d3a9b95fe64414e9aaafaf652d7ca6526b548242669ffb5550411e21

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7df3a00f9813360f-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 30 Jun 2023 04:21:55 GMT
last-modified: Fri, 30 Jun 2023 02:17:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nrsAzyRMMq0wLEEq7%2FoGqoq2WAwocEdlzy1ibSSv7BWANMhkF5S%2BD2NBrwet1ZDPi8nBqvcMYqVDlZKwl%2B29rkrjBF6a64uzxexKWnIDirgnvPBDJgRUvczkQqARpNcM9An9jT%2BLYxwGDdWKlN6RKxgxxiIK%2B5fcuSUmUqG0XQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/8.1.20 PleskLin

GET
H2 200 css
fonts.googleapis.com/ 55 KB
2 KB 87ms
35ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A300%7CRoboto%3A300%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap

Requested by

Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6fa225cc9d7dd0254594cebd14de783616f6d1e7522ed03d2ab92e0a3b466bd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 30 Jun 2023 04:21:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 04:21:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 30 Jun 2023 04:21:55 GMT

GET
H2 200 113c289373eb7a13bed915de96aa9733.css
promotions.windsorbrokers.finance/wp-content/cache/min/1/ 2 MB
260 KB 55ms
53ms Stylesheet
text/css 2606:4700:20::ac43:49af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promotions.windsorbrokers.finance/wp-content/cache/min/1/113c289373eb7a13bed915de96aa9733.css
Requested by: Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 07b62aa5605fc2db496ba9be53383c172805c7b6a2525ab6aa340841d57be32f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 04:21:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 23 Jun 2023 13:17:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64959b54-1f5c65"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=blwgm2BihXZGba942CdJj19z0cRjFea218YqmC%2Bnt9oQHwN9ObiqkpOUhU1xzSrk9VpzEA9gTMhpAcsDzykMHcnv48pODLMHBOgf%2B8sMV%2Fd%2BLnmvbB26ownZc3%2Bn6Ikpk%2Bm06jEgWTscOlrlGRbswuthbz%2B1dJnRi6Cw%2Fit5XQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7df3a01028bd360f-FRA

GET
H2 200 jquery.min.js Show response
promotions.windsorbrokers.finance/wp-includes/js/jquery/ 88 KB
32 KB 35ms
34ms Script
application/javascript 2606:4700:20::ac43:49af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promotions.windsorbrokers.finance/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by: Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 04:21:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 05 Apr 2023 14:32:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6127
etag: W/"642d8694-15ed7"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KxZclSdCBTlM77hRT8LPgD5nNkt12HwmYrU2s2lGbeLNmWsmDJ6RX8w%2FzB2l8dK8FWlP%2ByCo2w0UTGlXOVIk5Wwfckm%2FnP5V8Cgc53qX9ZJeUMy9wnPH7LoXsBBqwhBYYzY%2FsfriNLhxca%2FVuaoBug89LMVnIDdkz4AT%2BiKeVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7df3a01028be360f-FRA

GET
H2 200 mb-YTPlayer.min.js Show response
promotions.windsorbrokers.finance/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ 60 KB
15 KB 32ms
32ms Script
application/javascript 2606:4700:20::ac43:49af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promotions.windsorbrokers.finance/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/mb-YTPlayer.min.js?ver=3.19.13
Requested by: Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 729d419a0f52a28587b260c4eb8565bb56952e9d2461aa9dee03709ed7071e41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 04:21:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Dec 2022 07:46:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6128
etag: W/"638ef36a-f09a"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bqNqYXo7yQ97v5TJCwiLLMohzJ5c8vVEVg0dCauoUPL47qMglvLgZYMta8%2BRJniO%2B3zL9xKCxl13AtfMW7pquwZ02NUDo4s2Wz3HPpEiqJt%2BxH%2FIbAMCVvyezraeAhWJuNTFlaT3TgTkBygrJo7YubNHz6CdI%2FXdFAZqf4Y4TA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7df3a01149dd360f-FRA

GET
H2 200 historyicon.png
promotions.windsorbrokers.finance/wp-content/uploads/2022/02/ 344 B
754 B 49ms
47ms Image
image/webp 2606:4700:20::ac43:49af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotions.windsorbrokers.finance/wp-content/uploads/2022/02/historyicon.png
Requested by: Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 98b311d941f48d2a4601d8cfabeb0d733cbde0ec162cd7a28ebaa4b52679a9df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 04:21:56 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=451
x-powered-by: PleskLin
content-disposition: inline; filename="historyicon.webp"
content-length: 344
cf-bgj: imgq:100,h2pri
last-modified: Wed, 23 Feb 2022 13:29:29 GMT
x-accel-version: 0.01
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FWObe1BTGDzLklNr8KnqKKDkNNKT%2FJDEGFBKrPSw8xNnKqfYOpzO2%2BWd7knK%2FIpOaEezvwAoJu%2F%2BZK4QTDQDd615tjjiHO2omgICCiU5X0565VOWkogiwYZ%2BvEJEQXPLr7PQBmFQBbWVScakmgkCuEc5p0W0cuzl1HxW2axBqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7df3a01149e4360f-FRA

GET
H2 200 desktopicon.png
promotions.windsorbrokers.finance/wp-content/uploads/2022/02/ 324 B
711 B 47ms
46ms Image
image/webp 2606:4700:20::ac43:49af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotions.windsorbrokers.finance/wp-content/uploads/2022/02/desktopicon.png
Requested by: Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 50efcf8dde7978474037a1aa37165dd0d7c5cb288f63c7eb0c19b4ce432fce8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 04:21:56 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=453
x-powered-by: PleskLin
content-disposition: inline; filename="desktopicon.webp"
content-length: 324
cf-bgj: imgq:100,h2pri
last-modified: Wed, 23 Feb 2022 13:29:32 GMT
x-accel-version: 0.01
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j5QFqTdpZXiVUUb6HM25BE4oqrVouiO3FFJuKcWtzONk8kPXwipbHS5uADR%2BypSr%2BSbQHuIzSmJbPtEPsCAbSQIa9LSYE28FnXsnpZy0TyTbPNgP2lbWz%2Be9BmCLabX%2FjY%2F3cAMy%2B27BYw77ScbbP2KfNfbPpsLRBEJOqdbQUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7df3a01149e5360f-FRA

GET
H2 200 Indices-01-01-1.svg
promotions.windsorbrokers.finance/wp-content/uploads/2022/02/ 3 KB
3 KB 51ms
49ms Image
image/svg+xml 2606:4700:20::ac43:49af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotions.windsorbrokers.finance/wp-content/uploads/2022/02/Indices-01-01-1.svg
Requested by: Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 01fd9dd0c292a0415d4d2e2e9826573b5a81af8308e0fc0a0f91437043a47aa3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 04:21:56 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 23 Feb 2022 13:27:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62163649-bff"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CqbPD7U1KW7H6eN8acunGiLI5vsVk94JfgeP9ItcYx6c1n2BgQx9H1JZTxhrSPg4%2FcQWt74qma7h%2B46JuJiXb6JA3J2Zq3yBNYa%2F4Tqyf3AFiwWU5kmd8K8OY9hWkUcxs3WnBw8LQxCNn%2FDRo27ARPnhEJZxshR2x2CyqIosCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 7df3a01149e6360f-FRA

GET
H2 200 Energies-01-01-1.svg
promotions.windsorbrokers.finance/wp-content/uploads/2022/02/ 3 KB
3 KB 39ms
37ms Image
image/svg+xml 2606:4700:20::ac43:49af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotions.windsorbrokers.finance/wp-content/uploads/2022/02/Energies-01-01-1.svg
Requested by: Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: fb2a943c49d312c6968d7b011055c5c933c09041ee10c5abce559354421bb3d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 04:21:56 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 23 Feb 2022 13:27:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62163648-ce7"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a6MGGJxwenvHfzeddPlx6%2F4C41NZabD0UpzqHtGzj0J57lfD16A5qw86qcjY4MzJ6IilcIHvoWbTA4Xplfqno7X23JrwwaFycqOqdhXnMO0b6460biSn6diMunLdy%2Be6EQ9%2BXBSzkPbrVdS%2BJFkWpJer9FQiqZ1vkGCUpc2mNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 7df3a01149e7360f-FRA

