urlscan.io logo urlscan.io
SecurityTrails logo

login.ledgers.cloud Open in urlscan Pro
2606:4700::6812:17a5  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://login.ledgers.cloud/
Effective URL: https://login.ledgers.cloud/auth
Submission: On July 05 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 4 countries across 13 domains to perform 66 HTTP transactions. The main IP is 2606:4700::6812:17a5, located in United States and belongs to CLOUDFLARENET, US. The main domain is login.ledgers.cloud.
TLS certificate: Issued by E1 on May 8th 2024. Valid for: 3 months.
This is the only time login.ledgers.cloud was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

8    2606:4700::6812:17a5 (United States)

ASN13335 (CLOUDFLARENET, US)
login.ledgers.cloud
ledgers.cloud
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    142.250.184.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f4.1e100.net
www.google.com
17    18.66.127.184 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-127-184.fra60.r.cloudfront.net
ifpayment.s3-accelerate.amazonaws.com
3    16.12.40.86 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-south-1.amazonaws.com
ifpayment.s3.ap-south-1.amazonaws.com
1    2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
10    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
fonts.gstatic.com
2    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a00:1450:4013:c14::54 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
accounts.google.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    13.224.189.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-35.fra2.r.cloudfront.net
widget.intercom.io
10    18.245.46.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-55.fra56.r.cloudfront.net
js.intercomcdn.com
2    18.214.210.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-210-209.compute-1.amazonaws.com
api-iam.intercom.io
1    13.225.78.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-101.fra2.r.cloudfront.net
static.intercomassets.com
Apex Domain
Subdomains		 Transfer
20 amazonaws.com
ifpayment.s3-accelerate.amazonaws.com
ifpayment.s3.ap-south-1.amazonaws.com
1 MB
10 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 4674
724 KB
10 gstatic.com
www.gstatic.com
fonts.gstatic.com
315 KB
8 ledgers.cloud
login.ledgers.cloud
ledgers.cloud
26 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 5
accounts.google.com — Cisco Umbrella Rank: 45
85 KB
3 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 3016
api-iam.intercom.io — Cisco Umbrella Rank: 3077
7 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2355
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 204
72 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
200 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 469
fonts.googleapis.com — Cisco Umbrella Rank: 83
7 KB
1 intercomassets.com
static.intercomassets.com — Cisco Umbrella Rank: 18750
12 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1073
7 KB
66 13
Domain Requested by
17 ifpayment.s3-accelerate.amazonaws.com login.ledgers.cloud
ifpayment.s3-accelerate.amazonaws.com
10 js.intercomcdn.com widget.intercom.io
js.intercomcdn.com
9 fonts.gstatic.com fonts.googleapis.com
7 login.ledgers.cloud 2 redirects login.ledgers.cloud
static.cloudflareinsights.com
3 region1.google-analytics.com www.googletagmanager.com
3 ifpayment.s3.ap-south-1.amazonaws.com login.ledgers.cloud
2 api-iam.intercom.io js.intercomcdn.com
2 www.facebook.com login.ledgers.cloud
2 connect.facebook.net login.ledgers.cloud
connect.facebook.net
2 accounts.google.com ifpayment.s3-accelerate.amazonaws.com
accounts.google.com
2 www.googletagmanager.com login.ledgers.cloud
www.googletagmanager.com
2 www.google.com login.ledgers.cloud
www.gstatic.com
1 static.intercomassets.com
1 ledgers.cloud
1 widget.intercom.io login.ledgers.cloud
1 www.gstatic.com www.google.com
1 fonts.googleapis.com ajax.googleapis.com
1 static.cloudflareinsights.com login.ledgers.cloud
1 ajax.googleapis.com login.ledgers.cloud
66 19

This site contains links to these domains. Also see Links.

Domain
ledgers.cloud
Subject Issuer Validity Valid
ledgers.cloud
E1		 2024-05-08 -
2024-08-06		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.s3-accelerate.amazonaws.com
Amazon RSA 2048 M01		 2023-12-19 -
2024-12-02		 a year crt.sh
*.s3.ap-south-1.amazonaws.com
Amazon RSA 2048 M01		 2024-05-13 -
2025-04-24		 a year crt.sh
cloudflareinsights.com
GTS CA 1P5		 2024-05-08 -
2024-08-06		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
accounts.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-04-13 -
2024-07-12		 3 months crt.sh
*.intercom.com
Amazon RSA 2048 M03		 2024-01-15 -
2025-02-11		 a year crt.sh
*.intercomcdn.com
Amazon RSA 2048 M02		 2023-12-01 -
2024-12-29		 a year crt.sh
intercomassets.com
Amazon RSA 2048 M03		 2024-04-17 -
2025-05-16		 a year crt.sh

This page contains 6 frames:

Primary Page: https://login.ledgers.cloud/auth
Frame ID: C91DBB5088409E83A2BCC0133DE09BE6
Requests: 51 HTTP requests in this frame

Frame: https://login.ledgers.cloud/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js
Frame ID: D97CB176B593504336AA137D3E668BEB
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdO81QpAAAAALUwdi8q93Bl4AAvBee6O0j8dkVT&co=aHR0cHM6Ly9sb2dpbi5sZWRnZXJzLmNsb3VkOjQ0Mw..&hl=de&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=normal&cb=3thoefd1pxvl
Frame ID: D8F33DF77885FEA9B958EC50A1EB1D2C
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.b4b6b51d.js
Frame ID: 9119185C8B2921AA9C18BFA2BCAB29EE
Requests: 11 HTTP requests in this frame

Frame: data://truncated
Frame ID: 4AC29D8B8B4DD5819C4E4E4166BA3813
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/images/dismiss.1e6831c11588937baf1e.png
Frame ID: C57F12A3C7503A00B018D136267BA17B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

LEDGERS - Login

Page URL History Show full URLs

  1. https://login.ledgers.cloud/ HTTP 302
    https://login.ledgers.cloud/auth Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <div[^>]+class="g-recaptcha"
  • /recaptcha/api\.js

Page Statistics

66
Requests

98 %
HTTPS

59 %
IPv6

13
Domains

19
Subdomains

18
IPs

4
Countries

2564 kB
Transfer

5491 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://login.ledgers.cloud/ HTTP 302
    https://login.ledgers.cloud/auth Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37
  • https://login.ledgers.cloud/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://login.ledgers.cloud/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js

66 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request auth
login.ledgers.cloud/
Redirect Chain
  • https://login.ledgers.cloud/
  • https://login.ledgers.cloud/auth
60 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.ledgers.cloud/auth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a27b57a502c254ffebc99d08f3cc5a55a776467d1cc96b4ac2a385118c1d5b0d

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cf-cache-status
DYNAMIC
cf-ray
89e3bc376c9d3687-FRA
content-encoding
gzip
content-type
text/html
date
Fri, 05 Jul 2024 01:55:51 GMT
server
cloudflare
x-amz-apigw-id
aanaPExXBcwEDug=
x-amzn-requestid
a9f26ce3-18a0-4f7d-ae82-56bcf9b17496
x-amzn-trace-id
Root=1-668752a7-6cf95b8a00d7678e073c1c61