GET
H2 200 FSA-01.png
promotions.windsorbrokers.finance/wp-content/uploads/2022/02/ 854 B
1 KB 43ms
42ms Image
image/webp 2606:4700:20::ac43:49af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotions.windsorbrokers.finance/wp-content/uploads/2022/02/FSA-01.png
Requested by: Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: cb89039064a6e7dfc3b077a0809bc2b8cfba3b895ab9d8e1e95f4d553aa638a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 04:21:56 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=912
x-powered-by: PleskLin
content-disposition: inline; filename="FSA-01.webp"
content-length: 854
cf-bgj: imgq:100,h2pri
last-modified: Wed, 23 Feb 2022 13:34:21 GMT
x-accel-version: 0.01
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UOAqOxS4XfZTzTNGdJzSL%2BTD2WRis75NRxVNsBIMQXh18NYftZO3LMPi2pyRSya9hagu4iyf5bIrX%2B2rYkFFCI1jWCkGv9et%2FYG27BVDp7PQbtjGqd4AiHFvnlymZvwh3iiItORSayEFq%2F68jJffMd5xPEjDiw0O5PWdDbE6Wg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7df3a01149e8360f-FRA

GET
H2 200 Cysec-01.png
promotions.windsorbrokers.finance/wp-content/uploads/2022/02/ 690 B
1 KB 49ms
48ms Image
image/webp 2606:4700:20::ac43:49af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotions.windsorbrokers.finance/wp-content/uploads/2022/02/Cysec-01.png
Requested by: Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 71703367481dcacba50afd9818eb8d0ff9197af4f7a9a8dfcb0feb0617c140d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 04:21:56 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=773
x-powered-by: PleskLin
content-disposition: inline; filename="Cysec-01.webp"
content-length: 690
cf-bgj: imgq:100,h2pri
last-modified: Wed, 23 Feb 2022 13:34:25 GMT
x-accel-version: 0.01
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JUJEOidXwWIdqQB%2FZ7x08Itf4JtfOv4fMnXMZnpBcqI5b3yoaMaoB7XID36yUoyrxAM%2FgyJM2%2FlaUK%2B1%2F6qMZauhBMqk3P3mn8uHsYVdJG29OqAoDPtNsTaI%2Bh37N%2FXlRlMbzCRzFKGq7TAE40qWDGLmsS5hZ1ubc47bVK%2FvvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7df3a01149e9360f-FRA

GET
H2 200 Jordan-01-1.png
promotions.windsorbrokers.finance/wp-content/uploads/2022/02/ 588 B
969 B 45ms
44ms Image
image/webp 2606:4700:20::ac43:49af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotions.windsorbrokers.finance/wp-content/uploads/2022/02/Jordan-01-1.png
Requested by: Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 92caf2602c70512d50106ec478a69f684502b8552e92ca301109506b4b56b2d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 04:21:56 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=651
x-powered-by: PleskLin
content-disposition: inline; filename="Jordan-01-1.webp"
content-length: 588
cf-bgj: imgq:100,h2pri
last-modified: Wed, 23 Feb 2022 13:34:27 GMT
x-accel-version: 0.01
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7aM7RguwayFbf4yhDmO3SAOqwyIPS5I8hDki9O1NAjlU8Zc6qy6%2Bg4x6wq7LyoeR8iDIhXlmBtfzUG8c2iBNsjvrIXH8GkEslsOy%2FxtRN2kSLGP9JyBQV7rECX9H1LK5Ct21RRT8jyiwV8kncegt4hOPtPm%2FoQL9dc9fcLcGpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7df3a01149ea360f-FRA

GET
H2 200 FSC-01.png
promotions.windsorbrokers.finance/wp-content/uploads/2022/02/ 2 KB
2 KB 50ms
49ms Image
image/webp 2606:4700:20::ac43:49af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotions.windsorbrokers.finance/wp-content/uploads/2022/02/FSC-01.png
Requested by: Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 9e744d9401b5ed62d120c5904c7320ee71bddc0fc9350428361d97d6d015add0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 04:21:56 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=2207
x-powered-by: PleskLin
content-disposition: inline; filename="FSC-01.webp"
content-length: 2098
cf-bgj: imgq:100,h2pri
last-modified: Wed, 23 Feb 2022 13:34:30 GMT
server: cloudflare
etag: "621637e6-89f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4nvwjL29IsET7n4WbwJmb58hPiH6K0l6nkCCkX%2FcPHfyc7LgbLZ03%2BiviwZC69KSAi%2BhHMeMt51Uhcpy8brQEk%2FGYjjVkEA8hvZNcgfhio1El4NO5ILapeFUqozW5Ulg5x3GxKlLISF5U2F7JXzrzNbAE4uYObh%2FqQfsn4rRiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7df3a01149eb360f-FRA

GET
H2 200 CMA-01.png
promotions.windsorbrokers.finance/wp-content/uploads/2022/02/ 814 B
1 KB 49ms
48ms Image
image/webp 2606:4700:20::ac43:49af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotions.windsorbrokers.finance/wp-content/uploads/2022/02/CMA-01.png
Requested by: Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d00d7570096a84e88a414553dd163db87f5fccb2c040cf5bea3215e81ae50c6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 04:21:56 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=916
x-powered-by: PleskLin
content-disposition: inline; filename="CMA-01.webp"
content-length: 814
cf-bgj: imgq:100,h2pri
last-modified: Wed, 23 Feb 2022 13:34:34 GMT
x-accel-version: 0.01
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AIK3IOE1THFILgRThS6qr7kobrZSieUnLkBFbXoCObY%2B3679q%2FWS0EBWYCWCMPAFxeyOVI8Uiast07oU7ZFqKFtL6QsPYsLcL%2FIbqLfEY0qhsKbSyGdtJDI3fawxIgJbmDKznRMr5LtM2crh8yuHZjsthVrhEDJ8Tac0GWWeBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7df3a01149ec360f-FRA

GET
H2 200 wp-polyfill.min.js Show response
promotions.windsorbrokers.finance/wp-includes/js/dist/vendor/ 17 KB
7 KB 28ms
28ms Script
application/javascript 2606:4700:20::ac43:49af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promotions.windsorbrokers.finance/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 04:21:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 07:13:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4174
etag: W/"63733c32-459f"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WneGp5cYla8uE3%2BRwWTpzs99w60SoFkEJarFzSt58VSP39e3UQ8WWU6jaGw0CL0Lq4%2B06x2x0LxN0%2FlSlY3tT5VQpkYf7CaWaPiY1Z52UkRI0twFvqRxH%2BYLBBtjyF%2BgDD4LVJM8iB51H0uycyXrLMJy9PaMNLUkrdOCtvkYWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7df3a010a945360f-FRA

GET
H2 200 hooks.min.js Show response
promotions.windsorbrokers.finance/wp-includes/js/dist/ 5 KB
2 KB 27ms
27ms Script
application/javascript 2606:4700:20::ac43:49af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promotions.windsorbrokers.finance/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
Requested by: Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 04:21:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 20 Jun 2022 06:56:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4174
etag: W/"62b01a03-132e"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3pHc47ipctloNYMgN8BHx0a35SrMY2GO8frtQVDz6jFeNOmMQeIZ4dgacB950FZ2C6ShFPlGbVZ77lbREbOcFDf9pZqr%2FvhZLZmtEMRgEvO3nGMgwVHvFiaNPQl0VMPjWdMp1UYgwoF8rMu83gCBsajmeNrFbjbNaZwyS4WKtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7df3a010c960360f-FRA