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
89e3bc34ab123687-FRA
content-length
3
content-type
application/json
date
Fri, 05 Jul 2024 01:55:51 GMT
location
/auth
server
cloudflare
x-amz-apigw-id
aanaNEt1hcwEG_Q=
x-amzn-requestid
e1cb9196-5141-4c1d-833c-b777b3cbb57e
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.16/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.16/webfont.js
Requested by
Host: login.ledgers.cloud
URL: https://login.ledgers.cloud/auth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a28396880470a28e0525bdc0ea326ffb811de7de13662d02f7530dbbe3f12d90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.ledgers.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 12:06:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
395335
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5480
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 30 Jun 2025 12:06:57 GMT
api.js
www.google.com/recaptcha/ 		1 KB
961 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: login.ledgers.cloud
URL: https://login.ledgers.cloud/auth
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f4.1e100.net
Software
GSE /
Resource Hash
df85e001ce72e46c578531cf3ea8bbb0712a4af63abc112d9d633e474c05965f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.ledgers.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 01:55:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 05 Jul 2024 01:55:52 GMT
jquery.min.js
ifpayment.s3-accelerate.amazonaws.com/login/javascript/ 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ifpayment.s3-accelerate.amazonaws.com/login/javascript/jquery.min.js
Requested by
Host: login.ledgers.cloud
URL: https://login.ledgers.cloud/auth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.127.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-127-184.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.ledgers.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 05 Jul 2024 01:55:53 GMT
Via
1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
Last-Modified
Wed, 18 Jul 2018 12:55:49 GMT
Server
AmazonS3
x-amz-request-id
2EPZDP27ADDK54A7
X-Amz-Cf-Pop
FRA60-P2
ETag
"4b57cf46dc8cb95c4cca54afc85e9540"
X-Cache
Miss from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
86926
x-amz-id-2
LPBTsMsw74Rn5QKuLVfCHJzxl4S6KT21erEUw/2ZDJur2HHqwxFr7e17lM7OAT2CmAZM/6eNitE=
X-Amz-Cf-Id
H9at3gXhuXM4kgv093C9QbFBe_lyI935eeAczEOnRd-T73mtRmH8mQ==
login.css
ifpayment.s3-accelerate.amazonaws.com/login/css/ 		10 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ifpayment.s3-accelerate.amazonaws.com/login/css/login.css?v=1.0.20
Requested by
Host: login.ledgers.cloud
URL: https://login.ledgers.cloud/auth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.127.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-127-184.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c051c10e736eae3022331687511977f3540617001603e945b709633c2e4d43c9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.ledgers.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 05 Jul 2024 01:55:53 GMT
Via
1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
Last-Modified
Thu, 18 Jan 2024 11:23:08 GMT
Server
AmazonS3
x-amz-request-id
2EPJJWRW6HVG7RJ9
X-Amz-Cf-Pop
FRA60-P2
ETag
"568f65d3ab520ed7e5602a50c70c68f1"
x-amz-server-side-encryption
AES256
X-Cache
Miss from cloudfront
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10336
x-amz-id-2
BOX02A//E5Vxi8NhrxaepTVPJ9IeGb600VxqNZ/OnPN6PawUYs0B5u8WjHfxx7VT4BZRw/poyvE=
X-Amz-Cf-Id
lXKGiQcD4w7uOFC4ZSoCdCSH1f6Dobecuv0aeXkHorZaMoBhECcZOw==
phone-country-flag-select.css
ifpayment.s3-accelerate.amazonaws.com/login/css/ 		21 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ifpayment.s3-accelerate.amazonaws.com/login/css/phone-country-flag-select.css?v=1.0.0
Requested by
Host: login.ledgers.cloud
URL: https://login.ledgers.cloud/auth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.127.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-127-184.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e12dd8f5a566d0d15e4bcf2d602c34f4f74ba5603ce1133a053f4c77a3bd4ef

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.ledgers.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 05 Jul 2024 01:55:53 GMT
Via
1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
Last-Modified
Sat, 14 Nov 2020 18:40:37 GMT
Server
AmazonS3
x-amz-request-id
2EPS7P6GBKSSRTEM
X-Amz-Cf-Pop
FRA60-P2
ETag
"deeb41cd3d1d4618ceb778c7466e8b7d"
X-Cache
Miss from cloudfront
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21369
x-amz-id-2
NgOOjnX4EKbqF/CHM2Ao0TsgX3l38XZXW/14cKRG69u+uhaYT6V5BCHcYWjztdlS9yVB11DW+rI=
X-Amz-Cf-Id
yrFEE-iDTA6BXs56r9ZdRv3fav7Ds-iiAe8vdlo8xZy_T2tb4d_79w==
forgot-password.png
ifpayment.s3.ap-south-1.amazonaws.com/login/img/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ifpayment.s3.ap-south-1.amazonaws.com/login/img/forgot-password.png
Requested by
Host: login.ledgers.cloud
URL: https://login.ledgers.cloud/auth
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.12.40.86 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-south-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
dd1bfb4b4184d22f44d6b5fba211c1202af2287e1d0fec1fb11cd61ab4235f7f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.ledgers.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 05 Jul 2024 01:55:53 GMT
Last-Modified
Thu, 12 Sep 2019 11:32:53 GMT
Server
AmazonS3
x-amz-request-id
2EPT3DGE3YMJ8WHX
ETag
"e67bb4f10323aff20b884123e3b2f64c"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
39136
x-amz-id-2
J2j+gpzd6qhab4LhuHzX2Q8+5UaonrCxVIxN2BjwxPwh4zbvPwVBtQL2rnxeVtl+EkS/sR0PE74=
signup.png
ifpayment.s3.ap-south-1.amazonaws.com/login/img/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ifpayment.s3.ap-south-1.amazonaws.com/login/img/signup.png
Requested by
Host: login.ledgers.cloud
URL: https://login.ledgers.cloud/auth
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.12.40.86 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-south-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
445310aed819ef7aa03989f5b18ea0bc03a8b63a721c9c25df0a7de017d1e192

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.ledgers.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 05 Jul 2024 01:55:53 GMT
Last-Modified
Tue, 17 Sep 2019 12:57:05 GMT
Server
AmazonS3
x-amz-request-id
2EPMPBGA527PBZPA
ETag
"18d2ec9d66bea4a60a35023db3f254be"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
11456
x-amz-id-2
R3az7hRGEbMrR8LEIMpSrrgBHgpX1O1VkgJMnCaL4dbyPBQzMTx1/IWb8jWWAQBiGeyFTuuHW7s=
reset-password.png
ifpayment.s3.ap-south-1.amazonaws.com/login/img/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ifpayment.s3.ap-south-1.amazonaws.com/login/img/reset-password.png
Requested by
Host: login.ledgers.cloud
URL: https://login.ledgers.cloud/auth
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.12.40.86 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-south-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
9255629f22cc3fde83390e484a3a95e66c422dc06ae9b880fc9e64845988d7df

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.ledgers.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 05 Jul 2024 01:55:53 GMT
Last-Modified
Thu, 12 Sep 2019 11:32:53 GMT
Server
AmazonS3
x-amz-request-id
2EPKQ1AGG1G6MJ3C
ETag
"73dfc815018153e990c3d3e2922e6ded"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
29477
x-amz-id-2
ryJHqhj8aEgQiUxo1zirTnB14DodrmXukVU+ga4Ehie+5e30OlSmQv4uQBbFQ+0QZI4/o9MEzaY=
user-profile.png
ifpayment.s3-accelerate.amazonaws.com/login/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ifpayment.s3-accelerate.amazonaws.com/login/img/user-profile.png
Requested by
Host: login.ledgers.cloud
URL: https://login.ledgers.cloud/auth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.127.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-127-184.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d51d6f11dcf62f4ed12dd1ac2e171c4b5e10d22a6d6c0d4b3ae0fedde315faf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.ledgers.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 05 Jul 2024 01:55:53 GMT
Via
1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
Last-Modified
Sat, 14 Nov 2020 19:55:56 GMT
Server
AmazonS3
x-amz-request-id
2EPWBGTDF8WEXR2Z
X-Amz-Cf-Pop
FRA60-P2
ETag
"4c322d05ce1f5e3fb561ce0107da16a3"
X-Cache
Miss from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5134
x-amz-id-2
3yvU6VR4MH/aCdk7kJmjdp0OfCr9qSgBDZQ10ydAJ5xZu4Bt+bwwGr68CXZiax6/+S991imeh0Q=
X-Amz-Cf-Id
9apjC8-KQuVUmtcRj07JDYOUvo1EQk6muMuDITvsypSASCCO0sZGJw==
mobile-otp.png
ifpayment.s3-accelerate.amazonaws.com/login/img/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ifpayment.s3-accelerate.amazonaws.com/login/img/mobile-otp.png
Requested by
Host: login.ledgers.cloud
URL: https://login.ledgers.cloud/auth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.127.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-127-184.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c4d26c1a8889ec4d7895cf39c47d928c234cad50abd06be50ae4bf09c446a5d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.ledgers.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 05 Jul 2024 01:55:55 GMT
Via
1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
Last-Modified
Sat, 14 Nov 2020 19:46:45 GMT
Server
AmazonS3
x-amz-request-id
6TZN0ZM4DFWDRSGN
X-Amz-Cf-Pop
FRA60-P2
ETag
"9d233efbd9f1863d29fa23c3153c213a"
X-Cache
Miss from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20521
x-amz-id-2
YPL6v/KJtfxFQbGjPmrAfEzw+xLboZ+/K1VesMI0bk2COiKEVquW+i2g71GKywd3jitBEo2io08=
X-Amz-Cf-Id
2GoId5hEggGaWI2ABNSRElD2AMSZmf2USlBwgJWZ1bS5vQDgBOFYRA==
email-decode.min.js
login.ledgers.cloud/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
882 B 		Script
General
Check archive.org
Download Go to
Full URL
https://login.ledgers.cloud/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: login.ledgers.cloud
URL: https://login.ledgers.cloud/auth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.ledgers.cloud/auth
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 01:55:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 28 Jun 2024 11:26:02 GMT
server
cloudflare
etag
W/"667e9dca-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
89e3bc3fa8773687-FRA
expires
Sun, 07 Jul 2024 01:55:52 GMT
aws-cognito-sdk.min.js
ifpayment.s3-accelerate.amazonaws.com/login/javascript/ 		254 KB
254 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ifpayment.s3-accelerate.amazonaws.com/login/javascript/aws-cognito-sdk.min.js
Requested by
Host: login.ledgers.cloud
URL: https://login.ledgers.cloud/auth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.127.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-127-184.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b839aef14294b41136fa0148debe6c33a62b5e155c31de495de72bdb828ec408

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.ledgers.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 05 Jul 2024 01:55:54 GMT
Via
1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
Last-Modified
Fri, 13 Jul 2018 11:10:58 GMT
Server
AmazonS3
x-amz-request-id
Y7VC6XPXMS275ZF0
X-Amz-Cf-Pop
FRA60-P2
ETag
"adb32272ad9401875bcdc6c9de24e6ed"
X-Cache
Miss from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
259694
x-amz-id-2
voI9JeKhAMokuga8lhSBJuYUnEziEGfRbGSDlPlyq5ozSG6nUt9Nxw0irpXDYGhg5ZlWsAleiKs=
X-Amz-Cf-Id
zegpH9AbXYr4TscDkPPYT6TY6o3Us4aDxEIP4Hg7lwM1F1-24XOfsA==
amazon-cognito-identity.min.js
ifpayment.s3-accelerate.amazonaws.com/login/javascript/ 		44 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ifpayment.s3-accelerate.amazonaws.com/login/javascript/amazon-cognito-identity.min.js
Requested by
Host: login.ledgers.cloud
URL: https://login.ledgers.cloud/auth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.127.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-127-184.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8f02bae0215c0d32753e467a37bdae375b41370156d1ed6713c8794a33e9dcb0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.ledgers.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 05 Jul 2024 01:55:53 GMT
Via
1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
Last-Modified
Wed, 28 Jun 2023 13:38:20 GMT
Server
AmazonS3
x-amz-request-id
2EPQ9Z1WHFR4R0YA
X-Amz-Cf-Pop
FRA60-P2
ETag
"8ce267684b9294c98e1835d69cfb1812"
x-amz-server-side-encryption
AES256
X-Cache
Miss from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
45550
x-amz-id-2
MWmN/Ich5MKUNnGadepq0bKEZKzzBX90/bEKWaQL+QuJCKYym2gKu/mHbaeqeywPLLGN7Bterbc=
X-Amz-Cf-Id
vRArgC_5gJ7K3VUPhfA9udUHAIVE6zvTGD3ElVW1RRRsgtoPztWXjw==
psl.min.js
ifpayment.s3-accelerate.amazonaws.com/notes/ 		121 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ifpayment.s3-accelerate.amazonaws.com/notes/psl.min.js
Requested by
Host: login.ledgers.cloud
URL: https://login.ledgers.cloud/auth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.127.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-127-184.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edb3316fc52d56a3b6b33350290c26340a5288894b7841eb0adc10011b376089

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.ledgers.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 05 Jul 2024 01:55:54 GMT
Via
1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
Last-Modified
Thu, 02 Aug 2018 10:07:17 GMT
Server
AmazonS3
x-amz-request-id
Y7VF1FYMM3T7NCGQ
X-Amz-Cf-Pop
FRA60-P2
ETag
"55ebf425fcc9e6226f37ccb16b4c7dcc"
X-Cache
Miss from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
124363
x-amz-id-2
gmbi5qqa7tREVF+6ecDjwK9UfKfRxIfc+9fWgUxo72DrleGvSMdh1acJmBb1PSfHuOnzBNZPP7s=
X-Amz-Cf-Id
21UrDkzKp3P4i9MVEijWAg_Av5wXR1cNEoAj9cNQn9mq6fRIvr6Z5Q==
config.js
ifpayment.s3-accelerate.amazonaws.com/login/javascript/ 		50 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ifpayment.s3-accelerate.amazonaws.com/login/javascript/config.js?v=1.0.48
Requested by
Host: login.ledgers.cloud
URL: https://login.ledgers.cloud/auth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.127.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-127-184.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a939a5a3ebcde770fb14789432cb92d3196cf89df675c11dd813da68e42d4129

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.ledgers.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 05 Jul 2024 01:55:54 GMT
Via
1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
Last-Modified
Wed, 03 Jan 2024 13:30:35 GMT
Server
AmazonS3
x-amz-request-id
Y7VE1FJRP0PQBN6H
X-Amz-Cf-Pop
FRA60-P2
ETag
"200f684406de85e8030c1d881d5d02b6"
x-amz-server-side-encryption
AES256
X-Cache
Miss from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
51421
x-amz-id-2
hFpDK0JE8RmNCui7eGapNb51m9uKlCY0yVDxZTuYOIcZbzZ+QdiL+FI2s8nLnEnan9eHLRfu6/o=
X-Amz-Cf-Id
f2d9lSKjz9vNtIIfqsHmWNHGX5y5hw3FaPh9MHX67xvYKnAMO2CJTA==
Cognito.js
ifpayment.s3-accelerate.amazonaws.com/login/javascript/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ifpayment.s3-accelerate.amazonaws.com/login/javascript/Cognito.js?v=1.2
Requested by
Host: login.ledgers.cloud
URL: https://login.ledgers.cloud/auth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.127.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-127-184.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be58d61ccf8984749316221454837495b84b2e9c8511c22bb0b41fa95c61ff7a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.ledgers.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 05 Jul 2024 01:55:54 GMT
Via
1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Oct 2019 13:14:12 GMT
Server
AmazonS3
x-amz-request-id
Y7VFJ4MWVX1JWRD5
X-Amz-Cf-Pop
FRA60-P2
ETag
"1c090a6534cc260028b9b981696a2698"
X-Cache
Miss from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5807
x-amz-id-2
PaYhMaqZnYCotpGJDE8qMTw+Vmb6RXJMyKSXQz3eT4iDGmPdBmFAZmsvFkKJR0Wdo6LbZrmU5eY=
X-Amz-Cf-Id
aRUreYB0lA_v7_G5n51KbPHfwObpvWHl19q0p3LkQFiovDOkoEE3Eg==
phone-country-flag-select.js
ifpayment.s3-accelerate.amazonaws.com/login/javascript/ 		22 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ifpayment.s3-accelerate.amazonaws.com/login/javascript/phone-country-flag-select.js?v=1.0.0
Requested by
Host: login.ledgers.cloud
URL: https://login.ledgers.cloud/auth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.127.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-127-184.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
27df06fbcb402dda23a00b9794a477f83fb2bef2e90f3c31396791ad3cfffd4a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.ledgers.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 05 Jul 2024 01:55:54 GMT
Via
1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
Last-Modified
Sat, 14 Nov 2020 18:39:45 GMT
Server
AmazonS3
x-amz-request-id
Y7VET4A6WG0GHBFB
X-Amz-Cf-Pop
FRA60-P2
ETag
"515fe6f86ff22752f62a47b1a48ec6c5"
X-Cache
Miss from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22644
x-amz-id-2
eEMhkxmLR+fZOkmnUuIPa/xz4U5QrtZCQcHXxpGavKy0pEErn+ew4S1cHgFd0+wS9LPUxnhSDJc=
X-Amz-Cf-Id
7ABCSgoufDBkfahGIt8eSVjXW6Sk0gYRanAZYzowWKLV_jAktYBBeQ==
login.js
ifpayment.s3-accelerate.amazonaws.com/login/javascript/ 		58 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ifpayment.s3-accelerate.amazonaws.com/login/javascript/login.js?v=1.0.31
Requested by
Host: login.ledgers.cloud
URL: https://login.ledgers.cloud/auth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.127.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-127-184.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0403e42ddab809b35e8c5a644bbbd4b70eef481a3f0edd9cf18337b696122578