GET
H2 200 i18n.min.js Show response
promotions.windsorbrokers.finance/wp-includes/js/dist/ 10 KB
4 KB 28ms
28ms Script
application/javascript 2606:4700:20::ac43:49af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promotions.windsorbrokers.finance/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
Requested by: Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 04:21:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 07:13:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6897
etag: W/"63733c32-27f6"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pLhduvIQalPBWh8IEhVLEJ6U8qla5xIxEe7qoMOoQWa0oSgpsvQK62WAIv5KTdK%2F1DplGnWCoYnYGf7ZetcU5pJIm70tGarQIgnWdz6EfbxqJO1cp82C%2BR4%2B1UIyvRdiqt4VzOSXmXv5z8z38npfyrmsJFhd7rCmgxwgyHIjBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7df3a01109b1360f-FRA

GET
H2 200 0a2e03150a432a3948c203133c9a0f9c.js Show response
promotions.windsorbrokers.finance/wp-content/cache/min/1/ 1 MB
368 KB 77ms
76ms Script
application/javascript 2606:4700:20::ac43:49af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promotions.windsorbrokers.finance/wp-content/cache/min/1/0a2e03150a432a3948c203133c9a0f9c.js
Requested by: Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 27f52049ed3e662007ebafe3396f17fd2eacc5311f7a65649908765db9755d91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 04:21:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 19 Jun 2023 12:51:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64904f4a-154edd"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hq%2BuYj%2F5O7huthky37nzIAN%2FcADSyvT17x2KAjXM7YQLulGS0zrdqPVL3yzoQly81VgK1mC2DLsig12iVhrgokdyhgrIY9KksjQ3ILlen4bQmL7P4MZ0aDLx9agS7Z6pPzf5neqtAFTAE1UE2phZWOJE2LYdFtiL32AL1TxeEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7df3a0116a03360f-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 171 KB
47 KB 94ms
29ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e33937c8718b4891cefe03686c4bac285d9265052427e705bce7e677659ed765

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 30 Jun 2023 04:21:56 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46863
x-xss-protection: 0
pragma: public
x-fb-debug: YWvuxdL4X6JCrl9QFUxxMRqMd1IBvSV94RxhCZU/GM5Ky7CfxuWuNJiidOEqqy2oBDNIHpmytDiNtB90UaruSg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 194 KB
69 KB 91ms
37ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WR2PNZ2

Requested by

Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9c88e70add03d61a0c8e2cddd4ab85581a3d739389feaf85e7bc565b9a17feb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 04:21:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70511
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 30 Jun 2023 04:21:56 GMT

GET
H/1.1 200
OK registration_widget.html
mywbwidget.myuserhub.com/ Frame B064 10 KB
0 171ms
115ms Document
text/html 172.66.40.165
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mywbwidget.myuserhub.com/registration_widget.html?language=ar
Requested by: Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.40.165 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://promotions.windsorbrokers.finance/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7df3a011acbebb50-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Fri, 30 Jun 2023 04:21:56 GMT
Last-Modified: Tue, 16 May 2023 09:46:04 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 Regulation-background.png
promotions.windsorbrokers.finance/wp-content/uploads/2018/01/ 214 KB
214 KB 31ms
31ms Image
image/webp 2606:4700:20::ac43:49af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotions.windsorbrokers.finance/wp-content/uploads/2018/01/Regulation-background.png
Requested by: Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: bd4146e365a1f240b74fe10c10653d4d1b1c52837dbca5a25184a90800045235

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 04:21:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2364
cf-polished: origFmt=png, origSize=261875
x-powered-by: PleskLin
content-disposition: inline; filename="Regulation-background.webp"
content-length: 218962
cf-bgj: imgq:100,h2pri
last-modified: Tue, 02 Jun 2020 10:25:36 GMT
server: cloudflare
etag: "5ed62920-3fef3"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jVmgRqFAapUmZSdlXcsuGR%2BIlO7U6mcDe1sF0Rlk1wuXUI%2FchGaAVSE1nDZF9TN8p3iJq1kMK1BfigobvHD19SZVmRdZs4klyXf%2BvLW9%2F6dAPazPOQNdY1hvSVzREU3SzA3mKngf8ui6DrC%2F0PzUkNctaYe6E%2FPzpKVcOZzIEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7df3a0116a05360f-FRA

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 72ms
21ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%7CRoboto%3A300%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://promotions.windsorbrokers.finance
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 17:28:20 GMT
x-content-type-options: nosniff
age: 39216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Jun 2024 17:28:20 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 106ms
55ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://promotions.windsorbrokers.finance
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 11:05:17 GMT
x-content-type-options: nosniff
age: 494199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 11:05:17 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 97ms
46ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://promotions.windsorbrokers.finance
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 00:06:44 GMT
x-content-type-options: nosniff
age: 533712
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 00:06:44 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 77ms
26ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://promotions.windsorbrokers.finance
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 14:06:36 GMT
x-content-type-options: nosniff
age: 483320
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23236
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 14:06:36 GMT

GET
H2 200 material-icons.woff2
promotions.windsorbrokers.finance/wp-content/themes/Zephyr/fonts/ 125 KB
126 KB 33ms
33ms Font
font/woff2 2606:4700:20::ac43:49af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promotions.windsorbrokers.finance/wp-content/themes/Zephyr/fonts/material-icons.woff2?ver=8.16
Requested by: Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Request headers

Referer: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
Origin: https://promotions.windsorbrokers.finance
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 04:21:56 GMT
cf-cache-status: HIT
last-modified: Fri, 05 May 2023 12:30:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6967
etag: "6454f6d4-1f560"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ApGy80QUjHnTKfzxmKzuH65ZBeIYn9%2Fam4LUJ83keYan8cCk%2BfdHK%2FQmiBrRYliUys%2BAs1G%2Ft79WnnP7u6hg4%2FMhuV4rquqiNVYV7Z50bAskVBRDyLj6%2Fq%2FDIawWepIO02nRJfKdcCb6cXiP2D2uVmc9YN441bgjn%2BfVS8c9WA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7df3a0117a0c360f-FRA
content-length: 128352

GET
H2 200 Windsor-Brokers-horizontal.png
promotions.windsorbrokers.finance/wp-content/uploads/2017/02/ 6 KB
7 KB 31ms
29ms Image
image/webp 2606:4700:20::ac43:49af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotions.windsorbrokers.finance/wp-content/uploads/2017/02/Windsor-Brokers-horizontal.png
Requested by: Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b30c7f83f3230ea93498a491b0191aacdefaa7979c7274400760a49c5d529d53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 04:21:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 973
cf-polished: origFmt=png, origSize=14574
x-powered-by: PleskLin
content-disposition: inline; filename="Windsor-Brokers-horizontal.webp"
content-length: 6278
cf-bgj: imgq:100,h2pri
last-modified: Mon, 07 Aug 2017 13:40:25 GMT
server: cloudflare
etag: "59886dc9-38ee"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7iDTMA3wZLz%2BLKe4J50vXdjQ75de3bvsCNWRrjp0dJu56VBiNfdTT79rotD3E1XOu%2BsyUKelluUsnESyAvnKU7Y4S7yiYUOOH3E5ySvdajDvUNDNB3QMs05QrsbAzLWO8Qyz3VBLozUNS6TcfwAtP5qav9PiRhqB%2Bg1qW5Ka%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7df3a011aa2d360f-FRA

GET
H2 200 slider1-Mobile.png
promotions.windsorbrokers.finance/wp-content/uploads/2022/03/ 48 KB
48 KB 55ms
52ms Image
image/webp 2606:4700:20::ac43:49af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotions.windsorbrokers.finance/wp-content/uploads/2022/03/slider1-Mobile.png
Requested by: Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 730be3adc35f6ed60fd419a8348986500da51288de3d482d8716d1b597df1f35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 04:21:56 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=57142
x-powered-by: PleskLin
content-disposition: inline; filename="slider1-Mobile.webp"
content-length: 48916
cf-bgj: imgq:100,h2pri
last-modified: Mon, 14 Mar 2022 14:33:50 GMT
server: cloudflare
etag: "622f524e-df36"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o3tK%2FxYHvQHOD6ju8yp%2B8d4evwtZzazcrt7aGH7JWyCLM3LeisYDttzJGZ2BQPwVMnxqVgWmdwX9sHCUE06zh5n0yBcTFBgxtI%2FdqYAOrUDetSYrw0WtLMb3%2FGCXpf9M%2FsOTgToxVN9DxE0WIyAQyJeL7%2Be6dS%2BToIYxjCqIHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7df3a011aa2f360f-FRA

GET
H2 200 Assets-Arabic.png
promotions.windsorbrokers.finance/wp-content/uploads/2022/03/ 5 KB
6 KB 54ms
52ms Image
image/webp 2606:4700:20::ac43:49af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotions.windsorbrokers.finance/wp-content/uploads/2022/03/Assets-Arabic.png
Requested by: Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b516bf72880d429b33636532ee760e682a358039185a3e80cdc9e94d082050d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 04:21:56 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=7711
x-powered-by: PleskLin
content-disposition: inline; filename="Assets-Arabic.webp"
content-length: 5410
cf-bgj: imgq:100,h2pri
last-modified: Mon, 14 Mar 2022 14:34:41 GMT
server: cloudflare
etag: "622f5281-1e1f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Ro5xWMRHBCOCq1UXvFes5C0h5t5QRQ1BB9%2BFQG5HCpIso97OymRwehkqoAdmk3wfom%2BVORGROIcIYLTn6D97hd6O49zrfTe7tFvSgUirhih%2BUnC9znM3uHb%2BQCyDSXg8Bru%2BIM%2BZHgg5gtEZEhgeKwM%2FdeLJCFdKAk%2BGAEQBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7df3a011aa30360f-FRA

GET
H2 200 slider3.png
promotions.windsorbrokers.finance/wp-content/uploads/2022/02/ 126 KB
126 KB 51ms
49ms Image
image/webp 2606:4700:20::ac43:49af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotions.windsorbrokers.finance/wp-content/uploads/2022/02/slider3.png
Requested by: Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: f976f1df22e36e255e342628616678c1f979613a75c57f1f1b6830a7c3cd8dc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 04:21:56 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=150520
x-powered-by: PleskLin
content-disposition: inline; filename="slider3.webp"
content-length: 128696
cf-bgj: imgq:100,h2pri
last-modified: Wed, 23 Feb 2022 13:30:05 GMT
server: cloudflare
etag: "621636dd-24bf8"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FmRlim7BKU%2F8zjjeNuzfRBXe8yumQ1BSUZbwAPCmjJirX%2FJ6bQl2dzBAmOP7e3ioQSfXVlu7uy5rYQHa0XyKmknTu355sv8WuORmq8TDXEeN5rKrHz54wkRWo7IrGCzd74QD69bMInM1p2o1L17HdF4KQSQyXSPO97QS0nlWGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7df3a011aa31360f-FRA

GET
H2 200 Mastercard-01-01.png
promotions.windsorbrokers.finance/wp-content/uploads/2022/02/ 1014 B
1 KB 47ms
45ms Image
image/webp 2606:4700:20::ac43:49af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotions.windsorbrokers.finance/wp-content/uploads/2022/02/Mastercard-01-01.png
Requested by: Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 2677e8ddf0caf6c1f3a9f41c2d08da5c7c7c9f0ebc4003722f12f24dd3481c97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 04:21:56 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=1122
x-powered-by: PleskLin
content-disposition: inline; filename="Mastercard-01-01.webp"
content-length: 1014
cf-bgj: imgq:100,h2pri
last-modified: Wed, 23 Feb 2022 13:33:33 GMT
server: cloudflare
etag: "621637ad-462"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9o64b%2F8DhXR%2FbglsZK7te58l%2FXhrqF6MDSHRCON3X4EtR7nuuqMSstZXaCXzHtchKDXNl6yXPXTdRaVutCbX7NALeLKdrwsVQJPDDdCX2Rjq8km1WBgvqXdwp1G%2BMnhiZLXPWAn%2BHRN3jjbcAc5wO5p0EqW36nPDD8Qo9QWWdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7df3a011aa33360f-FRA

GET
H2 200 Visa-01.png
promotions.windsorbrokers.finance/wp-content/uploads/2022/02/ 682 B
1 KB 53ms
51ms Image
image/webp 2606:4700:20::ac43:49af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotions.windsorbrokers.finance/wp-content/uploads/2022/02/Visa-01.png
Requested by: Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: eb0776fdb08312521e5b301eba455c3f4680c7dd89192e810791c6ffbb3a3bf7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 04:21:56 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=782
x-powered-by: PleskLin
content-disposition: inline; filename="Visa-01.webp"
content-length: 682
cf-bgj: imgq:100,h2pri
last-modified: Wed, 23 Feb 2022 13:27:43 GMT
x-accel-version: 0.01
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ak8czx8PR2k8aQ1GroPrQqF%2BaFoHxjmUpQIZWkXQKJ70YGncSfaIgxCXhvBL38fH9NZp0R7BKu7Qq%2BsIU895FiSAbog7nLw2l%2FRpp84RSfAfwjUjoFGvQQp%2BqPFi0oPPHPSUudy3aO1sNfd9fWSu7G2HDWdEFFf8IWtYI4wMlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7df3a011aa34360f-FRA

GET
H2 200 webmoney-01-01-01.png
promotions.windsorbrokers.finance/wp-content/uploads/2022/02/ 986 B
1 KB 53ms
51ms Image
image/webp 2606:4700:20::ac43:49af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotions.windsorbrokers.finance/wp-content/uploads/2022/02/webmoney-01-01-01.png
Requested by: Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: c0069be8aa05ccdafd56fc27e8402064e1d1dff0fb1b7179b40aa786b97c7411

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 04:21:56 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=1134
x-powered-by: PleskLin
content-disposition: inline; filename="webmoney-01-01-01.webp"
content-length: 986
cf-bgj: imgq:100,h2pri
last-modified: Wed, 23 Feb 2022 13:27:44 GMT
server: cloudflare
etag: "62163650-46e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t5t70p%2FyTPnuapi9tAnFZqw1v%2B0MMxLdv11FjngzS4%2BZz2KlX93w4FAsmSZlPHPfttQ8Mcn%2F5f9npXN4cLaYM3ktJ0vqJJ18bVfq6m11KX3v5jPfZEg6jI9C%2BNKa0HsrhYCncYzUt5UhYY%2FHLlD3EtYosSWjjuGccse9D1ZT7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7df3a011aa35360f-FRA

GET
H2 200 Mpeza2-01.png
promotions.windsorbrokers.finance/wp-content/uploads/2022/02/ 652 B
1 KB 49ms
47ms Image
image/webp 2606:4700:20::ac43:49af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotions.windsorbrokers.finance/wp-content/uploads/2022/02/Mpeza2-01.png
Requested by: Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 491fbcdfb4779e3a8fdd9805084b0939ca7235a9b75815d2a204dd20dede471d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 04:21:56 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=766
x-powered-by: PleskLin
content-disposition: inline; filename="Mpeza2-01.webp"
content-length: 652
cf-bgj: imgq:100,h2pri
last-modified: Wed, 23 Feb 2022 13:27:45 GMT
x-accel-version: 0.01
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0fW9LKekiPn97xiF%2Fdp6uzLKZw%2B1sEsyBzimdvL%2FrqF4bsWLduWrRrWdGD4A5BC6JkcV1rzfjm8BfGPYw5oOP9mi1NxhWUMdH7Y5Rz9ztI%2Fd%2FPlxnAtQfhXt7ytHoserzJb60VWwPKs5ETsM%2BKmJwBs%2Bda7SOkSM1dMIzcFZ5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7df3a011aa36360f-FRA

GET countrySelect.min.css
mywbwidget.myuserhub.com/country-picker-flags/build/css/ Frame B064 0
0