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.ledgers.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 05 Jul 2024 01:55:54 GMT
Via
1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
Last-Modified
Wed, 29 May 2024 07:47:32 GMT
Server
AmazonS3
x-amz-request-id
Y7VDB9J72YRGJ836
X-Amz-Cf-Pop
FRA60-P2
ETag
"dff1a51956d194847a7ca6bf22b466fd"
x-amz-server-side-encryption
AES256
X-Cache
Miss from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
59554
x-amz-id-2
GuEe4gnoxz340JBHzghZTT7lFY3S2dycUHow55CRuNqAm2/45LGAKaEcZJRE7a7wm/jApRAhULA=
X-Amz-Cf-Id
1LGJZ_KsJXurHk_2QdAKToTY5QipdHE_wZz2xOt1WxTCWtyTAe47eg==
google-one-tap.min.js
ifpayment.s3-accelerate.amazonaws.com/login/javascript/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ifpayment.s3-accelerate.amazonaws.com/login/javascript/google-one-tap.min.js?v=2.0
Requested by
Host: login.ledgers.cloud
URL: https://login.ledgers.cloud/auth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.127.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-127-184.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
794317400a3c974b50385ecc22397d50347ad80ded0cc9d7af744c4d65d79bfe

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.ledgers.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 05 Jul 2024 01:55:54 GMT
Via
1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
Last-Modified
Fri, 28 Aug 2020 12:54:48 GMT
Server
AmazonS3
x-amz-request-id
Y7VA09ZQ7FVBJJ9S
X-Amz-Cf-Pop
FRA60-P2
ETag
"c71e0f176d37dda97cbc9337c29c45f7"
X-Cache
Miss from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4542
x-amz-id-2
KRH90x9y4XAp/vv+MpBKRc6G7fDrlhsC9BFhmSJG9+HokiHnsc1aSeu/E6Id4kjssH3lUho69cw=
X-Amz-Cf-Id
xV2VwTb563xds4uOBFaJAu7LFkIAVy77ZeuQDBpT-9xyV8O2bCMcHQ==
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: login.ledgers.cloud
URL: https://login.ledgers.cloud/auth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.ledgers.cloud/
Origin
https://login.ledgers.cloud
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 01:55:53 GMT
content-encoding
gzip
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
server
cloudflare
etag
W/"2024.6.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
89e3bc4039219f2a-FRA
css
fonts.googleapis.com/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700%7CRoboto:300,400,500,600,700
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.16/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f153c5ea0d2d34e4fb54c6659bffd31847a6dd61be1c16a09d58e06a66a24d78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.ledgers.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 05 Jul 2024 01:55:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 05 Jul 2024 01:32:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 Jul 2024 01:55:52 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/ 		536 KB
213 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0481cf978633d761686dd05ed060c86593d34768aa66d43d61c4f968cbe6b63d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.ledgers.cloud/
Origin
https://login.ledgers.cloud
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 00:25:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
91793
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
217833
x-xss-protection
0
last-modified
Sun, 23 Jun 2024 08:01:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Jul 2025 00:25:59 GMT
pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700%7CRoboto:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://login.ledgers.cloud
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:48:51 GMT
x-content-type-options
nosniff
age
212821
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7840
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:02:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Jul 2025 14:48:51 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700%7CRoboto:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://login.ledgers.cloud
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 16:21:03 GMT
x-content-type-options
nosniff
age
34489
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Jul 2025 16:21:03 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700%7CRoboto:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://login.ledgers.cloud
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:55:50 GMT
x-content-type-options
nosniff
age
212402
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:01:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Jul 2025 14:55:50 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700%7CRoboto:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://login.ledgers.cloud
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 03:04:16 GMT
x-content-type-options
nosniff
age
82296
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Jul 2025 03:04:16 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700%7CRoboto:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://login.ledgers.cloud
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 18:57:16 GMT
x-content-type-options
nosniff
age
25116
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Jul 2025 18:57:16 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700%7CRoboto:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://login.ledgers.cloud
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 12:17:32 GMT
x-content-type-options
nosniff
age
49100
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Jul 2025 12:17:32 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700%7CRoboto:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://login.ledgers.cloud
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 17:31:01 GMT
x-content-type-options
nosniff
age
30291
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Jul 2025 17:31:01 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700%7CRoboto:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://login.ledgers.cloud
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 20:58:55 GMT
x-content-type-options
nosniff
age
17817
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Jul 2025 20:58:55 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700%7CRoboto:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://login.ledgers.cloud
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 07:43:41 GMT
x-content-type-options
nosniff
age
65531
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Jul 2025 07:43:41 GMT
gtm.js
www.googletagmanager.com/ 		274 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MSH2BFC
Requested by
Host: login.ledgers.cloud
URL: https://login.ledgers.cloud/auth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7e08a0237693f92117ff51ff265a1d1c94fb1008268171b2545dc72d76304214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.ledgers.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 01:55:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97112
x-xss-protection
0
last-modified
Fri, 05 Jul 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 05 Jul 2024 01:55:53 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c65ecae371f9b0be1f2b64c0e424be20b2ea17d37a46059c91df6388716b8c23

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
js
www.googletagmanager.com/gtag/ 		314 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KBG75QJ13H&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSH2BFC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
333b06094ffc648427fd5a05e5646eebdd4286679bbbc16c5d5b11d53ed61e47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.ledgers.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 01:55:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
106631
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 05 Jul 2024 01:55:53 GMT
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-KBG75QJ13H&gtm=45je4730v9103255458z8837760503za200zb837760503&_p=1720144552874&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=33260563.1720144553&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720144553&sct=1&seg=0&dl=https%3A%2F%2Flogin.ledgers.cloud%2Fauth&dt=LEDGERS%20-%20Login&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2412&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KBG75QJ13H&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.ledgers.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 05 Jul 2024 01:55:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://login.ledgers.cloud
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-KBG75QJ13H&gtm=45je4730v9103255458za200zb837760503&_p=1720144552874&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=33260563.1720144553&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1720144553&sct=1&seg=0&dl=https%3A%2F%2Flogin.ledgers.cloud%2Fauth&dt=LEDGERS%20-%20Login&en=scroll&epn.percent_scrolled=90&_et=10&tfd=2436&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KBG75QJ13H&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.ledgers.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 05 Jul 2024 01:55:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://login.ledgers.cloud
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
client
accounts.google.com/gsi/ 		219 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: ifpayment.s3-accelerate.amazonaws.com
URL: https://ifpayment.s3-accelerate.amazonaws.com/login/javascript/google-one-tap.min.js?v=2.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4013:c14::54 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e9adcbf1aa19e5fcf3c7291217420a9fb05b195ca41c21ef36c3eaa6e44c2a0f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jzRng9hGWNmoSEdHkuPnLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.ledgers.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 01:55:54 GMT
content-security-policy
script-src 'report-sample' 'nonce-jzRng9hGWNmoSEdHkuPnLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Fri, 05 Jul 2024 01:55:54 GMT
main.js
login.ledgers.cloud/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/ Frame D97C
Redirect Chain
  • https://login.ledgers.cloud/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://login.ledgers.cloud/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.ledgers.cloud/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js?
Requested by
Host: login.ledgers.cloud
URL: https://login.ledgers.cloud/auth
Protocol
H2
Server
2606:4700::6812:17a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08e6da1f5f09d63dfc2ef998311f8e736108968c81e0d039ffa378b5db212623
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 05 Jul 2024 01:55:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
89e3bc470ca23687-FRA

Redirect headers

date
Fri, 05 Jul 2024 01:55:54 GMT
server
cloudflare
vary
Accept-Encoding
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js?
access-control-allow-origin
*
cache-control
max-age: 300, public
cf-ray
89e3bc46bc7a3687-FRA
content-length
0
anchor
www.google.com/recaptcha/api2/ Frame D8F3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdO81QpAAAAALUwdi8q93Bl4AAvBee6O0j8dkVT&co=aHR0cHM6Ly9sb2dpbi5sZWRnZXJzLmNsb3VkOjQ0Mw..&hl=de&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=normal&cb=3thoefd1pxvl
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Y1yZ6g367xrUph1W0Yhhjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://login.ledgers.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Y1yZ6g367xrUph1W0Yhhjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 05 Jul 2024 01:55:54 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
fbevents.js
connect.facebook.net/en_US/ 		222 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: login.ledgers.cloud
URL: https://login.ledgers.cloud/auth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.ledgers.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 05 Jul 2024 01:55:54 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58293
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1297, tbw=2785, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
XDtS+b1Y4K/K1V7WrYvKOQWKzdo1z4W5iHg1KEXFoyeSwuHP0ZD2gh5enDx26mksY/+p9Cbprzwx4jNY2PK6pA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
auth.png
ifpayment.s3-accelerate.amazonaws.com/login/img/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ifpayment.s3-accelerate.amazonaws.com/login/img/auth.png
Requested by
Host: login.ledgers.cloud
URL: https://login.ledgers.cloud/auth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.127.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-127-184.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5d8a595eaa6adb9d5552856349e7fb8c78a7d386422616174822172d00221db4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.ledgers.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 05 Jul 2024 01:55:55 GMT
Via
1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
Last-Modified
Tue, 22 Oct 2019 11:49:36 GMT
Server
AmazonS3
x-amz-request-id
6TZWD7614AC3M2QS
X-Amz-Cf-Pop
FRA60-P2
ETag
"f09cc86e6109f5fb0b0d11224354ed34"
X-Cache
Miss from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8339
x-amz-id-2
bTdIhHdqmSr8t9wiZGEENYqrs1s3kAUkg5KKOWJuW6Vd1eBAJsDrxKcXtTTIt36f3NZuNPyc+og=
X-Amz-Cf-Id
6gZ3UZoWL8fQqIwH6X2kTmaEhFDw3cU_ASk5M79rrx1e0iLB3GQxvA==
89e3bc376c9d3687
login.ledgers.cloud/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame D97C 		0
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.ledgers.cloud/cdn-cgi/challenge-platform/h/g/jsd/r/89e3bc376c9d3687
Requested by
Host: login.ledgers.cloud
URL: https://login.ledgers.cloud/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Jul 2024 01:55:54 GMT
server
cloudflare
cf-ray
89e3bc47dd0d3687-FRA
content-length
0
content-type
text/plain; charset=UTF-8
amazon-cognito-identity.min.js
ifpayment.s3-accelerate.amazonaws.com/login/javascript/ 		44 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ifpayment.s3-accelerate.amazonaws.com/login/javascript/amazon-cognito-identity.min.js?v=1.0
Requested by
Host: ifpayment.s3-accelerate.amazonaws.com
URL: https://ifpayment.s3-accelerate.amazonaws.com/login/javascript/google-one-tap.min.js?v=2.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.127.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-127-184.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8f02bae0215c0d32753e467a37bdae375b41370156d1ed6713c8794a33e9dcb0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.ledgers.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 05 Jul 2024 01:55:55 GMT
Via
1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
Last-Modified
Wed, 28 Jun 2023 13:38:20 GMT
Server
AmazonS3
x-amz-request-id
6TZK9506Z2N4BQ98
X-Amz-Cf-Pop
FRA60-P2
ETag
"8ce267684b9294c98e1835d69cfb1812"
x-amz-server-side-encryption
AES256
X-Cache
Miss from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
45550
x-amz-id-2
OpIzptmrU+Zfck17hqJWxH7Pz+FgGShvaaX+vScBa8g75ETsAz3QVZWIsyGHjwIonZHKE8d7bfQ=
X-Amz-Cf-Id
URj28qo5etZa_UWOW5gMxbfDpvgWy0hm9DcOqWbEs0-WHtA1xRc08g==
873195840556872
connect.facebook.net/signals/config/ 		60 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/873195840556872?v=2.9.160&r=stable&domain=login.ledgers.cloud&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
533b4f7d5ceaf24ff2d494dbdebd04e4279cdb2fd433edb7622764a72a88d190
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.ledgers.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 05 Jul 2024 01:55:54 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=63, mss=1297, tbw=63834, tp=-1, tpl=-1, uplat=62, ullat=0
pragma
public
x-fb-debug
fo+czzmG7IV+gA6SvEKZc8BJ35qbXAm8dV/wjEqAU+aCLlnt/4QTZeAf2jK7vIlrCr9mvYNOnyI+IYB4fBkFvQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=873195840556872&ev=PageView&dl=https%3A%2F%2Flogin.ledgers.cloud%2Fauth&rl=&if=false&ts=1720144554418&sw=1600&sh=1200&v=2.9.160&r=stable&a=gtmss&ec=0&o=4126&fbp=fb.1.1720144554416.38420051662171096&ler=empty&cdl=API_unavailable&it=1720144554290&coo=false&eid=619ee27b-9d8d-4b49-96bb-0b07cc360150_1720144552874.16&rqm=GET
Requested by
Host: login.ledgers.cloud
URL: https://login.ledgers.cloud/auth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.ledgers.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=10, mss=1297, tbw=2811, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 05 Jul 2024 01:55:54 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=873195840556872&ev=PageView&dl=https%3A%2F%2Flogin.ledgers.cloud%2Fauth&rl=&if=false&ts=1720144554418&sw=1600&sh=1200&v=2.9.160&r=stable&a=gtmss&ec=0&o=4126&fbp=fb.1.1720144554416.38420051662171096&ler=empty&cdl=API_unavailable&it=1720144554290&coo=false&eid=619ee27b-9d8d-4b49-96bb-0b07cc360150_1720144552874.16&rqm=FGET
Requested by
Host: login.ledgers.cloud
URL: https://login.ledgers.cloud/auth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.ledgers.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x529d7298eb051a85","source_keys":["1","2"]},{"key_piece":"0x4ebea7a883d3311e","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Fri, 05 Jul 2024 01:55:54 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7387964605674065379", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=12, mss=1297, tbw=3129, tp=-1, tpl=-1, uplat=171, ullat=0
pragma
no-cache
x-fb-debug
2sLCiFSbrNrKmSvFI47M0PMkMGKu3bEhBtYtgzeAkgXA51IOAxOFz0hKlo0t5d72iutKx9QvSuYkT1XNKI2p3A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7387964605674065379"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
config.js
ifpayment.s3-accelerate.amazonaws.com/login/javascript/ 		50 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ifpayment.s3-accelerate.amazonaws.com/login/javascript/config.js?v=1.0
Requested by
Host: ifpayment.s3-accelerate.amazonaws.com
URL: https://ifpayment.s3-accelerate.amazonaws.com/login/javascript/google-one-tap.min.js?v=2.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.127.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-127-184.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a939a5a3ebcde770fb14789432cb92d3196cf89df675c11dd813da68e42d4129