GET intlTelInput.min.css
mywbwidget.myuserhub.com/intl-tel-input-master/build/css/ Frame B064 0
0

GET registration_widget.css
mywbwidget.myuserhub.com/ Frame B064 0
0

GET loading.gif
mywbwidget.myuserhub.com/img/ Frame B064 0
0

GET circle.svg
mywbwidget.myuserhub.com/img/ Frame B064 0
0

GET checked.svg
mywbwidget.myuserhub.com/img/ Frame B064 0
0

GET rocket-loader.min.js
mywbwidget.myuserhub.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame B064 0
0

GET
H2 200 homepage-without-30years.jpg
promotions.windsorbrokers.finance/wp-content/uploads/2018/02/ 335 KB
336 KB 27ms
27ms Image
image/jpeg 2606:4700:20::ac43:49af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotions.windsorbrokers.finance/wp-content/uploads/2018/02/homepage-without-30years.jpg
Requested by: Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 79fdadfb16af00a4444ffff9ff40d5f3a7a2f0a55fe33361381b7e90a01f538c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 04:21:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 972
cf-polished: origSize=362529
x-powered-by: PleskLin
content-length: 342751
cf-bgj: imgq:100,h2pri
last-modified: Mon, 26 Mar 2018 10:39:43 GMT
server: cloudflare
etag: "5ab8cdef-58821"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GXE713Q6Co3P%2Fe0rXc0hQmm4MUpxwc5XwdET1Tfuqu0CBX96qAXAksDE3v4dMX8WBfgJxhe4b9XD9RmUBUi5GTThUtlfK6IO7nehw%2B9gycr3%2Fpq8cSIA1qDEcPngj4tKT8rX0XreOWQHqmm901lgbfnFqPoosjBh0Zn%2FZ9%2Becg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7df3a012fb16360f-FRA

GET
H2 200 pixel
marketing-api.myuserhub.com/ 546 B
859 B 142ms
75ms Image
image/png 172.66.43.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marketing-api.myuserhub.com/pixel?utm_source=yahoo_display
Requested by: Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.43.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a73d67d880d4d5613326e29da6a24296b02d1309edfce965cef34bd092ef9177

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 04:21:56 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 31 Mar 2023 12:18:03 GMT
server: cloudflare
content-type: image/png
cache-control: no-store, public
accept-ranges: bytes
cf-ray: 7df3a01368b79963-FRA
alt-svc: h3=":443"; ma=86400
content-length: 546

GET
H2 200 355610783044487 Show response
connect.facebook.net/signals/config/ 386 KB
109 KB 86ms
86ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/355610783044487?v=2.9.110&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4ce6e6731451a00cbedef98e8be1d85dfcc9351366325c0a12f612048f935b41

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 30 Jun 2023 04:21:56 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 9Q8utyF7Ao8HTnBfxUs3Rrg3lLJcYCtbqIEl9f4dYmQ3R247PTLOtIoyli1icnZdhu4VH1KYHKcRSRxHIot8aw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 95ms
20ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WR2PNZ2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 30 Jun 2023 03:04:41 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4635
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 30 Jun 2023 05:04:41 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/738472677/ 3 KB
2 KB 84ms
35ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/738472677/?random=1688098916456&cv=11&fst=1688098916456&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromotions.windsorbrokers.finance%2Far%2Fmulti-asset%2F%3Futm_source%3Dyahoo_display&label=dH8QCIv9pKEBEOXlkOAC&hn=www.googleadservices.com&frm=0&tiba=Multi-Asset%20-%20Windsor%20Brokers&auid=1249020306.1688098916&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WR2PNZ2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec99fa75bb2d36f14b7570ec3dcde876a94e13c7e617a38751a8996567814b25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 04:21:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1389
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11202927908/ 3 KB
2 KB 86ms
38ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11202927908/?random=1688098916460&cv=11&fst=1688098916460&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromotions.windsorbrokers.finance%2Far%2Fmulti-asset%2F%3Futm_source%3Dyahoo_display&label=Itl5CNCVpqgYEKS6_N0p&hn=www.googleadservices.com&frm=0&tiba=Multi-Asset%20-%20Windsor%20Brokers&auid=1249020306.1688098916&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WR2PNZ2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

604a1eb9d18ce417aa7e84c95cb6e944cb0939a8bf88fbdf3490ae3f4782e4cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 04:21:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1388
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 18 KB
7 KB 95ms
29ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 04:21:55 GMT
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: X2SGWS3SPDRHP8W3
age: 2
x-amz-server-side-encryption: AES256
x-amz-id-2: CiyBCWntZ1iyUUVf1Bx7WHO7fZDsZdEZXUeuA6Bak/2jqvAYgyhugLxR+FCHJusOrKe2RNPs50g=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
server: ATS
etag: "5c6ed25dce803fd84288922b8928409e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 102ms
45ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 30 Jun 2023 04:21:55 GMT
last-modified: Thu, 11 May 2023 18:08:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5F137ABFAAC046F69044268F95A331E7 Ref B: FRA31EDGE0722 Ref C: 2023-06-30T04:21:56Z
etag: "80df77953384d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12183

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 81 KB
31 KB 132ms
34ms Script
application/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 04:21:56 GMT
content-encoding: gzip
last-modified: Tue, 23 May 2023 09:56:34 GMT
server: nginx
x-amz-request-id: tx000001bb82daec29e1fab-00646c8ee1-3295a825-default
etag: W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 242 KB
84 KB 36ms
35ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5FK7HQ3Y3D&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WR2PNZ2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a6043b0be583d1deda5181da2790293756bf83c2eee62e22c55abd78c345f269

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 04:21:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85747
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 30 Jun 2023 04:21:56 GMT

GET
H3 200 824799695929111 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 79ms
79ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/824799695929111?v=2.9.110&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

727f8c5bfca2b1b3958ed49dfdb7fc2a3632ffafeeee9d2269cef3a18cbf8862

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 30 Jun 2023 04:21:56 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 5Qg+Dvi4wAnNflgFNy2rdoPL+xfC8uZOzw4sfs8Yk87+aQLyzWqJ/DQy7BVsWc5e0rhs6v3zx3DowoAsW2Yymw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 96ms
27ms Image
text/plain 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=355610783044487&ev=PageView&dl=https%3A%2F%2Fpromotions.windsorbrokers.finance%2Far%2Fmulti-asset%2F%3Futm_source%3Dyahoo_display&rl=&if=false&ts=1688098916498&sw=1600&sh=1200&v=2.9.110&r=stable&ec=0&o=30&fbp=fb.1.1688098916496.1129072609&cs_est=true&it=1688098916358&coo=false&rqm=GET

Requested by

Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 30 Jun 2023 04:21:56 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
266 B 82ms
27ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-5FK7HQ3Y3D&gtm=45je36s0&_p=1162527047&_gaz=1&cid=1183818819.1688098917&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1688098916&sct=1&seg=0&dl=https%3A%2F%2Fpromotions.windsorbrokers.finance%2Far%2Fmulti-asset%2F%3Futm_source%3Dyahoo_display&dt=Multi-Asset%20-%20Windsor%20Brokers&en=page_view&_fv=1&_nsi=1&_ss=1&ep.debug_mode=true
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5FK7HQ3Y3D&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 04:21:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promotions.windsorbrokers.finance
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 85ms
29ms Ping
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-5FK7HQ3Y3D&cid=1183818819.1688098917&gtm=45je36s0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5FK7HQ3Y3D&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 04:21:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promotions.windsorbrokers.finance
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 85ms
31ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-5FK7HQ3Y3D&cid=1183818819.1688098917&gtm=45je36s0&aip=1&z=669502536

Requested by

Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 04:21:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/738472677/ 42 B
108 B 84ms
34ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/738472677/?random=1688098916456&cv=11&fst=1688097600000&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromotions.windsorbrokers.finance%2Far%2Fmulti-asset%2F%3Futm_source%3Dyahoo_display&label=dH8QCIv9pKEBEOXlkOAC&frm=0&tiba=Multi-Asset%20-%20Windsor%20Brokers&fmt=3&is_vtc=1&random=998872599&rmt_tld=0&ipr=y