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.ledgers.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 05 Jul 2024 01:55:55 GMT
Via
1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
Last-Modified
Wed, 03 Jan 2024 13:30:35 GMT
Server
AmazonS3
x-amz-request-id
6TZP3N0KQNKZSG5S
X-Amz-Cf-Pop
FRA60-P2
ETag
"200f684406de85e8030c1d881d5d02b6"
x-amz-server-side-encryption
AES256
X-Cache
Miss from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
51421
x-amz-id-2
qOZr8fIdAgZclNF29fW9DABx2/2Inkoj+NOC7Q08oPUWUzLEDm/oQtVy5ktwL960s6r/FR4Fclc=
X-Amz-Cf-Id
00zUuBXjGiRbHo9zYHoS4ETMdQLEsUlM2GJ1fPXo-g50X0qMNvFB0w==
style
accounts.google.com/gsi/ 		533 B
585 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4013:c14::54 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QVVd3I9gEyvuPAdW47OX7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.ledgers.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 01:55:54 GMT
content-security-policy
script-src 'report-sample' 'nonce-QVVd3I9gEyvuPAdW47OX7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Fri, 05 Jul 2024 01:55:54 GMT
phone-country-flag-select-utils.js
ifpayment.s3-accelerate.amazonaws.com/login/javascript/ 		214 KB
214 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ifpayment.s3-accelerate.amazonaws.com/login/javascript/phone-country-flag-select-utils.js?v=1.0
Requested by
Host: ifpayment.s3-accelerate.amazonaws.com
URL: https://ifpayment.s3-accelerate.amazonaws.com/login/javascript/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.127.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-127-184.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8f364e50f29c8fc46bc1272042a85a7d5928c52034d086c51d117f30898c781e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.ledgers.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 05 Jul 2024 01:55:55 GMT
Via
1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
Last-Modified
Sat, 14 Nov 2020 18:53:02 GMT
Server
AmazonS3
x-amz-request-id
6TZJGXTC3BE0WH7V
X-Amz-Cf-Pop
FRA60-P2
ETag
"33e0722626ccddd0776c9262dfc39513"
X-Cache
Miss from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
218860
x-amz-id-2
y+Hx7144k48YVnbfGDSfDSAICNuo1fAk0LOjOxFIeAtgkGAAdq8szqcR/n1/qfisdyQea+gTW8I=
X-Amz-Cf-Id
8ltiPeU8k10Pfe34sDAG5amioqs0SBpFT1-noaaeHINN7peab8gdxA==
uhvbr9sf
widget.intercom.io/widget/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.intercom.io/widget/uhvbr9sf
Requested by
Host: login.ledgers.cloud
URL: https://login.ledgers.cloud/auth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
035d6c44112d2cb3bb5bec7cdf82b0bc4f463e459d949ad67a6eb50b7225dc4d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.ledgers.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
eek9KFe81_rdrGEROge.QvlTxJMyiyl_
content-encoding
gzip
via
1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
date
Fri, 05 Jul 2024 01:53:23 GMT
x-amz-cf-pop
FRA2-C1
age
160
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2668
last-modified
Thu, 04 Jul 2024 16:21:24 GMT
server
AmazonS3
etag
"a4ad2f4284a0a132d8a05c885ee87f9c"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=300, s-maxage=300, public
accept-ranges
bytes
x-amz-cf-id
X9DqPdlG3_HnPEwGmQXnUgAPLId8zZSisSlbpocoobaWycXKenIfXQ==
rum
login.ledgers.cloud/cdn-cgi/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.ledgers.cloud/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://login.ledgers.cloud/auth
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Fri, 05 Jul 2024 01:55:54 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://login.ledgers.cloud
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
89e3bc4c1f033687-FRA
favicon-lp.ico
ledgers.cloud/c/images/ 		23 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ledgers.cloud/c/images/favicon-lp.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9b74b2e0dbeac464fad10e6abd54f72ae07e3df759c96745bf98ec021294339
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.ledgers.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 01:55:55 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Wed, 03 Jul 2024 13:32:02 GMT
server
cloudflare
etag
W/"668552d2-5a1e"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/x-icon
cache-control
public, max-age=1800
cf-ray
89e3bc4c3f153687-FRA
expires
Fri, 05 Jul 2024 02:25:55 GMT
frame-modern.b4b6b51d.js
js.intercomcdn.com/ Frame 9119 		458 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.b4b6b51d.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/uhvbr9sf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
64351ef7026b06738077bcf9a5be86bf7692a1f3814e638d59ee1a5a8ae17b56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
uvqm.ogeYnvR_AGasCsJz0goDf3XsLuM
content-encoding
gzip
via
1.1 ae80ccab7109b5d2f1c1ee784af203a6.cloudfront.net (CloudFront)
date
Fri, 05 Jul 2024 00:21:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P9
age
5668
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
141000
last-modified
Thu, 04 Jul 2024 16:18:01 GMT
server
AmazonS3
etag
"f4ae053a1e340c217f12e7f3bb7c8620"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
UG4uh9QDDZ_ZMLoQjOkRNCA0GyQ8Egf1x11uCwWpxt_AJLKVA9lT9g==
vendor-modern.bc52aebd.js
js.intercomcdn.com/ Frame 9119 		455 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.bc52aebd.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/uhvbr9sf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eea9f67534400ce075ffffb3d0f45c43300e6c6e244d5b566dca5fedb480e087
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Mw1h9i8Md7P3qjd15fFHiY3cqmFJcVuL
content-encoding
gzip
via
1.1 ae80ccab7109b5d2f1c1ee784af203a6.cloudfront.net (CloudFront)
date
Fri, 05 Jul 2024 01:17:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P9
age
2286
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
147287
last-modified
Thu, 04 Jul 2024 09:15:11 GMT
server
AmazonS3
etag
"045ab66ea0acdc79774f2aae33a45b67"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
U_ziHGfufUOTzticCE7DAk1uW8XPYQcYauQACyLVSYeOwavo6oQHSQ==
ping
api-iam.intercom.io/messenger/web/ Frame 9119 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.b4b6b51d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.214.210.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-210-209.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b8533cd781fcac4dae066edb09125b69e39d4926df4d603bd242ead11be440c2
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 05 Jul 2024 01:55:56 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-0876d08bfee18aafd
status
200 OK
x-xss-protection
1; mode=block
x-request-id
000ivndfg2u5ggmkjrng
x-runtime
0.783077
server
nginx
etag
W/"b8533cd781fcac4dae066edb09125b69"
x-request-queueing
0
vary
Accept,Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://login.ledgers.cloud
x-intercom-version
53f24b4f70b28870fc55883017b3f3306fafd828
access-control-expose-headers
x-request-id
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
conversations
api-iam.intercom.io/messenger/web/ Frame 9119 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/conversations
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.b4b6b51d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.214.210.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-210-209.compute-1.amazonaws.com
Software
nginx /
Resource Hash
63c21979b2516e28c12f3edfe5e22ab0afe7c06419b49e716c1ef7d8e6f8e257
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 05 Jul 2024 01:55:57 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-0876d08bfee18aafd
status
200 OK
x-xss-protection
1; mode=block
x-request-id
0009v9lc00gehbeluibg
x-runtime
0.203014
server
nginx
etag
W/"63c21979b2516e28c12f3edfe5e22ab0"
x-request-queueing
0
vary
Accept,Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://login.ledgers.cloud
x-intercom-version
53f24b4f70b28870fc55883017b3f3306fafd828
access-control-expose-headers
x-request-id
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
vendors~app~tooltips-modern.56895bc9.js
js.intercomcdn.com/ Frame 9119 		713 KB
171 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendors~app~tooltips-modern.56895bc9.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.b4b6b51d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cdee95f872913f7f5357b04bb7e879c2b49cfad758022a2c61c71b16d0a72036
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Q6kw4prfeFLFKJ5apez6u9izobfYfRfu
content-encoding
gzip
via
1.1 ae80ccab7109b5d2f1c1ee784af203a6.cloudfront.net (CloudFront)
date
Fri, 05 Jul 2024 00:13:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P9
age
6175
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
173997
last-modified
Tue, 02 Jul 2024 10:08:22 GMT
server
AmazonS3
etag
"b21784185df708c6e4ecc15c9e5a5395"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
os46zfPaeCq2ZBT7FV4psPxs31enhFM5GKqYo5a3nmf1ZJuzYAte8A==
vendors~app-modern.084581dd.js
js.intercomcdn.com/ Frame 9119 		78 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendors~app-modern.084581dd.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.b4b6b51d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a74b0101bb1adbe9a73609ec8c93194a5fde6c846b97ad4d9b3dac85e2f8f0ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
pXlXTl72HXYkwHuZGtI6Qi3tDuzDlv.K
content-encoding
gzip
via
1.1 ae80ccab7109b5d2f1c1ee784af203a6.cloudfront.net (CloudFront)
date
Fri, 05 Jul 2024 00:45:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P9
age
4248
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
25889
last-modified
Tue, 02 Jul 2024 10:08:22 GMT
server
AmazonS3
etag
"4702587adf929044f7c592e592eae978"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
RlG1zoUu_bkCrMlj2_AB5WenOgoKRNIFuDuqP-__BeU-9gCtqu_I6A==
app~tooltips-modern.d92e468c.js
js.intercomcdn.com/ Frame 9119 		200 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/app~tooltips-modern.d92e468c.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.b4b6b51d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
61c6d0d67ee0fdc62db2070c9efbda66a440199859690c9e7220f4aa46e15439
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
HkmrheJ9kLIKTtW5Kv22hpJD6fLT4ZaO
content-encoding
gzip
via
1.1 ae80ccab7109b5d2f1c1ee784af203a6.cloudfront.net (CloudFront)
date
Fri, 05 Jul 2024 00:44:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P9
age
4296
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54802
last-modified
Thu, 04 Jul 2024 14:41:28 GMT
server
AmazonS3
etag
"3364f8f292d6c30b9a237cf0d578ecdd"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
PZVarCnaV1zFfvw7ij1Z82GqLzZmdyvW95QP0uhbw1HeYXD28Ba_3A==
app-modern.c8b9a259.js
js.intercomcdn.com/ Frame 9119 		474 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/app-modern.c8b9a259.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.b4b6b51d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0617ac738cc4966b1b29c25d4e08121eb39ac700e9344828783c3e4dd51628b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
0_Ps7zorInpFD3u0J9MRpruEnlILqtIB
content-encoding
gzip
via
1.1 ae80ccab7109b5d2f1c1ee784af203a6.cloudfront.net (CloudFront)
date
Fri, 05 Jul 2024 00:21:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P9
age
5669
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
139692
last-modified
Thu, 04 Jul 2024 16:18:01 GMT
server
AmazonS3
etag
"ad799aa3d44ba29ab6b436328f2745c3"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
ObXp5HsRdqWoodcI8gV20CM288e6yYfNhCj29GtnH3YYeoPMEFbIow==
vendors~message-modern.3a7d5ee5.js
js.intercomcdn.com/ Frame 9119 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendors~message-modern.3a7d5ee5.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.b4b6b51d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.245.46.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8af4011be0c8203b4f6cf23dbd79d20e60a7b1f65d3119a9dfdeb021bf4bbdc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
T1gW6dZGMQIaQA2KIg_AwJEhq5i4vtNv
content-encoding
gzip
via
1.1 5335ce80c0b9264bc591cce2c73bef5e.cloudfront.net (CloudFront)
date
Fri, 05 Jul 2024 01:09:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P9
age
2805
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5268
last-modified
Wed, 03 Jul 2024 16:33:34 GMT
server
AmazonS3
etag
"4675e8cbf737fcf320c8b29d3d2e8549"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
cVEWqJmd5tHjCaQ1Zgjw74Uokl57CjPP86kZmHjNgVbhaLkHCKlLcw==
message-modern.eca8dd83.js
js.intercomcdn.com/ Frame 9119 		89 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/message-modern.eca8dd83.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.b4b6b51d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.245.46.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e56baaab23f0d21ff00bcf956339b467996e0f69c74b5f7c7c7ff412446cc7e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
2miexxnK3eNsQ14mfACHmZxfiGACTtgt
content-encoding
gzip
via
1.1 5335ce80c0b9264bc591cce2c73bef5e.cloudfront.net (CloudFront)
date
Fri, 05 Jul 2024 00:44:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P9
age
4294
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
24726
last-modified
Thu, 04 Jul 2024 14:41:29 GMT
server
AmazonS3
etag
"18237b54f677ce5b5740ec639a30ca4b"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
_p2q2ZPMuE9M_XXlo_o31qOQpuoMQXpAsBabxnUXzyPt18ih7azlkA==
truncated
/ Frame 4AC2 		263 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2c62424e1240037e1acb6e83db86800c98cd0616990c45a1e233e77c5ec0970f