Requested by

Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 04:21:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/738472677/ 42 B
108 B 68ms
33ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/738472677/?random=1688098916456&cv=11&fst=1688097600000&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromotions.windsorbrokers.finance%2Far%2Fmulti-asset%2F%3Futm_source%3Dyahoo_display&label=dH8QCIv9pKEBEOXlkOAC&frm=0&tiba=Multi-Asset%20-%20Windsor%20Brokers&fmt=3&is_vtc=1&random=998872599&rmt_tld=1&ipr=y

Requested by

Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 04:21:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/11202927908/ 42 B
455 B 84ms
33ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11202927908/?random=1688098916460&cv=11&fst=1688097600000&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromotions.windsorbrokers.finance%2Far%2Fmulti-asset%2F%3Futm_source%3Dyahoo_display&label=Itl5CNCVpqgYEKS6_N0p&frm=0&tiba=Multi-Asset%20-%20Windsor%20Brokers&fmt=3&is_vtc=1&random=160808192&rmt_tld=0&ipr=y

Requested by

Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 04:21:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11202927908/ 42 B
154 B 68ms
33ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11202927908/?random=1688098916460&cv=11&fst=1688097600000&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromotions.windsorbrokers.finance%2Far%2Fmulti-asset%2F%3Futm_source%3Dyahoo_display&label=Itl5CNCVpqgYEKS6_N0p&frm=0&tiba=Multi-Asset%20-%20Windsor%20Brokers&fmt=3&is_vtc=1&random=160808192&rmt_tld=1&ipr=y

Requested by

Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 04:21:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
221 B 28ms
27ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1162527047&t=pageview&_s=1&dl=https%3A%2F%2Fpromotions.windsorbrokers.finance%2Far%2Fmulti-asset%2F%3Futm_source%3Dyahoo_display&ul=en-us&de=UTF-8&dt=Multi-Asset%20-%20Windsor%20Brokers&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAAC~&jid=971138802&gjid=1499902734&cid=1183818819.1688098917&tid=UA-140026821-5&_gid=1831334039.1688098917&_r=1&_slc=1&gtm=45He36s0n81WR2PNZ2&z=33913449

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://promotions.windsorbrokers.finance/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 04:21:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promotions.windsorbrokers.finance
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 136024656.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 123ms
122ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/136024656.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e860b90fa91b24e59a3221487969a9d0989acc155f1afe52e7e16f08722375f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Fri, 30 Jun 2023 04:21:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B0B812A7435648AC9FEBA62F01DEB75F Ref B: FRA31EDGE0722 Ref C: 2023-06-30T04:21:56Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
287 B 45ms
45ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=136024656&Ver=2&mid=e37a1a86-e6c6-4135-b53f-4d0d9ae32ece&sid=a63258e016fd11ee882f9333ebeeac48&vid=a6327fa016fd11ee914da71dd9a4c817&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Multi-Asset%20-%20Windsor%20Brokers&p=https%3A%2F%2Fpromotions.windsorbrokers.finance%2Far%2Fmulti-asset%2F%3Futm_source%3Dyahoo_display&r=&lt=645&evt=pageLoad&sv=1&rn=458143

Requested by

Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 30 Jun 2023 04:21:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 45DDB94E13284D6182C7C8F9BBE98EA1 Ref B: FRA31EDGE0722 Ref C: 2023-06-30T04:21:56Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10094439.json Show response
s.yimg.com/wi/config/ 2 B
449 B 83ms
28ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10094439.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 04:20:44 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 71Q3DRHHQ8QYJA53
age: 72
content-length: 2
x-amz-id-2: hXdT4xwKdOIghZAcpusD//sZD0w3XZHMxCT1es7vwIflZpdN06Ngo/35sf6QVjyZ8HOHXL+PIkk=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 28ms
28ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-140026821-5&cid=1183818819.1688098917&jid=971138802&gjid=1499902734&_gid=1831334039.1688098917&_u=YADAAAAAAAAAAC~&z=146958800

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://promotions.windsorbrokers.finance/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 30 Jun 2023 04:21:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promotions.windsorbrokers.finance
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 28ms
26ms Image
text/plain 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=824799695929111&ev=PageView&dl=https%3A%2F%2Fpromotions.windsorbrokers.finance%2Far%2Fmulti-asset%2F%3Futm_source%3Dyahoo_display&rl=&if=false&ts=1688098916637&sw=1600&sh=1200&v=2.9.110&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1688098916496.1129072609&it=1688098916358&coo=false&rqm=GET

Requested by

Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 30 Jun 2023 04:21:56 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

/ Show response
a1.adform.net/Serving/TrackPoint/
Redirect Chain

https://a1.adform.net/Serving/TrackPoint/?pm=2886155&ADFPageName=All%20Pages%20-%20Universal&ADFdivider=%7C&ord=898522822199&ADFtpmode=2&loc=https%3A%2F%2Fpromotions.windsorbrokers.finance%2Far%2Fm...
https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=2886155&ADFPageName=All%20Pages%20-%20Universal&ADFdivider=%7C&ord=898522822199&ADFtpmode=2&loc=https%3A%2F%2Fpromotions.windsorbrokers.finance%2Fa...

122 B
723 B

35ms
35ms

Script
text/javascript

37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=2886155&ADFPageName=All%20Pages%20-%20Universal&ADFdivider=%7C&ord=898522822199&ADFtpmode=2&loc=https%3A%2F%2Fpromotions.windsorbrokers.finance%2Far%2Fmulti-asset%2F%3Futm_source%3Dyahoo_display&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display

Protocol

Server

37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

1983dc7b426e5642e63bfb3274793ba88c25ac19a91ea538275d69805a0a5175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 04:21:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 194
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 04:21:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=2886155&ADFPageName=All%20Pages%20-%20Universal&ADFdivider=%7C&ord=898522822199&ADFtpmode=2&loc=https%3A%2F%2Fpromotions.windsorbrokers.finance%2Far%2Fmulti-asset%2F%3Futm_source%3Dyahoo_display&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2

200

/ Show response
a1.adform.net/Serving/TrackPoint/
Redirect Chain

https://a1.adform.net/Serving/TrackPoint/?pm=2886155&ADFdivider=%7C&ord=672370701761&ADFtpmode=2&loc=https%3A%2F%2Fpromotions.windsorbrokers.finance%2Far%2Fmulti-asset%2F%3Futm_source%3Dyahoo_displ...
https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=2886155&ADFdivider=%7C&ord=672370701761&ADFtpmode=2&loc=https%3A%2F%2Fpromotions.windsorbrokers.finance%2Far%2Fmulti-asset%2F%3Futm_source%3Dyahoo_...

150 B
744 B

34ms
34ms

Script
text/javascript

37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=2886155&ADFdivider=%7C&ord=672370701761&ADFtpmode=2&loc=https%3A%2F%2Fpromotions.windsorbrokers.finance%2Far%2Fmulti-asset%2F%3Futm_source%3Dyahoo_display&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display

Protocol

Server

37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

dae12b310e17305c2097a7db61fbe876fb3ddc836fdf79fac6de9cf92f5cae6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 04:21:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 215
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 04:21:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=2886155&ADFdivider=%7C&ord=672370701761&ADFtpmode=2&loc=https%3A%2F%2Fpromotions.windsorbrokers.finance%2Far%2Fmulti-asset%2F%3Futm_source%3Dyahoo_display&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 34ms
33ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-140026821-5&cid=1183818819.1688098917&jid=971138802&_u=YADAAAAAAAAAAC~&z=1253354294

Requested by

Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 04:21:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 32ms
31ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-140026821-5&cid=1183818819.1688098917&jid=971138802&_u=YADAAAAAAAAAAC~&z=1253354294

Requested by

Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 04:21:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
634 B 152ms
49ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Fri%2C%2030%20Jun%202023%2004%3A21%3A56%20GMT&n=0&b=Multi-Asset%20-%20Windsor%20Brokers&.yp=10094439&f=https%3A%2F%2Fpromotions.windsorbrokers.finance%2Far%2Fmulti-asset%2F%3Futm_source%3Dyahoo_display&enc=UTF-8&yv=1.15.1&tagmgr=gtm

Requested by

Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 04:21:56 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Fri, 30 Jun 2023 04:21:56 GMT

GET
H2 200 136024656 Show response
www.clarity.ms/tag/uet/ 1021 B
1 KB 206ms
122ms Script
application/x-javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/136024656
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/136024656.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e4870c98566d1e161ef3b4955cf5c403b799e53576b2d4e391367f94bc35c794

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: -1
date: Fri, 30 Jun 2023 04:21:56 GMT
x-azure-ref: 20230630T042156Z-ptvpmtuz3155xdqrxws5315qzc00000001f000000000g6w4
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 1021
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.8/ 57 KB
24 KB 43ms
43ms Script
application/javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.8/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/136024656
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 04:21:56 GMT
content-encoding: br
last-modified: Mon, 26 Jun 2023 21:38:04 GMT
etag: W/"0x8DB768D9FE1FAC0"
vary: Accept-Encoding
x-azure-ref: 20230630T042156Z-ptvpmtuz3155xdqrxws5315qzc00000001f000000000g6we
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 594b0475-201e-0033-7199-a87170000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 368ms
115ms Script
application/javascript 3.92.120.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: promotions.windsorbrokers.finance
URL: https://promotions.windsorbrokers.finance/ar/multi-asset/?utm_source=yahoo_display
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.92.120.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-92-120-28.compute-1.amazonaws.com
Software: PardotServer /
Resource Hash: 41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 04:21:57 GMT
content-encoding: gzip
X-Pardot-Route: 16b0ab393667a33fe86adedc3141e88c
last-modified: Thu, 29 Jun 2023 05:28:47 GMT
Server: PardotServer
etag: "15f4-gzip"
vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
cache-control: max-age=63072000
Connection: keep-alive
accept-ranges: bytes
Content-Length: 1988
expires: Sun, 29 Jun 2025 04:21:57 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=01D3A505C70E48D8B57B01D07390A18C&RedC=c.clarity.ms&MXFR=27164EA1637761E803995DE167776F8F
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=01D3A505C70E48D8B57B01D07390A18C&MUID=1C037EB001B064D624B76DF0001C65F3

42 B
442 B

45ms
45ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=01D3A505C70E48D8B57B01D07390A18C&MUID=1C037EB001B064D624B76DF0001C65F3
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 04:21:56 GMT
last-modified: Tue, 06 Jun 2023 17:31:23 GMT
server: Microsoft-IIS/10.0
etag: "dca6ffb69c98d91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 04:21:56 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8CB833C19E6C49A098880F72FCD05DDC Ref B: FRA31EDGE0722 Ref C: 2023-06-30T04:21:57Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=01D3A505C70E48D8B57B01D07390A18C&MUID=1C037EB001B064D624B76DF0001C65F3
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 23EB 0
18 B 28ms
28ms Document
text/plain 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://promotions.windsorbrokers.finance
Referer: https://promotions.windsorbrokers.finance/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://promotions.windsorbrokers.finance
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 04:21:57 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H/1.1 204
No Content collect Show response
q.clarity.ms/ 0
313 B 554ms
328ms XHR
text/plain 20.231.53.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://q.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://promotions.windsorbrokers.finance/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://promotions.windsorbrokers.finance
Date: Fri, 30 Jun 2023 04:21:57 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 9442 0
15 B 28ms
27ms Document
text/plain 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://promotions.windsorbrokers.finance
Referer: https://promotions.windsorbrokers.finance/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://promotions.windsorbrokers.finance
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 04:21:57 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1 200
OK analytics Show response
pi.pardot.com/ 258 B
2 KB 468ms
468ms Script
text/javascript 3.92.120.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=1173&account_id=311331&title=Multi-Asset%20-%20Windsor%20Brokers&url=https%3A%2F%2Fpromotions.windsorbrokers.finance%2Far%2Fmulti-asset%2F%3Futm_source%3Dyahoo_display&referrer=&utm_source=yahoo_display

Requested by

Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

3.92.120.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-92-120-28.compute-1.amazonaws.com

Software

PardotServer /

Resource Hash

3749ee1c16670db5dabaa385be043ab702e4afad075173b1b8af4dae134e8865

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promotions.windsorbrokers.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 30 Jun 2023 04:21:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp: 0/0/1
Server: PardotServer
vary: Accept-Encoding,User-Agent
Content-Type: text/javascript; charset=utf-8
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control: no-store, no-cache, must-revalidate
Connection: keep-alive
x-pardot-canary: true
Content-Length: 197
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H/1.1 204
No Content collect Show response
q.clarity.ms/ 0
313 B 107ms
107ms XHR
text/plain 20.231.53.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://q.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://promotions.windsorbrokers.finance/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://promotions.windsorbrokers.finance
Date: Fri, 30 Jun 2023 04:21:58 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mywbwidget.myuserhub.com
URL: https://mywbwidget.myuserhub.com/country-picker-flags/build/css/countrySelect.min.css

Domain: mywbwidget.myuserhub.com
URL: https://mywbwidget.myuserhub.com/intl-tel-input-master/build/css/intlTelInput.min.css

Domain: mywbwidget.myuserhub.com
URL: https://mywbwidget.myuserhub.com/registration_widget.css?version=65

Domain: mywbwidget.myuserhub.com
URL: https://mywbwidget.myuserhub.com/img/loading.gif

Domain: mywbwidget.myuserhub.com
URL: https://mywbwidget.myuserhub.com/img/circle.svg

Domain: mywbwidget.myuserhub.com
URL: https://mywbwidget.myuserhub.com/img/checked.svg

Domain: mywbwidget.myuserhub.com
URL: https://mywbwidget.myuserhub.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Verdicts & Comments Add Verdict or Comment

157 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.windsorbrokers.finance/	1970-01-20 15:04:34	Name: _gcl_au Value: 1.1.1249020306.1688098916
.myuserhub.com/	1970-01-20 22:30:58	Name: utm_unique_id Value: 649e58646647f-649e586466480-649e586466481
.windsorbrokers.finance/	1970-01-20 15:04:34	Name: _fbp Value: fb.1.1688098916496.1129072609
.doubleclick.net/	1970-01-20 12:54:59	Name: test_cookie Value: CheckForPermission
.windsorbrokers.finance/	1970-01-20 22:30:58	Name: _ga Value: GA1.1.1183818819.1688098917
.promotions.windsorbrokers.finance/	1970-01-20 22:30:58	Name: _ga Value: GA1.3.1183818819.1688098917
.promotions.windsorbrokers.finance/	1970-01-20 12:56:25	Name: _gid Value: GA1.3.1831334039.1688098917
.promotions.windsorbrokers.finance/	1970-01-20 12:54:58	Name: _gat_UA-140026821-5 Value: 1
.windsorbrokers.finance/	1970-01-20 12:56:25	Name: _uetsid Value: a63258e016fd11ee882f9333ebeeac48
.windsorbrokers.finance/	1970-01-20 22:16:34	Name: _uetvid Value: a6327fa016fd11ee914da71dd9a4c817
.bing.com/	1970-01-20 22:16:34	Name: MUID Value: 1C037EB001B064D624B76DF0001C65F3
.adform.net/	1970-01-20 13:38:10	Name: C Value: 1
.adform.net/	1970-01-20 14:21:22	Name: uid Value: 5729874952095951914
.yahoo.com/	1970-01-20 21:40:56	Name: A3 Value: d=AQABBGRYnmQCEDL6TS5IJrVK6CxQGRg1XjYFEgEBAQGpn2SoZOAXyiMA_eMAAA&S=AQAAAq4iWY1v4ZZE8gr8uN99EIY
www.clarity.ms/	1970-01-20 21:40:34	Name: CLID Value: 123deb39bb3e4d27bf75b2e545f8ec39.20230630.20240629
.windsorbrokers.finance/	1970-01-20 21:40:34	Name: _clck Value: o7igmt\|2\|fcw\|0\|1276
.windsorbrokers.finance/	1970-01-20 22:30:58	Name: _ga_5FK7HQ3Y3D Value: GS1.1.1688098916.1.0.1688098917.59.0.0
.c.bing.com/	1970-01-20 13:05:03	Name: MR Value: 0
.c.bing.com/	1970-01-20 22:16:34	Name: SRM_B Value: 1C037EB001B064D624B76DF0001C65F3
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 22:16:34	Name: MUID Value: 1C037EB001B064D624B76DF0001C65F3
.c.clarity.ms/	1970-01-20 13:05:03	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 12:54:59	Name: ANONCHK Value: 0
.windsorbrokers.finance/	1970-01-20 12:56:25	Name: _clsk Value: unj70c\|1688098917654\|1\|1\|q.clarity.ms/collect
.pardot.com/	1970-01-20 22:30:58	Name: visitor_id310331 Value: 932260407
.pardot.com/	1970-01-20 22:30:58	Name: visitor_id310331-hash Value: c70de63c112b9c98a75fefadeaa4ce67756bea3d24a02a3fdb7e05ceb1ec2ef5a74b5fe9860253a04dc5a7db8d5da62e5c338de1
pi.pardot.com/	1970-01-20 12:55:00	Name: lpv310331 Value: aHR0cHM6Ly9wcm9tb3Rpb25zLndpbmRzb3Jicm9rZXJzLmZpbmFuY2UvYXIvbXVsdGktYXNzZXQvP3V0bV9zb3VyY2U9eWFob29fZGlzcGxheQ%3D%3D
promotions.windsorbrokers.finance/	1970-01-20 22:30:58	Name: visitor_id310331 Value: 932260407
promotions.windsorbrokers.finance/	1970-01-20 22:30:58	Name: visitor_id310331-hash Value: c70de63c112b9c98a75fefadeaa4ce67756bea3d24a02a3fdb7e05ceb1ec2ef5a74b5fe9860253a04dc5a7db8d5da62e5c338de1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a1.adform.net
bat.bing.com
c.bing.com
c.clarity.ms
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
marketing-api.myuserhub.com
mywbwidget.myuserhub.com
pi.pardot.com
promotions.windsorbrokers.finance
q.clarity.ms
region1.analytics.google.com
s.yimg.com
s2.adform.net
sp.analytics.yahoo.com
stats.g.doubleclick.net
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
mywbwidget.myuserhub.com
172.66.40.165
172.66.43.91
20.231.53.73
2001:4860:4802:32::36
212.82.100.181
2606:4700:20::ac43:49af
2620:1ec:46::44
2620:1ec:c11::200
2a00:1288:80:807::1
2a00:1450:4001:800::2002
2a00:1450:4001:813::200a
2a00:1450:4001:828::2003
2a00:1450:4001:828::2004
2a00:1450:4001:828::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2008
2a00:1450:400c:c07::9d
2a03:2880:f045:10:face:b00c:0:3
2a03:2880:f145:82:face:b00c:0:25de
3.92.120.28
37.157.6.234
37.157.6.254
68.219.88.97
01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874
01fd9dd0c292a0415d4d2e2e9826573b5a81af8308e0fc0a0f91437043a47aa3
07b62aa5605fc2db496ba9be53383c172805c7b6a2525ab6aa340841d57be32f
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
1983dc7b426e5642e63bfb3274793ba88c25ac19a91ea538275d69805a0a5175
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
2677e8ddf0caf6c1f3a9f41c2d08da5c7c7c9f0ebc4003722f12f24dd3481c97
27f52049ed3e662007ebafe3396f17fd2eacc5311f7a65649908765db9755d91
3749ee1c16670db5dabaa385be043ab702e4afad075173b1b8af4dae134e8865
41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136
43dff9b2d3a9b95fe64414e9aaafaf652d7ca6526b548242669ffb5550411e21
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
491fbcdfb4779e3a8fdd9805084b0939ca7235a9b75815d2a204dd20dede471d
4ce6e6731451a00cbedef98e8be1d85dfcc9351366325c0a12f612048f935b41
50efcf8dde7978474037a1aa37165dd0d7c5cb288f63c7eb0c19b4ce432fce8c
604a1eb9d18ce417aa7e84c95cb6e944cb0939a8bf88fbdf3490ae3f4782e4cc
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
6fa225cc9d7dd0254594cebd14de783616f6d1e7522ed03d2ab92e0a3b466bd6
71703367481dcacba50afd9818eb8d0ff9197af4f7a9a8dfcb0feb0617c140d9
727f8c5bfca2b1b3958ed49dfdb7fc2a3632ffafeeee9d2269cef3a18cbf8862
729d419a0f52a28587b260c4eb8565bb56952e9d2461aa9dee03709ed7071e41
730be3adc35f6ed60fd419a8348986500da51288de3d482d8716d1b597df1f35
79fdadfb16af00a4444ffff9ff40d5f3a7a2f0a55fe33361381b7e90a01f538c
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92caf2602c70512d50106ec478a69f684502b8552e92ca301109506b4b56b2d0
98b311d941f48d2a4601d8cfabeb0d733cbde0ec162cd7a28ebaa4b52679a9df
9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
9c88e70add03d61a0c8e2cddd4ab85581a3d739389feaf85e7bc565b9a17feb8
9e744d9401b5ed62d120c5904c7320ee71bddc0fc9350428361d97d6d015add0
a6043b0be583d1deda5181da2790293756bf83c2eee62e22c55abd78c345f269
a73d67d880d4d5613326e29da6a24296b02d1309edfce965cef34bd092ef9177
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b30c7f83f3230ea93498a491b0191aacdefaa7979c7274400760a49c5d529d53
b516bf72880d429b33636532ee760e682a358039185a3e80cdc9e94d082050d3
bd4146e365a1f240b74fe10c10653d4d1b1c52837dbca5a25184a90800045235
c0069be8aa05ccdafd56fc27e8402064e1d1dff0fb1b7179b40aa786b97c7411
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cb89039064a6e7dfc3b077a0809bc2b8cfba3b895ab9d8e1e95f4d553aa638a4
d00d7570096a84e88a414553dd163db87f5fccb2c040cf5bea3215e81ae50c6c
dae12b310e17305c2097a7db61fbe876fb3ddc836fdf79fac6de9cf92f5cae6e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e33937c8718b4891cefe03686c4bac285d9265052427e705bce7e677659ed765
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4870c98566d1e161ef3b4955cf5c403b799e53576b2d4e391367f94bc35c794
e860b90fa91b24e59a3221487969a9d0989acc155f1afe52e7e16f08722375f9
eb0776fdb08312521e5b301eba455c3f4680c7dd89192e810791c6ffbb3a3bf7
ec99fa75bb2d36f14b7570ec3dcde876a94e13c7e617a38751a8996567814b25
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f976f1df22e36e255e342628616678c1f979613a75c57f1f1b6830a7c3cd8dc5
fb2a943c49d312c6968d7b011055c5c933c09041ee10c5abce559354421bb3d4

promotions.windsorbrokers.finance Open in urlscan Pro 2606:4700:20::ac43:49af Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

81 Requests

88 %HTTPS

65 %IPv6

17 Domains

24 Subdomains

24 IPs

7 Countries

2196 kBTransfer

6459 kBSize

29 Cookies

1 Outgoing links

Redirected requests

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

promotions.windsorbrokers.finance Open in urlscan Pro
2606:4700:20::ac43:49af Public Scan

Screenshot
Live screenshot

Full Image

81
Requests

88 %
HTTPS

65 %
IPv6

17
Domains

24
Subdomains

24
IPs

7
Countries

2196 kB
Transfer

6459 kB
Size

29
Cookies

81 HTTP transactions
0 data transactions