Request headers

Referer
Origin
https://login.ledgers.cloud
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
notification.a161938bc0ae5943ddec.mp3
js.intercomcdn.com/audio/ Frame 9119 		22 KB
23 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/audio/notification.a161938bc0ae5943ddec.mp3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.245.46.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0e6563a609efbf837985e4c598f5f41ef3f32634e60f2abe5e124594f2ea05d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
GMdeHAERSYFUL3_uqRIn9CLchgw0WMr7
date
Fri, 05 Jul 2024 00:13:44 GMT
via
1.1 5335ce80c0b9264bc591cce2c73bef5e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P9
age
6134
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
Content-Range
bytes 0-22812/22813
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
Content-Length
22813
last-modified
Wed, 03 Jul 2024 16:33:39 GMT
server
AmazonS3
etag
"205767301bc13a45332af776d517aada"
vary
Accept-Encoding
content-type
audio/mpeg
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
_ism6aP7B-wP92LW1Re2J3HdWluMfz6D4q9pAqHvQz-TX2inyDvxXQ==
dismiss.1e6831c11588937baf1e.png
js.intercomcdn.com/images/ Frame C57F 		124 B
574 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js.intercomcdn.com/images/dismiss.1e6831c11588937baf1e.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.245.46.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3878bc01fed86222528eaaad9dd98fac94e82c88e7d8bf6e5e3750db93f6caa3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
oY3IQ42abIZsB88p_A.Im8i1hAn5Xp5Y
date
Fri, 05 Jul 2024 01:44:59 GMT
via
1.1 5335ce80c0b9264bc591cce2c73bef5e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P9
age
659
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
124
last-modified
Wed, 03 Jul 2024 16:33:39 GMT
server
AmazonS3
etag
"249568e72cec7bca9d1887e46abe4f74"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
1iWvV714hasIJtgTbTexo6-Zkd05QitzW6fab1t_W05JRcmSrcqTQA==
WhatsApp_Image_2023-07-05_at_11.28.01-1688536705.jpeg
static.intercomassets.com/avatars/6605617/square_128/ Frame C57F 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.intercomassets.com/avatars/6605617/square_128/WhatsApp_Image_2023-07-05_at_11.28.01-1688536705.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-101.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
86f2729eedf3916b501d00f0cf8c3bf1537b162990326d1812ddab085cddb8ea

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 01:55:59 GMT
x-amz-version-id
s1N5O79F_XnSGbRZeusDCVGrKadUm.Fe
via
1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12031
last-modified
Wed, 05 Jul 2023 05:58:26 GMT
server
AmazonS3
etag
"038bf6f02159eadf17712570b2ddc61d"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
t88ZVAKwgK535WRDeI9Ye6-yxFDCp_uIQHmjk_JvEV0io0zLCarRQw==
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-KBG75QJ13H&gtm=45je4730v9103255458z8837760503za200zb837760503&_p=1720144552874&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=33260563.1720144553&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&sid=1720144553&sct=1&seg=0&dl=https%3A%2F%2Flogin.ledgers.cloud%2Fauth&dt=LEDGERS%20-%20Login&_s=3&tfd=7437&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KBG75QJ13H&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://login.ledgers.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 05 Jul 2024 01:55:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://login.ledgers.cloud
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 undefined| event object| fence object| sharedStorage object| WebFont object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| $ function| jQuery object| dataLayer object| recaptcha object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| AWSCognito object| AmazonCognitoIdentity object| psl string| logstate string| favlink string| logdevice string| logdeviceparam string| debug string| logredir object| query function| parseQuery number| recaptchack function| onRecaptchaSuccess string| USER_POOL_ID string| CLIENT_ID object| ALLOWEDPUBLICSTATES object| ALLOWEDEMPSTATES object| CALLBACK object| STATEDOMAIN object| COMMONHOST object| LOGO object| ICON object| Cognito object| telInput function| login_setfocus function| forgot_setfocus function| getUrlVars function| chat_open undefined| signup undefined| forgot undefined| setuppassword undefined| loginemail undefined| google_login undefined| setup undefined| email undefined| mobile undefined| setpassword object| intercomSettings function| Intercom function| GetDomain object| GOTLogin function| GOneTapTkn function| GOneTapInit string| GOneTapRedir object| __cfBeacon object| closure_lm_989873 function| fbq function| _fbq function| checkAccess function| getCookie object| apiService object| mobile_otp object| default_gsi object| _F_toggles object| google object| closure_lm_929241 object| __G_ID_CLIENT__ object| intlTelInputUtils function| __intercomAssignLocation function| __intercomReloadLocation

9 Cookies

Domain/Path Name / Value
.ledgers.cloud/ Name: __cf_bm
Value: A62_cj_Ix9bq1TksdNPyAlIg6Cm8oX5L9zMstc3tNmE-1720144551-1.0.1.1-gYKNfswX0PGyAzi1ZdVr_fqUQHm2UoNmwX1MRK91BcRjy6dJLtSoznRgLUHPswXuWnvhmFiumHbfDXVirLR0dA
.ledgers.cloud/ Name: _gcl_au
Value: 1.1.2012440002.1720144553
.ledgers.cloud/ Name: _ga
Value: GA1.1.33260563.1720144553
.ledgers.cloud/ Name: _ga_KBG75QJ13H
Value: GS1.1.1720144553.1.0.1720144554.0.0.0
.ledgers.cloud/ Name: cf_clearance
Value: 4Rm_Q_iXVF5uCcV1XwBcQm6kRAEEYTyBu0FzvkY4ktY-1720144554-1.0.1.1-ZiTJ3y_kzI0n5Qbrtpi4dtE3gxhTspXMeIS_VLRnSo5XM676iqtBuTqQ4lPldBD7ZLkMn_khnXopmP6OTkPdRw
.ledgers.cloud/ Name: _fbp
Value: fb.1.1720144554416.38420051662171096
.ledgers.cloud/ Name: intercom-id-uhvbr9sf
Value: 966c80a0-7f66-4a35-8221-cecd7d9c2e85
.ledgers.cloud/ Name: intercom-session-uhvbr9sf
Value:
.ledgers.cloud/ Name: intercom-device-id-uhvbr9sf
Value: c8b19ddc-46af-4cd0-86ca-9d2818c3606c

9 Console Messages

Source Level URL
Text
recommendation verbose URL: https://login.ledgers.cloud/auth
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
recommendation verbose URL: https://login.ledgers.cloud/auth
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
recommendation verbose URL: https://login.ledgers.cloud/auth
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
recommendation verbose URL: https://login.ledgers.cloud/auth
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
recommendation verbose URL: https://login.ledgers.cloud/auth
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
recommendation verbose URL: https://login.ledgers.cloud/auth
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
recommendation verbose URL: https://login.ledgers.cloud/auth
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
recommendation verbose URL: https://login.ledgers.cloud/auth
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
other error URL: https://login.ledgers.cloud/auth
Message:
Provider's accounts list is empty.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ajax.googleapis.com
api-iam.intercom.io
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
ifpayment.s3-accelerate.amazonaws.com
ifpayment.s3.ap-south-1.amazonaws.com
js.intercomcdn.com
ledgers.cloud
login.ledgers.cloud
region1.google-analytics.com
static.cloudflareinsights.com
static.intercomassets.com
widget.intercom.io
www.facebook.com
www.google.com
www.googletagmanager.com
www.gstatic.com
13.224.189.35
13.225.78.101
142.250.184.228
16.12.40.86
18.214.210.209
18.245.46.55
18.66.127.184
2001:4860:4802:32::36
2606:4700::6810:4f49
2606:4700::6812:17a5
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2008
2a00:1450:4001:810::200a
2a00:1450:4001:827::2003
2a00:1450:4013:c14::54
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
035d6c44112d2cb3bb5bec7cdf82b0bc4f463e459d949ad67a6eb50b7225dc4d
0403e42ddab809b35e8c5a644bbbd4b70eef481a3f0edd9cf18337b696122578
0481cf978633d761686dd05ed060c86593d34768aa66d43d61c4f968cbe6b63d
0617ac738cc4966b1b29c25d4e08121eb39ac700e9344828783c3e4dd51628b7
08e6da1f5f09d63dfc2ef998311f8e736108968c81e0d039ffa378b5db212623
0e6563a609efbf837985e4c598f5f41ef3f32634e60f2abe5e124594f2ea05d0
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27df06fbcb402dda23a00b9794a477f83fb2bef2e90f3c31396791ad3cfffd4a
2c4d26c1a8889ec4d7895cf39c47d928c234cad50abd06be50ae4bf09c446a5d
2c62424e1240037e1acb6e83db86800c98cd0616990c45a1e233e77c5ec0970f
2d51d6f11dcf62f4ed12dd1ac2e171c4b5e10d22a6d6c0d4b3ae0fedde315faf
333b06094ffc648427fd5a05e5646eebdd4286679bbbc16c5d5b11d53ed61e47
3878bc01fed86222528eaaad9dd98fac94e82c88e7d8bf6e5e3750db93f6caa3
445310aed819ef7aa03989f5b18ea0bc03a8b63a721c9c25df0a7de017d1e192
533b4f7d5ceaf24ff2d494dbdebd04e4279cdb2fd433edb7622764a72a88d190
5d8a595eaa6adb9d5552856349e7fb8c78a7d386422616174822172d00221db4
5e12dd8f5a566d0d15e4bcf2d602c34f4f74ba5603ce1133a053f4c77a3bd4ef
61c6d0d67ee0fdc62db2070c9efbda66a440199859690c9e7220f4aa46e15439
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
63c21979b2516e28c12f3edfe5e22ab0afe7c06419b49e716c1ef7d8e6f8e257
64351ef7026b06738077bcf9a5be86bf7692a1f3814e638d59ee1a5a8ae17b56
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
794317400a3c974b50385ecc22397d50347ad80ded0cc9d7af744c4d65d79bfe
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e08a0237693f92117ff51ff265a1d1c94fb1008268171b2545dc72d76304214
86f2729eedf3916b501d00f0cf8c3bf1537b162990326d1812ddab085cddb8ea
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8af4011be0c8203b4f6cf23dbd79d20e60a7b1f65d3119a9dfdeb021bf4bbdc8
8f02bae0215c0d32753e467a37bdae375b41370156d1ed6713c8794a33e9dcb0
8f364e50f29c8fc46bc1272042a85a7d5928c52034d086c51d117f30898c781e
9255629f22cc3fde83390e484a3a95e66c422dc06ae9b880fc9e64845988d7df
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
a27b57a502c254ffebc99d08f3cc5a55a776467d1cc96b4ac2a385118c1d5b0d
a28396880470a28e0525bdc0ea326ffb811de7de13662d02f7530dbbe3f12d90
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
a74b0101bb1adbe9a73609ec8c93194a5fde6c846b97ad4d9b3dac85e2f8f0ef
a939a5a3ebcde770fb14789432cb92d3196cf89df675c11dd813da68e42d4129
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b839aef14294b41136fa0148debe6c33a62b5e155c31de495de72bdb828ec408
b8533cd781fcac4dae066edb09125b69e39d4926df4d603bd242ead11be440c2
b9b74b2e0dbeac464fad10e6abd54f72ae07e3df759c96745bf98ec021294339
be58d61ccf8984749316221454837495b84b2e9c8511c22bb0b41fa95c61ff7a
c051c10e736eae3022331687511977f3540617001603e945b709633c2e4d43c9
c65ecae371f9b0be1f2b64c0e424be20b2ea17d37a46059c91df6388716b8c23
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cdee95f872913f7f5357b04bb7e879c2b49cfad758022a2c61c71b16d0a72036
dd1bfb4b4184d22f44d6b5fba211c1202af2287e1d0fec1fb11cd61ab4235f7f
df85e001ce72e46c578531cf3ea8bbb0712a4af63abc112d9d633e474c05965f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56baaab23f0d21ff00bcf956339b467996e0f69c74b5f7c7c7ff412446cc7e1
e9adcbf1aa19e5fcf3c7291217420a9fb05b195ca41c21ef36c3eaa6e44c2a0f
edb3316fc52d56a3b6b33350290c26340a5288894b7841eb0adc10011b376089
eea9f67534400ce075ffffb3d0f45c43300e6c6e244d5b566dca5fedb480e087
f153c5ea0d2d34e4fb54c6659bffd31847a6dd61be1c16a09d58e06a66a24d78
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef