urlscan.io logo urlscan.io
SecurityTrails logo

www.ledger-enquirer.com Open in urlscan Pro
2.17.183.44  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ledger-enquirer.com/
Effective URL: https://www.ledger-enquirer.com/
Submission: On March 17 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 106 IPs in 9 countries across 86 domains to perform 349 HTTP transactions. The main IP is 2.17.183.44, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.ledger-enquirer.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 11th 2021. Valid for: a year.
This is the only time www.ledger-enquirer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 166.108.36.245 6118 (MCCLATCHY...)
51 2.17.183.44 16625 (AKAMAI-AS)
7 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
4 2600:9000:214... 16509 (AMAZON-02)
13 142.250.185.162 15169 (GOOGLE)
2 52.19.133.54 16509 (AMAZON-02)
1 143.204.202.80 16509 (AMAZON-02)
1 99.80.128.92 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 6 34.249.66.13 16509 (AMAZON-02)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 108.128.151.98 16509 (AMAZON-02)
2 35.181.18.61 16509 (AMAZON-02)
1 1 99.81.11.244 16509 (AMAZON-02)
1 143.204.90.45 16509 (AMAZON-02)
3 2a02:2638::3 44788 (ASN-CRITE...)
2 11 104.108.145.8 16625 (AKAMAI-AS)
5 104.108.144.214 16625 (AKAMAI-AS)
1 2 107.178.250.234 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 3 2620:116:800d... 16509 (AMAZON-02)
1 2 54.220.99.191 16509 (AMAZON-02)
1 104.79.89.24 16625 (AKAMAI-AS)
4 2a00:1450:400... 15169 (GOOGLE)
1 35.244.220.155 15169 (GOOGLE)
1 2600:9000:21f... 16509 (AMAZON-02)
1 2600:9000:218... 16509 (AMAZON-02)
2 151.101.113.194 54113 (FASTLY)
3 13.226.158.204 16509 (AMAZON-02)
1 13.226.159.79 16509 (AMAZON-02)
14 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:218... 16509 (AMAZON-02)
6 13.226.157.31 16509 (AMAZON-02)
1 143.204.206.118 16509 (AMAZON-02)
6 54.183.218.81 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 23.37.53.17 16625 (AKAMAI-AS)
9 10 151.101.14.49 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
4 35.168.95.93 14618 (AMAZON-AES)
1 3.236.169.51 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
2 4 37.252.172.36 29990 (ASN-APPNEX)
2 178.250.2.131 44788 (ASN-CRITE...)
1 3 34.98.64.218 15169 (GOOGLE)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 213.19.162.51 3356 (LEVEL3)
7 2a00:1450:400... 15169 (GOOGLE)
1 34.194.161.83 14618 (AMAZON-AES)
3 13.226.159.106 16509 (AMAZON-02)
2 185.64.189.115 62713 (AS-PUBMATIC)
9 12 172.217.23.98 15169 (GOOGLE)
1 7 52.95.118.60 16509 (AMAZON-02)
1 34.120.133.55 15169 (GOOGLE)
3 6 54.228.21.183 16509 (AMAZON-02)
9 2a04:4e42:1b:... 54113 (FASTLY)
1 178.250.2.151 44788 (ASN-CRITE...)
2 2 213.155.156.182 1299 (TELIANET ...)
9 185.64.190.80 62713 (AS-PUBMATIC)
1 3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.60.138 42697 (NETIC-AS)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.249 62713 (AS-PUBMATIC)
1 2 169.50.137.190 36351 (SOFTLAYER)
1 14 185.64.189.110 62713 (AS-PUBMATIC)
2 3 37.157.6.247 198622 (ADFORM)
4 4 185.29.135.190 30419 (MEDIAMATH...)
8 8 35.158.172.137 16509 (AMAZON-02)
2 2 18.185.197.81 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 13.32.25.48 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 8 69.173.144.138 26667 (RUBICONPR...)
2 104.108.145.172 16625 (AKAMAI-AS)
1 2.16.107.122 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.195.22.17 16509 (AMAZON-02)
4 13.32.21.39 16509 (AMAZON-02)
1 2 185.94.180.125 35220 (SPOTX-AMS)
1 1 13.226.159.129 16509 (AMAZON-02)
1 2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 23.37.42.132 16625 (AKAMAI-AS)
4 2a03:2880:f11... 32934 (FACEBOOK)
4 185.64.189.114 62713 (AS-PUBMATIC)
1 54.239.17.112 16509 (AMAZON-02)
1 1 193.0.160.129 54312 (ROCKETFUEL)
3 3 18.185.192.106 16509 (AMAZON-02)
12 18.193.207.151 16509 (AMAZON-02)
1 1 69.173.144.139 26667 (RUBICONPR...)
5 5 52.51.245.167 16509 (AMAZON-02)
2 2 198.148.27.139 19189 (PULSEPOINT)
1 1 185.86.138.142 201081 (SMARTADSE...)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
1 63.251.232.170 29791 (VOXEL-DOT...)
2 2 87.98.128.108 16276 (OVH)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 3 151.101.13.44 54113 (FASTLY)
1 2 35.227.248.159 15169 (GOOGLE)
1 1 146.59.148.16 16276 (OVH)
1 2 2a00:1288:110... 34010 (YAHOO-IRD)
2 2 3.126.56.137 16509 (AMAZON-02)
1 1 2001:678:cb4:... 56396 (TURN)
1 1 159.65.197.210 14061 (DIGITALOC...)
2 2 66.155.71.149 13768 (COGECO-PEER1)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 34.98.107.212 15169 (GOOGLE)
1 1 37.252.173.22 29990 (ASN-APPNEX)
1 1 54.76.58.94 16509 (AMAZON-02)
1 1 34.235.235.184 14618 (AMAZON-AES)
1 35.244.174.68 15169 (GOOGLE)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 23.21.76.253 14618 (AMAZON-AES)
1 2a02:2638::1c 44788 (ASN-CRITE...)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 52.86.196.188 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
3 6 54.237.174.15 14618 (AMAZON-AES)
3 2600:1f18:444... 14618 (AMAZON-AES)
1 2 92.123.150.214 16625 (AKAMAI-AS)
349 106
1    166.108.36.245 (United States)

ASN6118 (MCCLATCHY-CORP, US)
ledger-enquirer.com
51    2.17.183.44 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-17-183-44.deploy.static.akamaitechnologies.com
www.ledger-enquirer.com
media.ledger-enquirer.com
media.mcclatchy.com
www.macon.com
www.sacbee.com
www.mcclatchy-wires.com
7    2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
9    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2600:9000:214f:1a00:15:d134:4e40:93a1 (United States)

ASN16509 (AMAZON-02, US)
ovp.iris.tv
13    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
pubads.g.doubleclick.net
securepubads.g.doubleclick.net
2    52.19.133.54 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-133-54.eu-west-1.compute.amazonaws.com
mcclatchy.tt.omtrdc.net
mboxedge37.tt.omtrdc.net
1    143.204.202.80 (United States)

ASN16509 (AMAZON-02, US)
mcclatchy-ledger-enquirer.zeustechnology.com
1    99.80.128.92 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
ad.crwdcntrl.net
2    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
contributor.google.com
6    34.249.66.13 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-66-13.eu-west-1.compute.amazonaws.com
dpm.demdex.net
3    2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
2    2a02:26f0:6c00::210:ba4b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ds-aksb-a.akamaihd.net
7    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    108.128.151.98 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-151-98.eu-west-1.compute.amazonaws.com
mcclatchy.demdex.net
2    35.181.18.61 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-181-18-61.eu-west-3.compute.amazonaws.com
mcclatchy.sc.omtrdc.net
1    99.81.11.244 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-11-244.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    143.204.90.45 (United States)

ASN16509 (AMAZON-02, US)
analytics-check.publishersite.xyz
3    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
11    104.108.145.8 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-8.deploy.static.akamaitechnologies.com
js-sec.indexww.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
5    104.108.144.214 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-144-214.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    107.178.250.234 (Kansas City, United States)

ASN15169 (GOOGLE, US)
js.matheranalytics.com
3    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
edge.quantserve.com
pixel.quantserve.com
2    54.220.99.191 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
secure-us.imrworldwide.com
1    104.79.89.24 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
s.ntv.io
4    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    35.244.220.155 (Kansas City, United States)

ASN15169 (GOOGLE, US)
ats.rlcdn.com
1    2600:9000:21f3:4600:11:b309:9100:21 (United States)

ASN16509 (AMAZON-02, US)
d15kdpgjg3unno.cloudfront.net
1    2600:9000:2182:7000:5:82fd:2500:21 (United States)

ASN16509 (AMAZON-02, US)
dyv1bugovvq1g.cloudfront.net
2    151.101.113.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
3    13.226.158.204 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-158-204.dus51.r.cloudfront.net
c.amazon-adsystem.com
1    13.226.159.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-79.dus51.r.cloudfront.net
tags.crwdcntrl.net
14    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2600:9000:2182:5600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
6    13.226.157.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-157-31.dus51.r.cloudfront.net
edge.api.brightcove.com
1    143.204.206.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-206-118.fra53.r.cloudfront.net
cdn.parsely.com
6    54.183.218.81 (San Jose, United States)

ASN16509 (AMAZON-02, US)
jadserve.postrelease.com
1    2a00:1450:400c:c09::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    23.37.53.17 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-53-17.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com
10    151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
lasteventf-tm.everesttech.net
sync-tm.everesttech.net
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    35.168.95.93 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
www.i.matheranalytics.com
1    3.236.169.51 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sqs.us-east-1.amazonaws.com
1    2a00:1450:4001:812::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
geo.rlcdn.com
4    37.252.172.36 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
3    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
mcclatchy-d.openx.net
us-u.openx.net
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    213.19.162.51 (United Kingdom)

ASN3356 (LEVEL3, US)
fastlane.rubiconproject.com
7    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    34.194.161.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
p1.parsely.com
3    13.226.159.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-106.dus51.r.cloudfront.net
context.iris.tv
2    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
12    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net
cm.g.doubleclick.net
7    52.95.118.60 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
6    54.228.21.183 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-21-183.eu-west-1.compute.amazonaws.com
match.adsrvr.org
9    2a04:4e42:1b::539 (United States)

ASN54113 (FASTLY, US)
manifest.prod.boltdns.net
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    213.155.156.182 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-182.teliacarrier-cust.com
d5p.de17a.com
9    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
3    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
spl.zeotap.com
2    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
visitor.fiftyt.com
1    185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
14    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
3    37.157.6.247 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
4    185.29.135.190 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
8    35.158.172.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-172-137.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    18.185.197.81 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
rtb.mfadsrvr.com
1    2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    13.32.25.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-25-48.fra56.r.cloudfront.net
cf-images.us-east-1.prod.boltdns.net
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
8    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
2    104.108.145.172 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-172.deploy.static.akamaitechnologies.com
z.moatads.com
s-jsonp.moatads.com
1    2.16.107.122 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-122.deploy.static.akamaitechnologies.com
ntvcld-a.akamaihd.net
1    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
c1f31c4f12c0eaaad54eb18038e2b798.safeframe.googlesyndication.com
6    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
5    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    18.195.22.17 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ads.celtra.com
4    13.32.21.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-21-39.fra56.r.cloudfront.net
cache-ssl.celtra.com
2    185.94.180.125 (United States)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    13.226.159.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-129.dus51.r.cloudfront.net
s.ad.smaato.net
2    2a02:fa8:8806:20::2010 (United States)

ASN41041 (VCLK-EU-SE, US)
amazon-tam-match.dotomi.com
casale-match.dotomi.com
2    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
image4.pubmatic.com
1    54.239.17.112 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
3    18.185.192.106 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pm.w55c.net
12    18.193.207.151 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
track.celtra.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
5    52.51.245.167 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-245-167.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    185.86.138.142 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    63.251.232.170 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
2    87.98.128.108 (France)

ASN16276 (OVH, FR)
green.erne.co
2    2606:4700::6812:c05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
3    151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
trc.taboola.com
match.taboola.com
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
1    146.59.148.16 (France)

ASN16276 (OVH, FR)
pixel.onaudience.com
2    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
2    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
1    159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    2a02:fa8:8806:16::1400 (United States)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    34.98.107.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
ads.playground.xyz
1    37.252.173.22 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    54.76.58.94 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
rtb.gumgum.com
1    34.235.235.184 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.ipredictive.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
1    23.21.76.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
api.ipify.org
1    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a02:26f0:10c::5f64:c130 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
b-code.liadm.com
1    2600:1f18:730:b140:28d8:9783:2a08:4b54 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    52.86.196.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp4.liadm.com
1    2a00:1450:4007:818::2003 (Ireland)

ASN15169 (GOOGLE, US)
csi.gstatic.com
6    54.237.174.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i.liadm.com
3    2600:1f18:444a:4680:252d:a0d8:b19f:2c13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
2    92.123.150.214 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-150-214.deploy.static.akamaitechnologies.com
x.dlx.addthis.com
Apex Domain
Subdomains		 Transfer
41 ledger-enquirer.com
ledger-enquirer.com
www.ledger-enquirer.com
media.ledger-enquirer.com
1 MB
36 pubmatic.com
ads.pubmatic.com
hbopenbid.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
aud.pubmatic.com
simage2.pubmatic.com
simage4.pubmatic.com
image4.pubmatic.com
71 KB
26 doubleclick.net
pubads.g.doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
133 KB
26 google.com
www.google.com
contributor.google.com
fundingchoicesmessages.google.com
adservice.google.com
184 KB
17 celtra.com
ads.celtra.com
cache-ssl.celtra.com
track.celtra.com
595 KB
16 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
1 MB
14 googlesyndication.com
c1f31c4f12c0eaaad54eb18038e2b798.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
145 KB
13 liadm.com
b-code.liadm.com
rp.liadm.com
rp4.liadm.com
i.liadm.com
i6.liadm.com
18 KB
12 boltdns.net
manifest.prod.boltdns.net
cf-images.us-east-1.prod.boltdns.net
419 KB
12 rubiconproject.com
fastlane.rubiconproject.com
pixel.rubiconproject.com
eus.rubiconproject.com
pixel-eu.rubiconproject.com
token.rubiconproject.com
19 KB
11 amazon-adsystem.com
c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com
39 KB
11 everesttech.net
cm.everesttech.net
lasteventf-tm.everesttech.net
sync-tm.everesttech.net
2 KB
10 casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
10 KB
8 bidswitch.net
x.bidswitch.net
3 KB
7 demdex.net
dpm.demdex.net
mcclatchy.demdex.net
10 KB
7 iris.tv
ovp.iris.tv
context.iris.tv
62 KB
7 cookielaw.org
cdn.cookielaw.org
113 KB
6 adsrvr.org
match.adsrvr.org
3 KB
6 postrelease.com
jadserve.postrelease.com
5 KB
6 brightcove.com
edge.api.brightcove.com
27 KB
6 matheranalytics.com
js.matheranalytics.com
www.i.matheranalytics.com
26 KB
6 mcclatchy.com
media.mcclatchy.com
82 KB
5 yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
ads.yahoo.com
3 KB
5 bidr.io
match.prod.bidr.io
2 KB
5 adnxs.com
ib.adnxs.com
secure.adnxs.com
5 KB
5 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
680 KB
4 facebook.com
www.facebook.com
973 B
4 mathtag.com
sync.mathtag.com
2 KB
4 criteo.com
bidder.criteo.com
dis.criteo.com
gum.criteo.com
782 B
4 rlcdn.com
ats.rlcdn.com
geo.rlcdn.com
api.rlcdn.com
id.rlcdn.com
61 KB
4 omtrdc.net
mcclatchy.tt.omtrdc.net
mcclatchy.sc.omtrdc.net
mboxedge37.tt.omtrdc.net
4 KB
3 taboola.com
trc.taboola.com
match.taboola.com
710 B
3 w55c.net
pm.w55c.net
2 KB
3 dotomi.com
amazon-tam-match.dotomi.com
casale-match.dotomi.com
pubmatic-match.dotomi.com
284 B
3 googletagservices.com
www.googletagservices.com
99 KB
3 adform.net
c1.adform.net
1 KB
3 zeotap.com
mwzeom.zeotap.com
spl.zeotap.com
1 KB
3 openx.net
mcclatchy-d.openx.net
us-u.openx.net
924 B
3 scorecardresearch.com
sb.scorecardresearch.com
2 KB
3 quantserve.com
edge.quantserve.com
pixel.quantserve.com
10 KB
3 google-analytics.com
www.google-analytics.com
19 KB
3 criteo.net
static.criteo.net
38 KB
3 sacbee.com
www.sacbee.com
286 KB
3 akamaihd.net
ds-aksb-a.akamaihd.net
ntvcld-a.akamaihd.net
7 KB
3 onetrust.com
geolocation.onetrust.com
970 B
2 addthis.com
x.dlx.addthis.com
1 KB
2 facebook.net
connect.facebook.net
93 KB
2 sitescout.com
pixel-sync.sitescout.com
947 B
2 tapad.com
pixel.tapad.com
616 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 erne.co
green.erne.co
624 B
2 contextweb.com
bh.contextweb.com
1 KB
2 spotxchange.com
sync.search.spotxchange.com
1 KB
2 moatads.com
z.moatads.com
s-jsonp.moatads.com
55 KB
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 simpli.fi
um.simpli.fi
1 KB
2 fiftyt.com
visitor.fiftyt.com
995 B
2 semasio.net
uipglob.semasio.net
1 KB
2 de17a.com
d5p.de17a.com
637 B
2 parsely.com
cdn.parsely.com
p1.parsely.com
24 KB
2 fastly.net
confiant-integrations.global.ssl.fastly.net
79 KB
2 cloudfront.net
d15kdpgjg3unno.cloudfront.net
dyv1bugovvq1g.cloudfront.net
13 KB
2 imrworldwide.com
secure-us.imrworldwide.com
905 B
2 crwdcntrl.net
ad.crwdcntrl.net
tags.crwdcntrl.net
13 KB
1 ipify.org
api.ipify.org
264 B
1 ipredictive.com
sync.ipredictive.com
522 B
1 gumgum.com
rtb.gumgum.com
337 B
1 playground.xyz
ads.playground.xyz
487 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 turn.com
ad.turn.com
518 B
1 onaudience.com
pixel.onaudience.com
400 B
1 adgrx.com
cm.adgrx.com
408 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 smartadserver.com
rtb-csync.smartadserver.com
775 B
1 rfihub.com
p.rfihub.com
773 B
1 smaato.net
s.ad.smaato.net
562 B
1 2mdn.net
s0.2mdn.net
17 KB
1 amazonaws.com
sqs.us-east-1.amazonaws.com
658 B
1 google.de
www.google.de
107 B
1 quantcount.com
rules.quantcount.com
1 KB
1 ntv.io
s.ntv.io
102 KB
1 indexww.com
js-sec.indexww.com
26 KB
1 publishersite.xyz
analytics-check.publishersite.xyz
392 B
1 mcclatchy-wires.com
www.mcclatchy-wires.com
29 KB
1 macon.com
www.macon.com
53 KB
1 zeustechnology.com
mcclatchy-ledger-enquirer.zeustechnology.com
54 KB
349 86
Domain Requested by
33 www.ledger-enquirer.com www.ledger-enquirer.com
14 simage2.pubmatic.com 1 redirects ads.pubmatic.com
image6.pubmatic.com
14 fundingchoicesmessages.google.com www.ledger-enquirer.com
12 track.celtra.com www.ledger-enquirer.com
12 cm.g.doubleclick.net 9 redirects www.ledger-enquirer.com
aax-eu.amazon-adsystem.com
9 image2.pubmatic.com image6.pubmatic.com
ads.pubmatic.com
www.ledger-enquirer.com
9 manifest.prod.boltdns.net www.ledger-enquirer.com
9 sync-tm.everesttech.net 9 redirects
9 www.google.com www.ledger-enquirer.com
www.gstatic.com
www.google.com
8 x.bidswitch.net 8 redirects
8 www.gstatic.com www.google.com
www.gstatic.com
7 pagead2.googlesyndication.com srcdoc
securepubads.g.doubleclick.net
tpc.googlesyndication.com
7 dsum-sec.casalemedia.com 2 redirects www.ledger-enquirer.com
ssum-sec.casalemedia.com
7 aax-eu.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
ssum-sec.casalemedia.com
ads.pubmatic.com
7 securepubads.g.doubleclick.net mcclatchy-ledger-enquirer.zeustechnology.com
securepubads.g.doubleclick.net
www.ledger-enquirer.com
www.googletagservices.com
7 fonts.gstatic.com fonts.googleapis.com
www.google.com
7 cdn.cookielaw.org www.ledger-enquirer.com
cdn.cookielaw.org
7 media.ledger-enquirer.com www.ledger-enquirer.com
media.ledger-enquirer.com
6 i.liadm.com 3 redirects b-code.liadm.com
i.liadm.com
6 tpc.googlesyndication.com 1 redirects securepubads.g.doubleclick.net
www.ledger-enquirer.com
tpc.googlesyndication.com
6 match.adsrvr.org 3 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
aax-eu.amazon-adsystem.com
6 jadserve.postrelease.com s.ntv.io
www.ledger-enquirer.com
6 edge.api.brightcove.com www.ledger-enquirer.com
6 dpm.demdex.net 2 redirects media.ledger-enquirer.com
www.ledger-enquirer.com
6 pubads.g.doubleclick.net www.ledger-enquirer.com
media.ledger-enquirer.com
imasdk.googleapis.com
6 media.mcclatchy.com www.ledger-enquirer.com
media.mcclatchy.com
5 match.prod.bidr.io 5 redirects
5 ads.pubmatic.com mcclatchy-ledger-enquirer.zeustechnology.com
ads.pubmatic.com
aax-eu.amazon-adsystem.com
4 token.rubiconproject.com 4 redirects
4 www.facebook.com www.ledger-enquirer.com
4 cache-ssl.celtra.com ads.celtra.com
www.ledger-enquirer.com
4 pixel.rubiconproject.com www.ledger-enquirer.com
aax-eu.amazon-adsystem.com
4 sync.mathtag.com 4 redirects
4 ib.adnxs.com 2 redirects mcclatchy-ledger-enquirer.zeustechnology.com
www.ledger-enquirer.com
4 www.i.matheranalytics.com www.ledger-enquirer.com
4 imasdk.googleapis.com www.ledger-enquirer.com
imasdk.googleapis.com
4 ovp.iris.tv www.ledger-enquirer.com
ovp.iris.tv
3 i6.liadm.com i.liadm.com
3 pm.w55c.net 3 redirects
3 www.googletagservices.com www.ledger-enquirer.com
securepubads.g.doubleclick.net
3 cf-images.us-east-1.prod.boltdns.net www.ledger-enquirer.com
3 c1.adform.net 2 redirects image6.pubmatic.com
3 context.iris.tv ovp.iris.tv
3 sb.scorecardresearch.com 1 redirects www.ledger-enquirer.com
3 c.amazon-adsystem.com www.ledger-enquirer.com
c.amazon-adsystem.com
3 www.google-analytics.com media.ledger-enquirer.com
www.google-analytics.com
3 static.criteo.net mcclatchy-ledger-enquirer.zeustechnology.com
www.ledger-enquirer.com
3 www.sacbee.com www.ledger-enquirer.com
3 geolocation.onetrust.com cdn.cookielaw.org
www.ledger-enquirer.com
2 x.dlx.addthis.com 1 redirects i.liadm.com
2 b-code.liadm.com www.ledger-enquirer.com
b-code.liadm.com
2 connect.facebook.net www.ledger-enquirer.com
connect.facebook.net
2 pixel-sync.sitescout.com 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
2 image4.pubmatic.com ads.pubmatic.com
2 pixel.tapad.com 1 redirects image6.pubmatic.com
2 trc.taboola.com 1 redirects i.liadm.com
2 green.erne.co 2 redirects
2 bh.contextweb.com 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 eus.rubiconproject.com aax-eu.amazon-adsystem.com
eus.rubiconproject.com
2 ssum-sec.casalemedia.com aax-eu.amazon-adsystem.com
ssum-sec.casalemedia.com
2 sync.search.spotxchange.com 1 redirects www.ledger-enquirer.com
2 rtb.mfadsrvr.com 2 redirects
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 visitor.fiftyt.com 2 redirects
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 mwzeom.zeotap.com ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 image6.pubmatic.com ads.pubmatic.com
2 mcclatchy-d.openx.net 1 redirects www.ledger-enquirer.com
2 bidder.criteo.com static.criteo.net
2 pixel.quantserve.com 1 redirects www.ledger-enquirer.com
2 confiant-integrations.global.ssl.fastly.net www.ledger-enquirer.com
confiant-integrations.global.ssl.fastly.net
2 secure-us.imrworldwide.com 1 redirects www.ledger-enquirer.com
2 js.matheranalytics.com 1 redirects www.ledger-enquirer.com
2 mcclatchy.sc.omtrdc.net media.ledger-enquirer.com
2 ds-aksb-a.akamaihd.net www.ledger-enquirer.com
2 contributor.google.com www.ledger-enquirer.com
1 csi.gstatic.com pagead2.googlesyndication.com
1 rp4.liadm.com
1 rp.liadm.com 1 redirects
1 gum.criteo.com static.criteo.net
1 api.ipify.org www.ledger-enquirer.com
1 ads.yahoo.com aax-eu.amazon-adsystem.com
1 id.rlcdn.com aax-eu.amazon-adsystem.com
1 sync.ipredictive.com 1 redirects
1 rtb.gumgum.com 1 redirects
1 secure.adnxs.com 1 redirects
1 ads.playground.xyz 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 match.adsby.bidtheatre.com 1 redirects
1 ad.turn.com 1 redirects
1 spl.zeotap.com 1 redirects
1 pixel.onaudience.com 1 redirects
1 match.taboola.com image6.pubmatic.com
1 s.tribalfusion.com image6.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 cm.adgrx.com image6.pubmatic.com
1 dsp.adfarm1.adition.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 pixel-eu.rubiconproject.com 1 redirects
1 p.rfihub.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 s.amazon-adsystem.com ssum-sec.casalemedia.com
1 amazon-tam-match.dotomi.com aax-eu.amazon-adsystem.com
1 s.ad.smaato.net 1 redirects
1 s-jsonp.moatads.com www.ledger-enquirer.com
1 us-u.openx.net www.ledger-enquirer.com
1 ads.celtra.com www.ledger-enquirer.com
1 c1f31c4f12c0eaaad54eb18038e2b798.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 ntvcld-a.akamaihd.net www.ledger-enquirer.com
1 z.moatads.com s.ntv.io
1 adservice.google.com imasdk.googleapis.com
1 s0.2mdn.net imasdk.googleapis.com
1 aud.pubmatic.com ads.pubmatic.com
1 dis.criteo.com image6.pubmatic.com
1 api.rlcdn.com js-sec.indexww.com
1 p1.parsely.com www.ledger-enquirer.com
1 fastlane.rubiconproject.com mcclatchy-ledger-enquirer.zeustechnology.com
1 hbopenbid.pubmatic.com mcclatchy-ledger-enquirer.zeustechnology.com
1 geo.rlcdn.com ats.rlcdn.com
1 sqs.us-east-1.amazonaws.com d15kdpgjg3unno.cloudfront.net
1 www.google.de www.ledger-enquirer.com
1 lasteventf-tm.everesttech.net media.ledger-enquirer.com
1 stats.g.doubleclick.net www.google-analytics.com
1 cdn.parsely.com www.ledger-enquirer.com
1 rules.quantcount.com edge.quantserve.com
1 tags.crwdcntrl.net www.ledger-enquirer.com
1 mboxedge37.tt.omtrdc.net www.ledger-enquirer.com
1 dyv1bugovvq1g.cloudfront.net www.ledger-enquirer.com
1 d15kdpgjg3unno.cloudfront.net www.ledger-enquirer.com
1 ats.rlcdn.com www.ledger-enquirer.com
1 s.ntv.io www.ledger-enquirer.com
1 edge.quantserve.com media.ledger-enquirer.com
1 js-sec.indexww.com mcclatchy-ledger-enquirer.zeustechnology.com
1 analytics-check.publishersite.xyz mcclatchy-ledger-enquirer.zeustechnology.com
1 www.mcclatchy-wires.com www.ledger-enquirer.com
1 www.macon.com www.ledger-enquirer.com
1 cm.everesttech.net 1 redirects
1 mcclatchy.demdex.net media.ledger-enquirer.com
1 ad.crwdcntrl.net www.ledger-enquirer.com
1 mcclatchy-ledger-enquirer.zeustechnology.com www.ledger-enquirer.com
1 mcclatchy.tt.omtrdc.net www.ledger-enquirer.com
1 fonts.googleapis.com www.ledger-enquirer.com
1 ledger-enquirer.com 1 redirects
349 148
Subject Issuer Validity Valid
www.mcclatchydc.com
DigiCert SHA2 Secure Server CA		 2021-02-11 -
2022-01-31		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2020-07-01 -
2021-07-01		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
iris.tv
Amazon		 2020-10-10 -
2021-11-10		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.tt.omtrdc.net
DigiCert SHA2 Secure Server CA		 2020-11-02 -
2021-11-09		 a year crt.sh
*.zeustechnology.com
Amazon		 2020-06-13 -
2021-07-13		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2019-06-13 -
2021-06-28		 2 years crt.sh
*.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2021-02-12 -
2022-02-11		 a year crt.sh
a248.e.akamai.net
DigiCert Secure Site ECC CA-1		 2020-07-15 -
2021-09-13		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.sc.omtrdc.net
DigiCert SHA2 High Assurance Server CA		 2020-10-29 -
2021-11-29		 a year crt.sh
publishersite.xyz
Amazon		 2021-02-03 -
2022-03-04		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-01-30 -
2021-04-28		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2020-03-02 -
2021-04-01		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2020-02-26 -
2021-05-27		 a year crt.sh
js.matheranalytics.com
Sectigo RSA Domain Validation Secure Server CA		 2019-04-04 -
2021-04-03		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-28 -
2022-02-01		 a year crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA		 2021-01-25 -
2022-02-01		 a year crt.sh
ats.rlcdn.com
GTS CA 1D2		 2021-03-10 -
2021-06-08		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2021-02-22 -
2022-02-21		 a year crt.sh
*.freetls.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-04-21 -
2021-04-22		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2020-08-04 -
2021-08-02		 a year crt.sh
*.api.brightcove.com
Amazon		 2020-10-08 -
2021-11-07		 a year crt.sh
*.parsely.com
Amazon		 2020-08-02 -
2021-09-02		 a year crt.sh
*.postrelease.com
Amazon		 2021-01-28 -
2022-02-26		 a year crt.sh
sb.scorecardresearch.com
DigiCert Secure Site ECC CA-1		 2020-07-17 -
2021-06-02		 a year crt.sh
h2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-03-11 -
2021-04-20		 a month crt.sh
www.google.de
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
www.i.matheranalytics.com
Sectigo RSA Domain Validation Secure Server CA		 2020-01-28 -
2022-01-27		 2 years crt.sh
queue.amazonaws.com
Amazon		 2020-12-04 -
2021-12-03		 a year crt.sh
geo.rlcdn.com
GTS CA 1D2		 2021-02-23 -
2021-05-24		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-01-30 -
2021-04-28		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2020-06-15 -
2021-06-15		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh
brightcove.com
GlobalSign CloudSSL CA - SHA256 - G3		 2020-09-28 -
2021-04-20		 7 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-05 -
2021-08-05		 a year crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-09 -
2022-04-10		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.prod.boltdns.net
Amazon		 2020-12-08 -
2022-01-06		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-01-21 -
2022-01-25		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
celtra.com
Amazon		 2021-03-11 -
2022-04-09		 a year crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2019-03-20 -
2021-04-21		 2 years crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-02-10 -
2021-05-10		 3 months crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA		 2020-10-05 -
2021-11-06		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-10-30 -
2021-04-27		 6 months crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-02-28 -
2021-04-13		 a month crt.sh
*.ipify.org
Sectigo RSA Domain Validation Secure Server CA		 2021-01-19 -
2022-02-19		 a year crt.sh
b-code.liadm.com
DigiCert Secure Site ECC CA-1		 2020-06-23 -
2021-09-22		 a year crt.sh
*.liadm.com
Amazon		 2021-03-02 -
2022-03-31		 a year crt.sh
odc-prod-01.oracle.com
DigiCert Secure Site ECC CA-1		 2020-10-15 -
2021-04-09		 6 months crt.sh

This page contains 41 frames:

Primary Page: https://www.ledger-enquirer.com/
Frame ID: 7368312766CB3C7D517910FCF5443F7C
Requests: 207 HTTP requests in this frame

Frame: https://mcclatchy.demdex.net/dest5.html?d_nsid=0
Frame ID: 0BF60005C80773AB8E9367D6CD1AAEE3
Requests: 10 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCJGUUAAAAADAmkD2iQN_k8a6FCpgo2VBei6su&co=aHR0cHM6Ly93d3cubGVkZ2VyLWVucXVpcmVyLmNvbTo0NDM.&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=invisible&badge=inline&cb=5db33x9b3f07
Frame ID: 69C6A1EB9C488B487F12CF2C556A5DAF
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 284C1255A77BDE3682DEE868B3555B0F
Requests: 15 HTTP requests in this frame

Frame: https://sb.scorecardresearch.com/beacon.js
Frame ID: 3688C57A33B03EB7E21249AF15BF440E
Requests: 2 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_pm-db5_rbd_cnv&dcc=t
Frame ID: BD84B09C8C2EC8D9272C481174593729
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: F18CD2FAC0748345CA4BC23A05C0F473
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5253690073884644860
Frame ID: C528E5838B607E5D48C3B9419A78D5D7
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html
Frame ID: D856FC3B383D2E2959B15BA006F59E1B
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html
Frame ID: 0DDDD81CA549FBB6E1112A626D4D04C5
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html
Frame ID: 5BAD415F33EEBC0193979D453E80D92A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&k=6LcCJGUUAAAAADAmkD2iQN_k8a6FCpgo2VBei6su&cb=pwi4xoikda38
Frame ID: EED72D0EEB7B6B86E6D42285F6D715BC
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: C454383886601D147CA0F92D24F050E2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 82D17B89B6549CA327A451AFB8B2595F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 1C057EDD67AF3592C6C47C853347DC55
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsucbVSSXUcIx1ydqmlW0dqxH_iLJPkQYT-gP24ppc-KGvbsfYpSpUMlpAip42P_gqKUv3LCbPfuAatAe_fN7r1kg8mlDzMMIPICVVDtjMc3N_fNJYYsNYxhpU1Jf4Z6YVyYuZ8ETJ8xJVzRA3ZNwzueHxQmJiK4ibANXNTbyALlyq6XJWAZ6PiTTHg7Rd-zlIZd8nCnIbTie4Rn1g-xLdHmAjHucUCt_2t5g1ufkBcxOS08aQwMkELtwmxAvy789s07IQOchqVGbbfJtbl_Dc_KMvnV0knEK7fAsFu0Gnj7K3xssxjVNFNEh0SIbej--MgpJwI9lBZsAp-S-FhVdw&sig=Cg0ArKJSzLruytGrQEHYEAE&urlfix=1&adurl=
Frame ID: 7D527FED7592E4DBA45ECCE55269D90A
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZIpvjV2J4KYRk2tx28l2doCYs6wlrOtflyvLdvrKPowYy92Q5o94fdVf0SPeU9pVgTgBFx6E6JHL5naDHuYoxvyc7xAdnuPF38i2Ntks0MPB8dQpwLakbM1RjCeck3uw9XfmK0N90sdwWslHFNauOQu2CfprxSJBkBuHIY8AQnZmE_IYCYJ8L2jaWBga_FKXEfBy4HNIwDSGvJ4WMC3e-QNAqJUn_qeLZ_OeAZoC1Vgnoloxi3ZlRYpjZ3VxCnQfJioNq7sawHnLYAwQ5fblJsj--B873wEHvPoQIkVFdseebc2OK5cFfvtT9CbaG-p9QqWEr9vpNi108jqARVngAfAYMoZJ1q41moRDU&sig=Cg0ArKJSzCO7Ca4zlBdDEAE&urlfix=1&adurl=
Frame ID: FBFA1108155B4E03A31CB8F222DA6B79
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/simgad/14221371079760943072
Frame ID: 34AA70E302375540F8330703C686AE73
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_cnv_pm-db5_rbd&fv=1.0&a=cm&cm3ppd=1
Frame ID: 930A3DD6F5443B4684FE2A89718AEBCD
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Frame ID: 89B6CA55AE35F90003E8C65C52729220
Requests: 10 HTTP requests in this frame

Frame: https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
Frame ID: 7645CD6938D0542887784C1CC244ECA2
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Frame ID: 7D2E83AE6A9116DC5AD20A686451E063
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Frame ID: D8F181CF209BFB7DDE044ADD92A64B99
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 7AA8522E219E0696EEF5654F70D40CC6
Requests: 16 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=689FC59C-276B-4C0B-B3E6-90C744AEB308
Frame ID: CC46D6E2027C6C8823BED7942D6BC587
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADdb07ApP4AAA_Yc7WdLw
Frame ID: DFA08AF374E0C16856032463EBE7D304
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6940749781214230679
Frame ID: 5B212671BBDFE7A7F3FF6B7FD1176FDE
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: C2360DA9467079B15044BC675F6BC265
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=62Bl2lozPbzrMxqeVmo9WfRV
Frame ID: F800C3A6B0A1E2032317A58159A4F0EE
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 4EA6535281BBA83142898DB39752A970
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=1g6iWYIu9Mpi&pid=557219
Frame ID: 4399F82B347157127254A8E8535B60C1
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7b95bb3c-e43d-4f0a-94c6-ec33cc34fb4c-tuct74c04a7&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 2BAAD78D776723AD0156FD205BD9E8F4
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Frame ID: FBC10DE2E5B580A4AC1049833C33D870
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:8EUGhizF1LmEqq5&gdpr=0&gdpr_consent=
Frame ID: 299BBFB933090A8A77C52595194CFDA5
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=689FC59C-276B-4C0B-B3E6-90C744AEB308&ex=pubmatic.com
Frame ID: 102C5954EA6E491A030AB8E1021EA216
Requests: 1 HTTP requests in this frame

Frame: https://cache-ssl.celtra.com/api/blobs/ef2fae2101af819b46d3cc814bccd00718ab661d0be616434c3e9b9d2a9e19d9/CLB_LIFEPOINT_HEALTH_RBBIP_210212_1920x600.jpg?transform=crush&quality=85
Frame ID: 997EB6F9B9CDB3D4CB52C43BA7024800
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.ledger-enquirer.com
Frame ID: A08B7FE15DDB17F90DD5D651FFFDF630
Requests: 1 HTTP requests in this frame

Frame: https://connect.facebook.net/en_US/fbevents.js
Frame ID: 82208D73596570077D3FBFF2E36AC84D
Requests: 5 HTTP requests in this frame

Frame: https://b-code.liadm.com/a-01dw.min.js
Frame ID: 76BDB85EF7C319CC5B306C4AA68A4AC2
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 7C407F242DD22EB608AE21DAB60F7553
Requests: 2 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-01dw?s=&cim=&ps=true&ls=false&duid=273ed2852f88--01f1141db72jxqfswq6d4pxjjs&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Frame ID: 518F284F2B794CAB6BDA7D4752412D53
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://ledger-enquirer.com/ HTTP 301
    https://www.ledger-enquirer.com/ Page URL

Page Statistics

349
Requests

98 %
HTTPS

34 %
IPv6

86
Domains

148
Subdomains

106
IPs

9
Countries

6360 kB
Transfer

13005 kB
Size

89
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ledger-enquirer.com/ HTTP 301
    https://www.ledger-enquirer.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50
  • https://cm.everesttech.net/cm/dd?d_uuid=58913308628517029240233165826265906734 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YFJ-IgAAAJgHLxNg
Request Chain 69
  • https://js.matheranalytics.com/s/ma12095/74930901/sp.js?cb=1559 HTTP 301
  • https://js.matheranalytics.com/static/2_2_18-e/sp.br.js
Request Chain 73
  • https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.ledger-enquirer.com/&rp=&ts=compact&rnd=1616019234508 HTTP 302
  • https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.ledger-enquirer.com/&rp=&ts=compact&rnd=1616019234508&ja=1
Request Chain 122
  • https://mcclatchy-d.openx.net/w/1.0/arj?auid=541284220,541284239&aus=970x250,728x90,960x30,970x90|300x250,300x600&bc=hb_dyn_wapo&be=1&ch=UTF-8&ju=https%3A%2F%2Fwww.ledger-enquirer.com%2F&res=1600x1200x24&tz=-60&nocache=1616019235126&us_privacy=1--- HTTP 302
  • https://mcclatchy-d.openx.net/w/1.0/arj?cc=1&auid=541284220,541284239&aus=970x250,728x90,960x30,970x90|300x250,300x600&bc=hb_dyn_wapo&be=1&ch=UTF-8&ju=https%3A%2F%2Fwww.ledger-enquirer.com%2F&res=1600x1200x24&tz=-60&nocache=1616019235126&us_privacy=1---
Request Chain 148
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NTg5MTMzMDg2Mjg1MTcwMjkyNDAyMzMxNjU4MjYyNjU5MDY3MzQ= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEF7jyqQ18qjn78KuqmT9T44&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 151
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035363&ns__t=1616019235786&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Southeast%20Breaking%20News%2C%20Sports%20%26%20Crime%20%7C%20Columbus%20Ledger-Enquirer&c7=https%3A%2F%2Fwww.ledger-enquirer.com%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035363&ns__t=1616019235786&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Southeast%20Breaking%20News%2C%20Sports%20%26%20Crime%20%7C%20Columbus%20Ledger-Enquirer&c7=https%3A%2F%2Fwww.ledger-enquirer.com%2F&c9=&cs_ak_ss=1
Request Chain 152
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_pm-db5_rbd_cnv HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_pm-db5_rbd_cnv&dcc=t
Request Chain 156
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUZKLUlnQUFBSmdITHhOZw==
Request Chain 160
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5253690073884644860
Request Chain 161
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aJ_FnCdrTAuz5pDHRK6zCA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 163
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=689FC59C-276B-4C0B-B3E6-90C744AEB308&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=689FC59C-276B-4C0B-B3E6-90C744AEB308&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 164
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=689FC59C-276B-4C0B-B3E6-90C744AEB308&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=689FC59C-276B-4C0B-B3E6-90C744AEB308&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=689FC59C-276B-4C0B-B3E6-90C744AEB308&addseg=31
Request Chain 165
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Njg5RkM1OUMtMjc2Qi00QzBCLUIzRTYtOTBDNzQ0QUVCMzA4&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 166
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENmsecBKMN-CdG_6wzzCVnA&google_cver=1
Request Chain 168
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=bff16d09-675f-4d13-9410-60a283c92efa
Request Chain 169
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2041863045849423668
Request Chain 170
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:6d9f6052-7f24-4e00-b8f6-6a5f28858dc1&gdpr=0&gdpr_consent=
Request Chain 171
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3228286691239197805&gdpr=0&gdpr_consent=
Request Chain 172
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=28abe8fd-f470-49bd-8bb1-830bf588812b HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=28abe8fd-f470-49bd-8bb1-830bf588812b HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=25035ae6-db5e-4705-93c2-c0fe45cd2966&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=28abe8fd-f470-49bd-8bb1-830bf588812b&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 186
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YFJ-IgAAAJgHLxNg&expires=90
Request Chain 200
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YFJ-IgAAAJgHLxNg HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YFJ-IgAAAJgHLxNg&C=1
Request Chain 206
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=YFJ-IgAAAJgHLxNg
Request Chain 213
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDnq7jUeBABGAEoATIIRCa0hO01vLpA1fzu7AU HTTP 301
  • https://tpc.googlesyndication.com/simgad/14221371079760943072
Request Chain 218
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YFJ-IgAAAJgHLxNg
Request Chain 225
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFJ-IgAAAJgHLxNg
Request Chain 234
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YFJ-IgAAAJgHLxNg&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YFJ-IgAAAJgHLxNg&img=1&__user_check__=1&sync_id=11a3b004-876e-11eb-b15b-18c6427b1106
Request Chain 235
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com/s%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=bd132a01707629a9cef9
Request Chain 242
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YFJ-IgAAAJgHLxNg&t=2592000&o=0
Request Chain 264
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YFJ-JEQm5rKawX1neXn8BgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENYFsTbtHropzNkZkG_HE_4&google_cver=1
Request Chain 266
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YFJ_JEQm5rKawX1neXn8BgAABKMAAAAB HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEELdMTAXvnzAb8UmTEVq6ZY&google_cver=1
Request Chain 267
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=23881033384C414C9BC58217D5C674DC
Request Chain 268
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1616105638
Request Chain 269
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871878968497816051
Request Chain 270
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=8EUGhizF1LmEqq5
Request Chain 276
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu&us_privacy=1--- HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=KME04MBK-C-A1JL&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Request Chain 278
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEZGIwN0FwUDRBQUFfWWM3V2RMdw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADdb07ApP4AAA_Yc7WdLw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AADdb07ApP4AAA_Yc7WdLw&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADdb07ApP4AAA_Yc7WdLw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=8812183928366814656 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADdb07ApP4AAA_Yc7WdLw
Request Chain 279
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6940749781214230679
Request Chain 281
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=62Bl2lozPbzrMxqeVmo9WfRV
Request Chain 282
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 283
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=1g6iWYIu9Mpi&pid=557219
Request Chain 284
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7b95bb3c-e43d-4f0a-94c6-ec33cc34fb4c-tuct74c04a7&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 285
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Request Chain 286
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:8EUGhizF1LmEqq5&gdpr=0&gdpr_consent=
Request Chain 288
  • https://pixel.onaudience.com/?partner=214&mapped=689FC59C-276B-4C0B-B3E6-90C744AEB308 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=f49e25073dfb138d HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=a33ca8da-5ab0-4b85-644a-bf7191bc8595&reqId=d38dec9b-2022-4729-6e40-d7fbf1fb30ae&zcluid=f49e25073dfb138d&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEAKsZQHA2t5N0VHlj5POaG0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=a33ca8da-5ab0-4b85-644a-bf7191bc8595&reqId=d38dec9b-2022-4729-6e40-d7fbf1fb30ae&zcluid=f49e25073dfb138d&zdid=1332
Request Chain 289
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=6d9f6052-7f24-4e00-b8f6-6a5f28858dc1
Request Chain 291
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=689FC59C-276B-4C0B-B3E6-90C744AEB308&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=689FC59C-276B-4C0B-B3E6-90C744AEB308&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-DeTm_mNE2uUGgHX3yXi2dVva.lf_lgc-~A&gdpr=0&gdpr_consent=
Request Chain 292
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=YYkQomDfF6N6iUeiZdsIo2HfEqd6iRPyNo1fdhQ_
Request Chain 293
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFJ-IgAAAJgHLxNg&gdpr=0&gdpr_consent=
Request Chain 294
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3470211263641356968&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 295
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:9e188e22-3f6f-4bf5-b845-fe4c590c85ed&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 296
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=47a8e636-30ec-4fad-a1ca-cb90e10d14fe-60527f27-4348&gdpr=0&gdpr_consent=
Request Chain 298
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3228286691239197805
Request Chain 299
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_dbcbf815-085c-4167-b533-29f537535061
Request Chain 300
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=12c42a1a-876e-11eb-b8c7-cd417d5d858f&gdpr=0&gdpr_consent=
Request Chain 303
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/EEBZwC8elehUaVAmYBC5vg?csrc=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2685027064798528512
Request Chain 304
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=6d9f6052-7f24-4e00-b8f6-6a5f28858dc1
Request Chain 305
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTY5YTBmMzE4NmEzOWQ1ZjA0OTNkNTg3OThmZDUyMTQyYTI3NTI0YQ&us_privacy=1---
Request Chain 306
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJF6JeeuWLQaoRy9fcAN9nc&google_cver=1
Request Chain 307
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01FMDRNQkstQy1BMUpM&us_privacy=1---
Request Chain 308
  • https://token.rubiconproject.com/token?pid=26594&us_privacy=1--- HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KME04MBK-C-A1JL&sigv=1&esig=2~56aa1722533636b7b49c65730da32c097ff95f13&us_privacy=1---
Request Chain 332
  • https://rp.liadm.com/j?tna=v2.0.1&aid=a-01dw&wpn=lc-bundle&us_privacy=1---&pu=https%3A%2F%2Fwww.ledger-enquirer.com%2F&duid=273ed2852f88--01f1141db72jxqfswq6d4pxjjs&se=e30&dtstmp=1616019240405 HTTP 302
  • https://rp4.liadm.com/j?tna=v2.0.1&aid=a-01dw&wpn=lc-bundle&us_privacy=1---&pu=https%3A%2F%2Fwww.ledger-enquirer.com%2F&duid=273ed2852f88--01f1141db72jxqfswq6d4pxjjs&se=e30&dtstmp=1616019240405&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true
Request Chain 338
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https://i.liadm.com/s/e/a-01dw/0/78af01c349b74c0d86c00a72a491d517?mpid%3D7156%26muid%3D%5BMM_UUID%5D&c10fa3f3-4b0d-4d92-9f9a-7f2883e4a591&us_privacy=1--- HTTP 302
  • https://i.liadm.com/s/e/a-01dw/0/78af01c349b74c0d86c00a72a491d517?mpid=7156&muid=de246052-7f29-4300-a591-5353c59420d7
Request Chain 339
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&us_privacy=1--- HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=liveintent&ttd_tpi=1&us_privacy=1--- HTTP 302
  • https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=f7229e78-4c27-4f13-b80c-b981cd731352 HTTP 303
  • https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=f7229e78-4c27-4f13-b80c-b981cd731352
Request Chain 340
  • https://dpm.demdex.net/ibs:dpid=127444&dpuuid=c10fa3f3-4b0d-4d92-9f9a-7f2883e4a591&redir=https://i.liadm.com/s/e/a-01dw/0/78af01c349b74c0d86c00a72a491d517%3Fmpid=82775&muid=$%7BDD_UUID%7D?us_privacy=1--- HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=c10fa3f3-4b0d-4d92-9f9a-7f2883e4a591&redir=https://i.liadm.com/s/e/a-01dw/0/78af01c349b74c0d86c00a72a491d517%3Fmpid=82775&muid=$%7BDD_UUID%7D HTTP 302
  • https://i.liadm.com/s/e/a-01dw/0/78af01c349b74c0d86c00a72a491d517?mpid=82775
Request Chain 341
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=c10fa3f3-4b0d-4d92-9f9a-7f2883e4a591&us_privacy=1--- HTTP 302
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=c10fa3f3-4b0d-4d92-9f9a-7f2883e4a591&us_privacy=1---&rd=Y
Request Chain 342
  • https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=c10fa3f3-4b0d-4d92-9f9a-7f2883e4a591&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=c10fa3f3-4b0d-4d92-9f9a-7f2883e4a591&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D&us_privacy=1--- HTTP 302
  • https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=2d276907-8a1d-4c24-b805-35065ce15f37 HTTP 303
  • https://i6.liadm.com/s/52176?bidder_id=5298&bidder_uuid=2d276907-8a1d-4c24-b805-35065ce15f37
Request Chain 343
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=c10fa3f3-4b0d-4d92-9f9a-7f2883e4a591&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=liveintent&user_id=c10fa3f3-4b0d-4d92-9f9a-7f2883e4a591&us_privacy=1--- HTTP 302
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=liveintent&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=LbSAKIMagOSEcIUOqbTtWfRW&ssp=liveintent HTTP 302
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=2d276907-8a1d-4c24-b805-35065ce15f37 HTTP 303
  • https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=2d276907-8a1d-4c24-b805-35065ce15f37

349 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.ledger-enquirer.com/
Redirect Chain
  • http://ledger-enquirer.com/
  • https://www.ledger-enquirer.com/
161 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
054f67d705b48b8aed8020fb0845f55dc65c7d7c83e1e1ff194938544fb93893

Request headers

:method
GET
:authority
www.ledger-enquirer.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy-forwarding-type
BlackList
mi-api
WPS
content-type
text/html;charset=utf-8
surrogate-control
varnish=ESI/2.1
x-varnish
291213932, 72516690 73466251
last-modified
Wed, 17 Mar 2021 22:11:33 GMT
etag
W/"27e0d-iBLniEItu4NpTRsMQflBZulag7s"
content-encoding
gzip
x-mi-in-market
0
server
MI
mi-cache-age
139
vary
Accept-Encoding
mi-cache
HIT
x-akamai-transformed
9 26397 0 pmb=mTOE,4mRUM,1
expires
Wed, 17 Mar 2021 22:13:53 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Wed, 17 Mar 2021 22:13:53 GMT
content-length
27099
set-cookie
ak_bmsc=5047FFBF589FCE6C584CF203811FDD1502148F94A0320000217F5260842FA208~plpt3B4AfwshrlYtuXXZd3d7YbmZwdRsskfByj909BV0qlpT8DfR3m4ZWNO08b+sr6+QOPQTzGf5v51bNZ/0R3Obk3AaDPkCdMOe6D4Lm1yUP8D9qbN7na6m+Iylyu5H3O4FszY1v/KEnwibQas2MAxprVnIGSkTFVhjiCeq8y6cK+3dnY4ciwPjKkEYaCY1yqrnNQGGNoFo4qlIyifQ4O+25EwQcHre8RUe2YxIHyySS4Qzj0wx/xvdSCBXWSjq4K; expires=Thu, 18 Mar 2021 00:13:53 GMT; max-age=7200; path=/; domain=.ledger-enquirer.com; HttpOnly bm_mi=224B95335A863A212B49FC72A6248C97~sqfiIOdLlJDnTPHnZ/E2F9gTdLFGaf1ZpUfGnxqgR3uUgEPIJpJHCX8g4vyNgu9Fsii5Gr4nUOfrR4TE+BI3P4YA0Dylq+2Q1pP0QbOJiTFyeHDFq0TW/vATfMQOOhtpaqXXBmKcQps6EX+Of7r5njB/Szp2LssaJcOfyk84S3uH3NuFO/r6Bl2j0X1d7sNGrvebQhXQNAuw+yf7mgQlqTGQPl0U/UBHFtSgjLa9AZI=; Domain=.ledger-enquirer.com; Path=/; Max-Age=0; HttpOnly
access-control-max-age
86400
access-control-allow-credentials
false
access-control-allow-headers
*
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*

Redirect headers

Date
Wed, 17 Mar 2021 22:13:52 GMT
Server
Apache
Location
https://www.ledger-enquirer.com/
Content-Length
240
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
core.js
www.ledger-enquirer.com/static/yozons-lib/ 		66 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ledger-enquirer.com/static/yozons-lib/core.js
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
ce7c00b6a5c6bf81240646aaa03a788764b3ff0c70262591319ce5aca1c91c77

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:53 GMT
content-encoding
gzip
vary
Accept-Encoding
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
65
content-length
20496
last-modified
Wed, 17 Mar 2021 15:16:36 GMT
server
MI
etag
W/"1094c-5bdbcf802fd00"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
122226313, 35460965 37130034
access-control-allow-origin
*
cache-control
max-age=109
access-control-allow-credentials
false
mi-cache
HIT
content-type
application/javascript
access-control-allow-headers
*
ledger-enquirer.js
media.ledger-enquirer.com/misites/led/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.ledger-enquirer.com/misites/led/ledger-enquirer.js
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4d3b150a6ceec46b8a06fa45b56028375f46b384bf5bb2db2199d522bdd23387

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:53 GMT
content-encoding
gzip
last-modified
Sun, 29 Apr 2018 21:38:27 GMT
server
Apache
etag
"a18-56b038eb73ac0"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
1099
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d98430b79bd481c608eb50058778fc3a919b996494f209c1546d11280d7bc14f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 17 Mar 2021 22:13:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
8g79L9PKY/vudZazgfW0YA==
age
5774
vary
Accept-Encoding
content-length
5578
cf-request-id
08e3d9b1fe00004a68a71e1000000001
x-ms-lease-status
unlocked
last-modified
Tue, 16 Mar 2021 01:59:40 GMT
server
cloudflare
etag
0x8D8E81F2906DDF6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f058fc1d-901e-0118-7e0d-1ab326000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6319922ffb004a68-FRA
otCCPAiab.js
cdn.cookielaw.org/opt-out/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f11f2d65d3a1594a57625e5a9457a1beb87c6a0399172cab062d50263ae388b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 17 Mar 2021 22:13:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
YyyuJSQqC/IlFtjhtrYhpg==
age
6433
vary
Accept-Encoding
cf-request-id
08e3d9b1fe00004a688383c000000001
x-ms-lease-status
unlocked
last-modified
Wed, 03 Mar 2021 08:12:01 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
43f20523-e01e-007e-7e06-104729000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
6319922ffb014a68-FRA
vendor.bundle-ce1a13c0119f26716569.js
www.ledger-enquirer.com/wps/build/webpack/ 		396 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ledger-enquirer.com/wps/build/webpack/vendor.bundle-ce1a13c0119f26716569.js
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
a8c0554545df5557bfbae4b60e272d4c68b10876874942ae276e8a3f927f5dd0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:53 GMT
content-encoding
gzip
vary
Accept-Encoding
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
638
content-length
122735
last-modified
Tue, 02 Mar 2021 20:45:54 GMT
server
MI
x-proxy-forwarding-type
BlackList
etag
W/"631af-177f4b0a7d0"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
77352599, 300830202 300117932
access-control-allow-origin
*
cache-control
max-age=444510
access-control-allow-credentials
false
mi-cache
HIT
content-type
application/javascript;charset=UTF-8
access-control-allow-headers
*
mi-header.bundle-15539dde6db92a4565c1.js
www.ledger-enquirer.com/wps/build/webpack/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ledger-enquirer.com/wps/build/webpack/mi-header.bundle-15539dde6db92a4565c1.js
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
064c30793ed82df22ca484729935248a99d0ad3cefd8bcf46f23de8d0c0016d0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:53 GMT
content-encoding
gzip
vary
Accept-Encoding
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
53915
content-length
4394
last-modified
Tue, 02 Mar 2021 20:45:54 GMT
server
MI
x-proxy-forwarding-type
BlackList
etag
W/"3412-177f4b0a7d0"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
133981502, 519289346 506859556
access-control-allow-origin
*
cache-control
max-age=361078
access-control-allow-credentials
false
mi-cache
HIT
content-type
application/javascript;charset=UTF-8
access-control-allow-headers
*
css
fonts.googleapis.com/ 		9 KB
994 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3476c08cec250146dcdfd0cfbab2e721a7ca1fd5ba590e9075658a79b3b99524
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 17 Mar 2021 21:59:41 GMT
server
ESF
date
Wed, 17 Mar 2021 22:13:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 17 Mar 2021 22:13:53 GMT
mi-styles.8a5037c2d30c9fc2847d.css
www.ledger-enquirer.com/wps/build/webpack/css/ 		211 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ledger-enquirer.com/wps/build/webpack/css/mi-styles.8a5037c2d30c9fc2847d.css
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
74471d2c1b4f67e7d2d598b4941cc968ee248bf36c10921c25e5bcea805af6e8

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:53 GMT
content-encoding
gzip
vary
Accept-Encoding
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
664
content-length
44310
last-modified
Tue, 02 Mar 2021 20:46:04 GMT
server
MI
x-proxy-forwarding-type
BlackList
etag
W/"34b30-177f4b0cee0"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
56371950, 258065462 272865435
access-control-allow-origin
*
cache-control
max-age=442695
access-control-allow-credentials
false
mi-cache
HIT
content-type
text/css;charset=UTF-8
access-control-allow-headers
*
guid.js
www.ledger-enquirer.com/wps/source/scripts/libs/ 		1 KB
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ledger-enquirer.com/wps/source/scripts/libs/guid.js
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
ac53400c04ca28a29467c3b6cf8f0be2f9d4333a518574fba32cc239195117db

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:53 GMT
content-encoding
gzip
vary
Accept-Encoding
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
168251
content-length
547
last-modified
Tue, 02 Mar 2021 20:43:52 GMT
server
MI
x-proxy-forwarding-type
BlackList
etag
W/"505-177f4aecb40"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
111237284, 500510956 428969681
access-control-allow-origin
*
cache-control
max-age=399305
access-control-allow-credentials
false
mi-cache
HIT
content-type
application/javascript;charset=UTF-8
access-control-allow-headers
*
api.js
www.google.com/recaptcha/ 		850 B
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ebc6da23752a7ca423fc24f860eeffcd71f7491bf11471c5aa1a29815976d173
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
555
x-xss-protection
1; mode=block
expires
Wed, 17 Mar 2021 22:13:53 GMT
16915f57
www.ledger-enquirer.com/akam/11/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ledger-enquirer.com/akam/11/16915f57
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a051ea6c562895209e399e227b7cfd47e8aff908a79fe0e68c8160f8c10c4e9a

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:13:53 GMT
content-encoding
gzip
last-modified
Thu, 02 May 2019 20:07:11 GMT
etag
"3256ca96647aa33c215776682e88d83b9617533cb9cfb0b70945233e2fdd4be6"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
10422
expires
Wed, 17 Mar 2021 22:13:53 GMT
main.0516dd05.css
media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/main.0516dd05.css
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9723f30a4b9ba27e695abb88fff9c15da7c135dccad252baee3b3cd6f54c9451

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:53 GMT
content-encoding
gzip
last-modified
Fri, 05 Mar 2021 18:20:18 GMT
server
Apache
etag
"136e-5bcce22e4cddd"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=87
accept-ranges
bytes
content-length
1483
main.0847933d.js
media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/ 		226 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/main.0847933d.js
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8776920a540d05bb179f110ce1c253cc3b269541f0dfa0d0e5255b522c2cd8b2

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:53 GMT
content-encoding
gzip
last-modified
Fri, 05 Mar 2021 18:20:18 GMT
server
Apache
etag
"38949-5bcce22e67184"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=125
accept-ranges
bytes
content-length
54493
escenic_s_code.js
media.ledger-enquirer.com/mistats/products/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.ledger-enquirer.com/mistats/products/escenic_s_code.js
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
388305e6232d397497a35ba97ba5e2e6ea85d349041645c4de2c28a6e08f9044

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:53 GMT
content-encoding
gzip
last-modified
Tue, 17 Nov 2020 22:54:12 GMT
server
Apache
etag
"17b06-5b4555f9a663f"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
32672
escenic.js
media.ledger-enquirer.com/mistats/products/ 		65 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.ledger-enquirer.com/mistats/products/escenic.js
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
797b5c32f492bb21f2256f97f1015f4768e20892122ef8c909a9ac013219b48f

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:53 GMT
content-encoding
gzip
last-modified
Wed, 17 Mar 2021 19:40:52 GMT
server
Apache
etag
"10240-5bdc0a922e078"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
15812
finalizestats.js
media.ledger-enquirer.com/mistats/ 		70 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.ledger-enquirer.com/mistats/finalizestats.js
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
899090d9abbe42bf8e5503ac6f145a4cf9346250a3171a3bca8f6ad20f27e6d9

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:53 GMT
content-encoding
gzip
last-modified
Tue, 23 Feb 2021 21:13:43 GMT
server
Apache
etag
"117d1-5bc0764ae79e8"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
18487
mi-footer.bundle-79c24024c08d7f0c7b17.js
www.ledger-enquirer.com/wps/build/webpack/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ledger-enquirer.com/wps/build/webpack/mi-footer.bundle-79c24024c08d7f0c7b17.js
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
2c3d296de1bb7bb908659aedfa489c63e9c0cb0b57887e74932dd5f60de15578

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:53 GMT
content-encoding
gzip
vary
Accept-Encoding
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
305797
content-length
4197
last-modified
Tue, 02 Mar 2021 20:45:54 GMT
server
MI
x-proxy-forwarding-type
BlackList
etag
W/"2d5a-177f4b0a7d0"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
89340471, 455652440 296062754
access-control-allow-origin
*
cache-control
max-age=222906
access-control-allow-credentials
false
mi-cache
HIT
content-type
application/javascript;charset=UTF-8
access-control-allow-headers
*
iris.adaptive.js
ovp.iris.tv/libs/adaptive/v2/ 		123 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ovp.iris.tv/libs/adaptive/v2/iris.adaptive.js
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:1a00:15:d134:4e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ba8bbfe110629e3df60cffbcd75d2ea7627f5f6e13ef3ba0354221cab7b8e097

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 17:01:46 GMT
content-encoding
gzip
last-modified
Thu, 10 Dec 2020 18:43:33 GMT
server
AmazonS3
age
1746728
etag
W/"a5f9f8a7f66429858d67ad40caa225aa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
yNO4p54aN9wmQjMnpKaFPqqyZn6b5iAY
via
1.1 f2db75b601dc30df73b1beb29596a375.cloudfront.net (CloudFront)
cache-control
max-age=31536000, must-revalidate
x-amz-cf-pop
FRA53-C1
content-type
application/javascript
x-amz-cf-id
x8uw0SsNzdR6cpB5BtmdfwyBYTMV6BITJ7yoHmIXIG1Q9SNJNwj46w==
iris-context.min.js
ovp.iris.tv/libs/context/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ovp.iris.tv/libs/context/iris-context.min.js
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:1a00:15:d134:4e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9710dab6bb3447842cba847209148bd89fb928f55865b045105fa3aefa4fb51f

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
5ZdiiNwZl43A.GuGAotRXH1LFI541fXN
content-encoding
gzip
last-modified
Thu, 18 Jun 2020 14:14:19 GMT
server
AmazonS3
age
66389
etag
W/"1f6dcd0526f7505c7eb84fec71d5e468"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f2db75b601dc30df73b1beb29596a375.cloudfront.net (CloudFront)
date
Wed, 17 Mar 2021 03:47:32 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
I3UE4GXdFSTJYnLJMo4lSBm-OicQmJ-sC8Sq-5SnlvU-yMHiuPBOXA==
vue.bundle-3ab3918677131d13ac6b.js
www.ledger-enquirer.com/wps/build/webpack/ 		107 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ledger-enquirer.com/wps/build/webpack/vue.bundle-3ab3918677131d13ac6b.js
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
318fd391dc5361f08bff2ae57af7e4eb1261f436d8a44b1ef0e0553cf3298297

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:53 GMT
content-encoding
gzip
vary
Accept-Encoding
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
652
content-length
38898
last-modified
Tue, 02 Mar 2021 20:46:18 GMT
server
MI
x-proxy-forwarding-type
BlackList
etag
W/"1ad47-177f4b10590"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
69783296, 338935484 339982271
access-control-allow-origin
*
cache-control
max-age=443796
access-control-allow-credentials
false
mi-cache
HIT
content-type
application/javascript;charset=UTF-8
access-control-allow-headers
*
videojs.bundle-edfe4e7551e581579442.js
www.ledger-enquirer.com/wps/build/webpack/ 		455 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ledger-enquirer.com/wps/build/webpack/videojs.bundle-edfe4e7551e581579442.js
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
5cb4514e117d67aa8609b1e40d3d465f8344810761949a3807a442cf26b5cced

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:53 GMT
content-encoding
gzip
vary
Accept-Encoding
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
644
content-length
121808
last-modified
Tue, 02 Mar 2021 20:46:18 GMT
server
MI
x-proxy-forwarding-type
BlackList
etag
W/"71b1f-177f4b10590"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
58712871, 271719761 254291857
access-control-allow-origin
*
cache-control
max-age=442817
access-control-allow-credentials
false
mi-cache
HIT
content-type
application/javascript;charset=UTF-8
access-control-allow-headers
*
videoStory.bundle-667b380d20e928f31b53.js
www.ledger-enquirer.com/wps/build/webpack/ 		208 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ledger-enquirer.com/wps/build/webpack/videoStory.bundle-667b380d20e928f31b53.js
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
8e79e41b43dfffe5d1cc409d0ab4269d92c26a2e8a947a455cb384d93aea55df

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:53 GMT
content-encoding
gzip
vary
Accept-Encoding
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
1193
content-length
61545
last-modified
Tue, 02 Mar 2021 20:46:18 GMT
server
MI
x-proxy-forwarding-type
BlackList
etag
W/"33f43-177f4b10590"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
64501579, 269165292 254629885
access-control-allow-origin
*
cache-control
max-age=498554
access-control-allow-credentials
false
mi-cache
HIT
content-type
application/javascript;charset=UTF-8
access-control-allow-headers
*
footer.bundle-c9711777d343f484b936.js
www.ledger-enquirer.com/wps/build/webpack/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ledger-enquirer.com/wps/build/webpack/footer.bundle-c9711777d343f484b936.js
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
cf5e946c1508e9a17e9fa87a2e65eb15ee2f72721d207d64c11ce5d702738378

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:53 GMT
content-encoding
gzip
vary
Accept-Encoding
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
1188
content-length
2447
last-modified
Tue, 02 Mar 2021 20:45:54 GMT
server
MI
x-proxy-forwarding-type
BlackList
etag
W/"269f-177f4b0a7d0"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
81875603, 320448837 303800776
access-control-allow-origin
*
cache-control
max-age=443764
access-control-allow-credentials
false
mi-cache
HIT
content-type
application/javascript;charset=UTF-8
access-control-allow-headers
*
netdale.213d63050927570a5814.js
www.ledger-enquirer.com/static/yozons-lib/ 		73 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ledger-enquirer.com/static/yozons-lib/netdale.213d63050927570a5814.js
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/static/yozons-lib/core.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
1271db7f32627d2a52e219cb353efd3a0df94d777429936c225f81abd469a5ef

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:53 GMT
content-encoding
gzip
vary
Accept-Encoding
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
47
content-length
18462
last-modified
Wed, 17 Mar 2021 15:16:34 GMT
server
MI
etag
W/"122d9-5bdbcf7e47880"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
119901282 121668312
access-control-allow-origin
*
cache-control
max-age=580105
access-control-allow-credentials
false
mi-cache
HIT
content-type
application/javascript
access-control-allow-headers
*
adx
pubads.g.doubleclick.net/gampad/ 		0
729 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/adx?iu=%2F7675%2Fclb.site_ledger-enquirer%2Fpropensity&sz=1x1&ref=&cookie=&c=677476339798803&tile=1&u_tz=60
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/static/yozons-lib/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:53 GMT
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.ledger-enquirer.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adobe.t2_3.js
www.ledger-enquirer.com/static/yozons-lib/ 		91 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ledger-enquirer.com/static/yozons-lib/adobe.t2_3.js
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/static/yozons-lib/core.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
5fd8bc8f1abe2eca0f650c16cd0f04bea980adbc2f228e4bc7bb6357923a9c36

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:53 GMT
content-encoding
gzip
vary
Accept-Encoding
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
185527
content-length
31126
last-modified
Tue, 09 Mar 2021 14:40:11 GMT
server
MI
etag
W/"16dbe-5bd1b870b88c0"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
773865793, 113672754 900700969
access-control-allow-origin
*
cache-control
max-age=574090
access-control-allow-credentials
false
mi-cache
HIT
content-type
application/javascript
access-control-allow-headers
*
gfc.4f915468ca1e4515c584.js
www.ledger-enquirer.com/static/yozons-lib/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ledger-enquirer.com/static/yozons-lib/gfc.4f915468ca1e4515c584.js
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/static/yozons-lib/core.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
ea2939a6c5a87eb95c20b8942a09f646e501dd53d05da49ece8471d6cb0f2fbf

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:53 GMT
content-encoding
gzip
vary
Accept-Encoding
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
73
content-length
4674
last-modified
Mon, 15 Mar 2021 13:29:18 GMT
server
MI
etag
W/"2853-5bd933c982780"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
899003637, 784243386 775705086
access-control-allow-origin
*
cache-control
max-age=401002
access-control-allow-credentials
false
mi-cache
HIT
content-type
application/javascript
access-control-allow-headers
*
delivery
mcclatchy.tt.omtrdc.net/rest/v1/ 		189 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcclatchy.tt.omtrdc.net/rest/v1/delivery?client=mcclatchy&sessionId=193f1edda12e4d7f8086707ac30c2e62&version=2.3.0
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/static/yozons-lib/adobe.t2_3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.133.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-133-54.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5d43a901ac6c9d8df7d2268b6cb189f225ad9875c7c596dc3b06988cf6acf2c3

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ledger-enquirer.com
date
Wed, 17 Mar 2021 22:13:53 GMT
content-encoding
gzip
access-control-allow-credentials
true
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-request-id
b7dc8215f367a550def6877cb86c042d
content-type
application/json;charset=UTF-8
common.js
media.ledger-enquirer.com/misites/all/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.ledger-enquirer.com/misites/all/common.js
Requested by
Host: media.ledger-enquirer.com
URL: https://media.ledger-enquirer.com/misites/led/ledger-enquirer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec2cc99b7d1be6fb64d9ce3622e5584e39002529d87a71ffad76435b800de309

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:54 GMT
content-encoding
gzip
last-modified
Tue, 10 Sep 2019 13:27:05 GMT
server
Apache
etag
"ee5-59232dc43bc40"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
1412
micb.js
media.ledger-enquirer.com/mistats/ 		125 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.ledger-enquirer.com/mistats/micb.js
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/static/yozons-lib/core.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6aed601026ce137551492130480a42825a85a9d43ac808cc533dc93fbdfaeeff

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:54 GMT
content-encoding
gzip
last-modified
Tue, 09 Mar 2021 19:04:24 GMT
server
Apache
etag
"1f3bd-5bd1f37fb29ee"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
35275
main.js
mcclatchy-ledger-enquirer.zeustechnology.com/ 		204 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcclatchy-ledger-enquirer.zeustechnology.com/main.js
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/static/yozons-lib/netdale.213d63050927570a5814.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.202.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9472429b7873ba26beae367a22a569cca0b56228943c1db06730396fde73a360

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
z0NV_ZrRYmkb4w8XkxXDXk415aSXK9ob
content-encoding
gzip
last-modified
Fri, 05 Mar 2021 13:23:31 GMT
server
AmazonS3
age
489
etag
W/"711f2bed630184193b9807d2a3e95e3f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
cache-control
max-age=600,s-max-age=3600
date
Wed, 17 Mar 2021 22:12:12 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
e-xiUzLdIqeIOQa4j2QIUICPFB3QqwXNYYLQqL545FQjvFKKGVgY0Q==
callback=mi.ads.extractPid
ad.crwdcntrl.net/5/c=7436/pe=y/ 		82 B
291 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.crwdcntrl.net/5/c=7436/pe=y/callback=mi.ads.extractPid
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/static/yozons-lib/core.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.128.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8e26c82b3a05d2306015e1d1414cffced4a6ab6e012e8aadfcb0db6798314a79

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:13:54 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.7.166
content-type
application/javascript;charset=UTF-8
content-length
82
expires
0
loader.js
contributor.google.com/scripts/7df76a16abfcab18/ 		103 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contributor.google.com/scripts/7df76a16abfcab18/loader.js
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/static/yozons-lib/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
020a6d03b445acdaf72388b7098ba8bb3a9f16cbde88c76443c22836691ce6c5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9K4Ci+tazVhqvp5xpCn7HA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorTargetingHttp/cspreport;worker-src 'self', script-src 'nonce-9K4Ci+tazVhqvp5xpCn7HA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorTargetingHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private, max-age=86400
content-security-policy
script-src 'report-sample' 'nonce-9K4Ci+tazVhqvp5xpCn7HA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorTargetingHttp/cspreport;worker-src 'self', script-src 'nonce-9K4Ci+tazVhqvp5xpCn7HA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorTargetingHttp/cspreport
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Wed, 17 Mar 2021 22:13:54 GMT
pts
pubads.g.doubleclick.net/subopt/ 		152 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/subopt/pts?products=ledger-enquirer.com&type=general&extrainfo=null&u_tz=-60&v=1&cdm=www.ledger-enquirer.com&c=343753
Requested by
Host: media.ledger-enquirer.com
URL: https://media.ledger-enquirer.com/mistats/micb.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
a955e87bf916fcf94a65c34601443c7c4e3a79280f15b3846729eb3999e97bb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127
x-xss-protection
0
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.ledger-enquirer.com
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Wed, 17 Mar 2021 22:13:54 GMT
id
dpm.demdex.net/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=3B6E35F15A82BBB00A495D91%40AdobeOrg&d_nsid=0&d_coop_safe=1&ts=1616019234232
Requested by
Host: media.ledger-enquirer.com
URL: https://media.ledger-enquirer.com/mistats/micb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.66.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-66-13.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3c18d84e2c6c9879edfb05e7c5cf762b0a1860b3ba4edf68becf5c86fecc35bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v090-01c8694d3.edge-irl1.demdex.com 5.80.7.20210304103356 2ms (+0ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-TID
pNoJhHyyQj0=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.ledger-enquirer.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
991
Expires
Thu, 01 Jan 1970 00:00:00 GMT
data
pubads.g.doubleclick.net/subopt/ 		0
571 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/subopt/data?states=ledger-enquirer.com%3Aunknown&extrainfo=null&u_tz=-60&v=1&cdm=www.ledger-enquirer.com&c=483437
Requested by
Host: media.ledger-enquirer.com
URL: https://media.ledger-enquirer.com/mistats/micb.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 17 Mar 2021 22:13:54 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
https://www.ledger-enquirer.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
8a234c1f-815c-45c5-971b-bb6ec9dfb3b8.json
cdn.cookielaw.org/consent/8a234c1f-815c-45c5-971b-bb6ec9dfb3b8/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/8a234c1f-815c-45c5-971b-bb6ec9dfb3b8/8a234c1f-815c-45c5-971b-bb6ec9dfb3b8.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
789f3d61d9cafb5e3ed133ac8ee0c14c55c63647294fc8105040ad6fbc911dcb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 17 Mar 2021 22:13:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
fGnGtacXLVKhuT1RVvQWtg==
age
205
vary
Accept-Encoding
content-length
1277
cf-request-id
08e3d9b5d600001f45e5259000000001
x-ms-lease-status
unlocked
last-modified
Thu, 20 Aug 2020 16:29:08 GMT
server
cloudflare
etag
0x8D84526298C9BC2
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
f437c81f-f01e-0048-5531-04ea7b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
631992362edc1f45-FRA
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 		162 B
519 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfeb7783a538aaf85df056bf149c808937dccdb3e3af5714d6fba017054e2f94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:54 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6319923659790609-FRA
cf-request-id
08e3d9b5f600000609ac2a9000000001
geofeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 		162 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/geofeed
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d6aa0d1df9cfdddb4ba1c2e84627fbae84624b959ac448e02057a26df5c89ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:54 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
63199236597b0609-FRA
cf-request-id
08e3d9b5f60000060934a5d000000001
identityModulev3.min.js
www.ledger-enquirer.com/wps/source/scripts/libs/ 		35 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ledger-enquirer.com/wps/source/scripts/libs/identityModulev3.min.js
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/static/yozons-lib/core.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
2969aa16b763893fa2f600de842a23475f8c0f1d58ebbed3c4f7f1a63edbc0b5

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:54 GMT
content-encoding
gzip
vary
Accept-Encoding
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
520764
content-length
11142
last-modified
Tue, 02 Mar 2021 20:43:52 GMT
server
MI
x-proxy-forwarding-type
BlackList
etag
W/"8dbb-177f4aecb40"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
129473078, 698076967 461004752
access-control-allow-origin
*
cache-control
max-age=268767
access-control-allow-credentials
false
mi-cache
HIT
content-type
application/javascript;charset=UTF-8
access-control-allow-headers
*
aksb.min.js
ds-aksb-a.akamaihd.net/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ds-aksb-a.akamaihd.net/aksb.min.js
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba4b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
7f06def529e0076b37f65c60085a6b1c65f1bbab0b1f87c72c188018b5094966

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:13:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Aug 2018 18:25:26 GMT
Server
Apache
ETag
"15de19f42b35806faf815298644157e0:1535653526"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=43200
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
4826
o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v11/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v11/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ledger-enquirer.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 07:56:55 GMT
x-content-type-options
nosniff
last-modified
Thu, 24 Sep 2020 23:50:59 GMT
server
sffe
age
483419
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16180
x-xss-protection
0
expires
Sat, 12 Mar 2022 07:56:55 GMT
ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2
fonts.gstatic.com/s/notoserif/v9/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserif/v9/ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
feaad76415c6eb7fb707e31a7f0bd3da9f47a60a5c6d34cd00e2ebf0bbb6766c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ledger-enquirer.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 10:25:45 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:03:59 GMT
server
sffe
age
388089
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27344
x-xss-protection
0
expires
Sun, 13 Mar 2022 10:25:45 GMT
o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v11/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v11/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ledger-enquirer.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Mar 2021 18:17:30 GMT
x-content-type-options
nosniff
last-modified
Fri, 25 Sep 2020 00:08:03 GMT
server
sffe
age
186984
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16056
x-xss-protection
0
expires
Tue, 15 Mar 2022 18:17:30 GMT
logo.svg
www.ledger-enquirer.com/wps/build/images/ledger-enquirer/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ledger-enquirer.com/wps/build/images/ledger-enquirer/logo.svg
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
f443917aa87484950ec35d141b745aaa872c25618e55f77975bee4bb54954cf3

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:54 GMT
content-encoding
gzip
vary
Accept-Encoding
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
77975
content-length
2296
last-modified
Tue, 02 Mar 2021 20:45:54 GMT
server
MI
x-proxy-forwarding-type
BlackList
etag
W/"1666-177f4b0a7d0"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
128548524, 496060900 465980320
access-control-allow-origin
*
cache-control
max-age=377633
access-control-allow-credentials
false
mi-cache
HIT
content-type
image/svg+xml;charset=ISO-8859-1
access-control-allow-headers
*
recaptcha__en.js
www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/ 		331 KB
332 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6fcdd11c229160158b2399cfc0524bd1712b0b24e86e9d3432e5eec78d9e518
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ledger-enquirer.com
Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 13:51:31 GMT
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 04:05:18 GMT
server
sffe
age
30143
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
339223
x-xss-protection
0
expires
Thu, 17 Mar 2022 13:51:31 GMT
ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2
fonts.gstatic.com/s/notoserif/v9/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserif/v9/ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eced2a68da9eed95cc9c956e26607f9a6176500fd01cc1e41410b562b290e3ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ledger-enquirer.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:01:20 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:03:52 GMT
server
sffe
age
601954
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23924
x-xss-protection
0
expires
Thu, 10 Mar 2022 23:01:20 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		164 B
227 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:54 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
63199236b9ef0609-FRA
cf-request-id
08e3d9b63000000609bf0f5000000001
Cookie set dest5.html
mcclatchy.demdex.net/ Frame 0BF6 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mcclatchy.demdex.net/dest5.html?d_nsid=0
Requested by
Host: media.ledger-enquirer.com
URL: https://media.ledger-enquirer.com/mistats/micb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.151.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-151-98.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
mcclatchy.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.ledger-enquirer.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
demdex=58913308628517029240233165826265906734
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ledger-enquirer.com/

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=21600
Content-Encoding
gzip
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified
Wed, 10 Mar 2021 16:02:39 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Set-Cookie
demdex=58913308628517029240233165826265906734;Path=/;Domain=.demdex.net;Expires=Mon, 13-Sep-2021 22:13:54 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding, User-Agent
X-TID
uz22TVLyS/A=
Content-Length
2785
Connection
keep-alive
id
mcclatchy.sc.omtrdc.net/ 		2 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcclatchy.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=3B6E35F15A82BBB00A495D91%40AdobeOrg&mid=58448029450774587470279927337149729177&ts=1616019234360
Requested by
Host: media.ledger-enquirer.com
URL: https://media.ledger-enquirer.com/mistats/micb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.181.18.61 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-18-61.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 17 Mar 2021 22:13:54 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-7df884dd44-vdgm9
vary
Origin
x-c
main-1434.I637bed.M0-481
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.ledger-enquirer.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-type
application/x-javascript;charset=utf-8
content-length
2
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=YFJ-IgAAAJgHLxNg
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=58913308628517029240233165826265906734
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YFJ-IgAAAJgHLxNg
42 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YFJ-IgAAAJgHLxNg
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.66.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-66-13.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v090-0102ce00c.edge-irl1.demdex.com 5.80.7.20210304103356 0ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
3JN7tizHTbE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YFJ-IgAAAJgHLxNg
Date
Wed, 17 Mar 2021 22:13:54 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
GA-daily_CDC.json
media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/ 		125 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/GA-daily_CDC.json
Requested by
Host: media.mcclatchy.com
URL: https://media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/main.0847933d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c8664b05df583216c75205b0413ba547e4968b4c94cf023fd91e91583ec3a2d2

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:13:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Mar 2021 22:10:07 GMT
Server
Apache
ETag
"1f232-5bdc2bee68fb1"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
max-age=598
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15867
fontawesome-webfont.woff2
www.ledger-enquirer.com/wps/source/sass/main/fonts/font-awesome/fonts/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ledger-enquirer.com/wps/source/sass/main/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/wps/build/webpack/css/mi-styles.8a5037c2d30c9fc2847d.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
41dd3e48dbef1ddbc59957d4e99ef7662c1702dd8b55d0900b02150f87af354a

Request headers

Origin
https://www.ledger-enquirer.com
Referer
https://www.ledger-enquirer.com/wps/build/webpack/css/mi-styles.8a5037c2d30c9fc2847d.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:54 GMT
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
487
content-length
56780
last-modified
Tue, 02 Mar 2021 20:43:52 GMT
server
MI
x-proxy-forwarding-type
BlackList
etag
W/"ddcc-177f4aecb40"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
92801208, 293686308 304390714
access-control-allow-origin
*
cache-control
max-age=78
access-control-allow-credentials
false
mi-cache
HIT
content-type
font/woff2;charset=ISO-8859-1
access-control-allow-headers
*
schoolbus.jpg
www.ledger-enquirer.com/latest-news/er9nq5/picture226921684/alternates/LANDSCAPE_768/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ledger-enquirer.com/latest-news/er9nq5/picture226921684/alternates/LANDSCAPE_768/schoolbus.jpg
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
cf88af8885e4d95b827f2cecd828d109bebc6e53470b252d9ae812fec67f3a6c

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:54 GMT
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
503
content-length
51058
last-modified
Fri, 22 Mar 2019 17:08:13 GMT
server
MI
x-proxy-forwarding-type
BlackList
etag
"b49b9d1d49f611a152d23eb7091d3195"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
448094454 463246964
access-control-allow-origin
*
cache-control
max-age=339632
access-control-allow-credentials
false
mi-cache
HIT
content-type
image/jpeg
access-control-allow-headers
*
02_Civic%20Center%20MVS_MAC_DSC04229.jpg
www.ledger-enquirer.com/latest-news/y3l2zh/picture249957669/alternates/LANDSCAPE_768/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ledger-enquirer.com/latest-news/y3l2zh/picture249957669/alternates/LANDSCAPE_768/02_Civic%20Center%20MVS_MAC_DSC04229.jpg
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
4c7da10da9130919243c1d08faa0c6ee6dbf302b023718b5171232040c6b84f8

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:54 GMT
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
3631
content-length
50593
last-modified
Tue, 16 Mar 2021 17:13:36 GMT
server
MI
x-proxy-forwarding-type
BlackList
etag
"c30c4c6a287678800407542411221614"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
1030816571, 50064826 67503083
access-control-allow-origin
*
cache-control
max-age=504007
access-control-allow-credentials
false
mi-cache
HIT
content-type
image/jpeg
access-control-allow-headers
*
final1.jpg
www.ledger-enquirer.com/latest-news/svti6q/picture245324310/alternates/LANDSCAPE_768/ 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ledger-enquirer.com/latest-news/svti6q/picture245324310/alternates/LANDSCAPE_768/final1.jpg
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
3087344cdbe0d4e17728e5b32e8db6a26624a87807b9fb23496ba8db04d3f2b0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:54 GMT
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
89
content-length
79479
last-modified
Fri, 28 Aug 2020 15:38:26 GMT
server
MI
x-proxy-forwarding-type
BlackList
etag
"08884169528f54af6f41962f68105525"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
120129166, 18376997 31926739
access-control-allow-origin
*
cache-control
max-age=579465
access-control-allow-credentials
false
mi-cache
HIT
content-type
image/jpeg
access-control-allow-headers
*
crime%20scene%20jpg
www.ledger-enquirer.com/news/local/crime/botl1g/picture211536554/alternates/LANDSCAPE_768/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ledger-enquirer.com/news/local/crime/botl1g/picture211536554/alternates/LANDSCAPE_768/crime%20scene%20jpg
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
4e70c351866197d421404027969954c92eaa0bb5198706650087eafd4775a09f

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:54 GMT
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
247770
content-length
30461
last-modified
Sun, 20 May 2018 20:35:21 GMT
server
MI
x-proxy-forwarding-type
BlackList
etag
"8124c36a4d901cf0e5e551e50a1ef589"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
295582212, 358355915 212915986
access-control-allow-origin
*
cache-control
max-age=85219
access-control-allow-credentials
false
mi-cache
HIT
content-type
image/jpeg
access-control-allow-headers
*
161574077_4135813839764680_4040782796878415759_n.png
www.ledger-enquirer.com/latest-news/xywtd0/picture249974784/alternates/LANDSCAPE_768/ 		497 KB
498 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ledger-enquirer.com/latest-news/xywtd0/picture249974784/alternates/LANDSCAPE_768/161574077_4135813839764680_4040782796878415759_n.png
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
0aab48ed8b79ef2e79778ea45c72d459315de3c8fa1b62fd88cbb11a2fb04da3

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:54 GMT
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
1585
content-length
508920
last-modified
Tue, 16 Mar 2021 15:35:53 GMT
server
MI
x-proxy-forwarding-type
BlackList
etag
"1992382b393b0aa7c3be1eaeb2386a5e"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
72484603, 1024529958 1033375762
access-control-allow-origin
*
cache-control
max-age=504167
access-control-allow-credentials
false
mi-cache
HIT
content-type
image/png
access-control-allow-headers
*
030521_SECWBB_TVE_Georgia%20coach%20Joni%20Taylor%20reacts%20with%20Que%20Morrison%20(23).jpg
www.macon.com/latest-news/1gqz34/picture249962724/alternates/LANDSCAPE_768/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.macon.com/latest-news/1gqz34/picture249962724/alternates/LANDSCAPE_768/030521_SECWBB_TVE_Georgia%20coach%20Joni%20Taylor%20reacts%20with%20Que%20Morrison%20(23).jpg
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
90a19c38629ebfeab116a63ea65265ad34deb9707577cf2865e64d8a6f972862

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:54 GMT
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
2788
content-length
53479
last-modified
Mon, 15 Mar 2021 23:08:12 GMT
server
MI
x-proxy-forwarding-type
BlackList
etag
"713284b19e5d99ca398a360cf47647b5"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
26002313 36213661
access-control-allow-origin
*
cache-control
max-age=439278
access-control-allow-credentials
false
mi-cache
HIT
content-type
image/jpeg
access-control-allow-headers
*
1_bridge%20art_MAC_DSC04195.jpg
www.ledger-enquirer.com/news/75kaon/picture249717578/alternates/LANDSCAPE_768/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ledger-enquirer.com/news/75kaon/picture249717578/alternates/LANDSCAPE_768/1_bridge%20art_MAC_DSC04195.jpg
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
2add500dc7fba2077fcfe52fd4c081fe5f3e2a66212e9810eb5c490fa2985568

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:54 GMT
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
213
content-length
49387
last-modified
Fri, 05 Mar 2021 18:57:03 GMT
server
MI
x-proxy-forwarding-type
BlackList
etag
"329cccb0fe39d544bd629c880daa2fba"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
366036085, 416101997 419321477
access-control-allow-origin
*
cache-control
max-age=134211
access-control-allow-credentials
false
mi-cache
HIT
content-type
image/jpeg
access-control-allow-headers
*
jo210314Bc.jpg
www.sacbee.com/latest-news/cg0auy/picture249879643/alternates/LANDSCAPE_768/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sacbee.com/latest-news/cg0auy/picture249879643/alternates/LANDSCAPE_768/jo210314Bc.jpg
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
3c169b27444d1d2b841d9172028c50666195313159b66bd2e18927f30ea61576

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:54 GMT
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
274
content-length
102274
last-modified
Fri, 12 Mar 2021 01:59:42 GMT
server
MI
x-proxy-forwarding-type
BlackList
etag
"f3aaf982cc83cc141450718a2099b94c"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
710768030, 641321030 632199846
access-control-allow-origin
*
cache-control
max-age=100410
access-control-allow-credentials
false
mi-cache
HIT
content-type
image/jpeg
access-control-allow-headers
*
joc210307c.jpg
www.sacbee.com/latest-news/90ok9h/picture249722388/alternates/LANDSCAPE_768/ 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sacbee.com/latest-news/90ok9h/picture249722388/alternates/LANDSCAPE_768/joc210307c.jpg
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
225f9ccee193cb3024bdb686f3f0de7dd0aede97b3a772e321f86d5e1836361d

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:54 GMT
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
467
content-length
88034
last-modified
Fri, 05 Mar 2021 18:33:08 GMT
server
MI
x-proxy-forwarding-type
BlackList
etag
"62393ab1674a41df3f9e675ecd5e9c93"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
418368200, 372284838 348649935
access-control-allow-origin
*
cache-control
max-age=112896
access-control-allow-credentials
false
mi-cache
HIT
content-type
image/jpeg
access-control-allow-headers
*
jo210226c.jpg
www.sacbee.com/latest-news/fycktv/picture249532587/alternates/LANDSCAPE_768/ 		99 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sacbee.com/latest-news/fycktv/picture249532587/alternates/LANDSCAPE_768/jo210226c.jpg
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
c023c54d87c984b154b34ee12dc19cc028d472bdd6c48fe9fb3c8ca18800840b

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:54 GMT
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
306
content-length
101191
last-modified
Fri, 26 Feb 2021 02:21:21 GMT
server
MI
x-proxy-forwarding-type
BlackList
etag
"0d01cd57e905b7f720fdc1e48db77759"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
70644405, 139910332 148776623
access-control-allow-origin
*
cache-control
max-age=105430
access-control-allow-credentials
false
mi-cache
HIT
content-type
image/jpeg
access-control-allow-headers
*
Obit_James_Levine_06048.jpg
www.mcclatchy-wires.com/incoming/2hw267/picture250000544/alternates/LANDSCAPE_768/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mcclatchy-wires.com/incoming/2hw267/picture250000544/alternates/LANDSCAPE_768/Obit_James_Levine_06048.jpg
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
03647f4a36d224389ce3e9f21ad61db1e23f3a54984771270212692eb23049a8

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:54 GMT
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
200
content-length
29111
last-modified
Wed, 17 Mar 2021 14:44:54 GMT
server
MI
x-proxy-forwarding-type
WhiteList
etag
"19abdcf5decd995293ba9eccc94dae77"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
9570695, 355288150 353554813
access-control-allow-origin
*
cache-control
max-age=578119
access-control-allow-credentials
false
mi-cache
HIT
content-type
image/jpeg
access-control-allow-headers
*
1405
analytics-check.publishersite.xyz/check/ 		26 B
392 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics-check.publishersite.xyz/check/1405
Requested by
Host: mcclatchy-ledger-enquirer.zeustechnology.com
URL: https://mcclatchy-ledger-enquirer.zeustechnology.com/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.90.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0464b6125d6f9f3dc1dbe6ef7f1203ea4d60d28141fd98fef1e15004f265ec2e

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:54 GMT
via
1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amzn-requestid
6c48d44e-ec48-49b4-b29f-0e714ab19cd8
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-60527f22-7048597939f8ced5016104a1;Sampled=0
x-amz-apigw-id
cWjNbESLoAMFR5g=
content-length
26
x-amz-cf-id
dy1vo-NhsnO4jmXUDlNFFFhUIVdPxs68P0-pmOEKRdKirEuiWDo7vQ==
publishertag.js
static.criteo.net/js/ld/ 		114 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: mcclatchy-ledger-enquirer.zeustechnology.com
URL: https://mcclatchy-ledger-enquirer.zeustechnology.com/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
69e31d53d95f965695db3712f85925810e90cc839a793c87adfcb21eb637673e

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:54 GMT
content-encoding
gzip
last-modified
Tue, 23 Feb 2021 11:00:30 GMT
server
nginx
etag
W/"6034e04e-1c974"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Thu, 18 Mar 2021 22:13:54 GMT
185522-76365265602189.js
js-sec.indexww.com/ht/p/ 		84 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/185522-76365265602189.js
Requested by
Host: mcclatchy-ledger-enquirer.zeustechnology.com
URL: https://mcclatchy-ledger-enquirer.zeustechnology.com/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0ccfc34943306e0600808d2398ce6da10e4af009e81cb688cdf01a04d371dcf0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:13:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Mar 2021 22:11:39 GMT
Server
Apache
ETag
"da2f34-14f93-5bdc2c463e12a"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3599
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
26253
Expires
Wed, 17 Mar 2021 23:13:54 GMT
userSync.js
ads.pubmatic.com/AdServer/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/userSync.js
Requested by
Host: mcclatchy-ledger-enquirer.zeustechnology.com
URL: https://mcclatchy-ledger-enquirer.zeustechnology.com/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c0f1a0e47f7e68ec0549eba6eb3fcd3523a2c3e68bcd9b2463ef084df041fd34

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:13:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:56:30 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300709-1d57-5b232e7ce6dc7"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
public, max-age=71184
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
2419
Expires
Thu, 18 Mar 2021 18:00:18 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		59 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: mcclatchy-ledger-enquirer.zeustechnology.com
URL: https://mcclatchy-ledger-enquirer.zeustechnology.com/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
53c41806a5233c77b3878acd59c261a04e44a0210e23653f0331b8f0580c127f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"815 / 355 of 1000 / last-modified: 1616010068"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19953
x-xss-protection
0
expires
Wed, 17 Mar 2021 22:13:54 GMT
sp.br.js
js.matheranalytics.com/static/2_2_18-e/
Redirect Chain
  • https://js.matheranalytics.com/s/ma12095/74930901/sp.js?cb=1559
  • https://js.matheranalytics.com/static/2_2_18-e/sp.br.js
78 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.matheranalytics.com/static/2_2_18-e/sp.br.js
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
f2f93fd85c2f5e6c07c80c6487a804ec6bede5bed8fe755280d87d4dfde986d0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 23:36:27 GMT
content-encoding
br
last-modified
Sat, 20 Apr 2019 20:43:13 GMT
server
nginx
age
81447
etag
"93626701087aa6ff39ccd5278fb9fd3b"
vary
Accept-Encoding
x-cache
HIT Sat, 20 Apr 2019 22:39:14 GMT
content-type
application/x-javascript
via
1.1 google
cache-control
public,max-age=3600
alt-svc
clear
content-length
25418

Redirect headers

date
Wed, 17 Mar 2021 22:13:54 GMT
via
1.1 google
server
nginx
vary
Accept-Encoding
location
https://js.matheranalytics.com/static/2_2_18-e/sp.br.js
cache-control
public, max-age=269200
alt-svc
clear
x-served-by
8-gc-euw1-10922
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: media.ledger-enquirer.com
URL: https://media.ledger-enquirer.com/mistats/finalizestats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
679
date
Wed, 17 Mar 2021 22:02:35 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Thu, 18 Mar 2021 00:02:35 GMT
quant.js
edge.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.quantserve.com/quant.js
Requested by
Host: media.ledger-enquirer.com
URL: https://media.ledger-enquirer.com/mistats/finalizestats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
16d7d7227f6d8251224d32cd45c81633a3a9d63bf35cd84b1d99d389becb5030

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:54 GMT
content-encoding
gzip
etag
"YoFsxqR3BwPygbSjh02Dug=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 24 Mar 2021 22:13:54 GMT
mi_content_tracker.js
media.ledger-enquirer.com/mistats/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.ledger-enquirer.com/mistats/mi_content_tracker.js
Requested by
Host: media.ledger-enquirer.com
URL: https://media.ledger-enquirer.com/misites/led/ledger-enquirer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b525214335ddd50139b8cead123523306144018a47e3d4a35f6e5b35f295a8fd

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:54 GMT
content-encoding
gzip
last-modified
Wed, 04 Jun 2014 15:41:43 GMT
server
Apache
etag
"11ff-4fb047712bbc0"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
1432
m
secure-us.imrworldwide.com/cgi-bin/
Redirect Chain
  • https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.ledger-enquirer.com/&rp=&ts=compact&rnd=1616019234508
  • https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.ledger-enquirer.com/&rp=&ts=compact&rnd=1616019234508&ja=1
44 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.ledger-enquirer.com/&rp=&ts=compact&rnd=1616019234508&ja=1
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.99.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:13:54 GMT
server
nginx
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
content-type
image/gif
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:13:54 GMT
server
nginx
location
https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.ledger-enquirer.com/&rp=&ts=compact&rnd=1616019234508&ja=1
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
content-length
0
expires
Thu, 01 Dec 1994 16:00:00 GMT
moment.min.js
www.ledger-enquirer.com/wps/source/scripts/libs/ 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ledger-enquirer.com/wps/source/scripts/libs/moment.min.js
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/wps/build/webpack/mi-footer.bundle-79c24024c08d7f0c7b17.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
41315b08c2b332c2a675a817bac8ca1cc648c33109b699c6609feffc0ac79254

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:54 GMT
content-encoding
gzip
vary
Accept-Encoding
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
507318
content-length
14306
last-modified
Tue, 02 Mar 2021 20:43:52 GMT
server
MI
x-proxy-forwarding-type
BlackList
etag
W/"a337-177f4aecb40"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
135604972, 819169781 496845898
access-control-allow-origin
*
cache-control
max-age=277072
access-control-allow-credentials
false
mi-cache
HIT
content-type
application/javascript;charset=UTF-8
access-control-allow-headers
*
load.js
s.ntv.io/serve/ 		350 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/wps/build/webpack/mi-footer.bundle-79c24024c08d7f0c7b17.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.89.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5ceacdc5e7ad12890d0a04b1ecb54cef0d2588f8cf5d335a08ba9b1b7bc53bb9

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:13:54 GMT
Content-Encoding
gzip
x-amz-request-id
0Y2DQ38XSPEA2N0S
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
h/CpMZytp/R8uYb1jwGc4keSoE0rbvntKW59CA8pihYr6z0Vrd4Z/mnBl02g3M3JCaiey0nYZqI=
Last-Modified
Tue, 16 Mar 2021 18:25:18 GMT
Server
AmazonS3
ETag
"42c0d25ff38965696bab6e335fba4ba7"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		330 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/wps/build/webpack/videoStory.bundle-667b380d20e928f31b53.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ab8d4672e4e6dddaffe2961db019619fddee5fdad48793107e3ef3065239f68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116759
x-xss-protection
0
expires
Wed, 17 Mar 2021 22:13:54 GMT
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
586f876503ed4dc63c6ff8567b67dfeb1c84723ef5c7cf218a8ed74ccba6e1ab

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
performance.05317da4c796a3192abb.js
www.ledger-enquirer.com/static/yozons-lib/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ledger-enquirer.com/static/yozons-lib/performance.05317da4c796a3192abb.js
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/static/yozons-lib/core.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
80a1c5f9713281f4575985039a9a484e7fe04235143cbc592e634b418ff0c3ae

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:54 GMT
content-encoding
gzip
vary
Accept-Encoding
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
53
content-length
1105
last-modified
Wed, 17 Mar 2021 15:16:34 GMT
server
MI
etag
W/"c03-5bdbcf7e47880"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
44040802 38537646
access-control-allow-origin
*
cache-control
max-age=580144
access-control-allow-credentials
false
mi-cache
HIT
content-type
application/javascript
access-control-allow-headers
*
parsely.912a0e80a826a12dc8f2.js
www.ledger-enquirer.com/static/yozons-lib/ 		1 KB
950 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ledger-enquirer.com/static/yozons-lib/parsely.912a0e80a826a12dc8f2.js
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/static/yozons-lib/core.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
d2f3f811446b19e2665236f2a508ee60ce2b36b85c97cc0f19c48e8d6aa169b0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:54 GMT
content-encoding
gzip
vary
Accept-Encoding
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
53
content-length
571
last-modified
Wed, 17 Mar 2021 15:16:34 GMT
server
MI
etag
W/"4af-5bdbcf7e47880"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
120817816, 28714065 40405411
access-control-allow-origin
*
cache-control
max-age=580168
access-control-allow-credentials
false
mi-cache
HIT
content-type
application/javascript
access-control-allow-headers
*
quarantine.04d9a09416e23c48977e.js
www.ledger-enquirer.com/static/yozons-lib/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ledger-enquirer.com/static/yozons-lib/quarantine.04d9a09416e23c48977e.js
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/static/yozons-lib/core.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
b608403667d76fc4dcb6aaf9eb0dff5b924ea30185a5271e98ce90077e89d4ea

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:54 GMT
content-encoding
gzip
vary
Accept-Encoding
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
53
content-length
2864
last-modified
Wed, 17 Mar 2021 15:16:34 GMT
server
MI
etag
W/"1de5-5bdbcf7e47880"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
113810058 115250246
access-control-allow-origin
*
cache-control
max-age=580113
access-control-allow-credentials
false
mi-cache
HIT
content-type
application/javascript
access-control-allow-headers
*
ats.js
ats.rlcdn.com/ 		184 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/static/yozons-lib/netdale.213d63050927570a5814.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.220.155 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
3ee93068cc2e2f003f919830e1514eebfea447b9e72bec348e7d612ff09c2f57

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 22:37:13 GMT
content-encoding
gzip
age
603401
x-guploader-uploadid
ABg5-Uwj023QZ4tB1xE-XNP3jHbg7vl5b-5FmZ8kXTcIXaeO2JVQnou1SzEdtvGoI7Oe5jfGji2P5eN6mBrlxopfDSc
x-goog-storage-class
STANDARD
x-goog-metageneration
3
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
60951
last-modified
Mon, 08 Mar 2021 09:08:13 GMT
server
UploadServer
etag
"453bdae55e72772be6cf9eeca9c66e90"
x-goog-hash
crc32c=UtxY/g==, md5=RTva5V5ydyvmz57sqcZukA==
x-goog-generation
1615194493440577
cache-control
no-transform
x-goog-stored-content-length
60951
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 10 Mar 2022 22:37:13 GMT
oPS.js
d15kdpgjg3unno.cloudfront.net/ 		51 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=11
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/static/yozons-lib/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:4600:11:b309:9100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d408f7701491cd7a57dd70a39be787ea166ceeb4437fb23ae2037941c03c152a

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:58:00 GMT
content-encoding
gzip
last-modified
Tue, 16 Mar 2021 21:27:56 GMT
server
AmazonS3
age
4555
etag
W/"3adb53daca3581e6383e09d9cf3c647f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
cache-control
max-age=84600
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
3fy2GAhAyK8WAPUpRKQBLmKUB-yYHIubnnoT2mXt1XIur_bGB8eeYg==
.js
dyv1bugovvq1g.cloudfront.net/11/www.ledger-enquirer.com/ 		1 KB
674 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dyv1bugovvq1g.cloudfront.net/11/www.ledger-enquirer.com/.js
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/static/yozons-lib/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:7000:5:82fd:2500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f57ec0b8202cdfafe3c6faacb99a35cd20dbfb5cbe0554d542e0b10bd0b96c8d

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:56 GMT
content-encoding
gzip
last-modified
Wed, 17 Mar 2021 19:44:17 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
etag
"863154b7953c63214ad95fe6343714d6"
x-cache
RefreshHit from cloudfront
content-type
application/json; charset=utf-8
via
1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control
max-age=300
accept-ranges
bytes
content-length
299
x-amz-cf-id
h9ygiSsT27wy6vTVzZ3_ju-jJYZAGCDnyj1sdx8UGLjIW6xdUqHyJA==
config.js
confiant-integrations.global.ssl.fastly.net/awMxVZLpNW6K6EG6WC5S8oR_a68/gpt_and_prebid/ 		89 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/awMxVZLpNW6K6EG6WC5S8oR_a68/gpt_and_prebid/config.js
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/static/yozons-lib/netdale.213d63050927570a5814.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fe8b11787e4947df6fc29d4a6952bbf5ab2efc5cc8057c4a2d66d2cbb39ed801

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:13:54 GMT
Content-Encoding
gzip
Age
476
X-Cache
HIT
Connection
keep-alive
Content-Length
20197
x-amz-id-2
dgUXOUwGVpcsVhlS8Kr9ZGL/39A4ghXzMRXR4hri2NnUar+2ysCEC5UBvwNnw3RupmbXdqHxAvM=
X-Served-By
cache-hhn4031-HHN
Last-Modified
Wed, 17 Mar 2021 21:23:01 GMT
Server
AmazonS3
X-Timer
S1616019235.839799,VS0,VE1
ETag
"1d6c1c7443afd4f8268d113f9db83f3c"
x-amz-request-id
CDGCFSGPMQRJFNX8
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
1
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.5.0/ 		325 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d139c3756ba4ea4e4672c12645de4977faa9ba7e0d550931d2086338fd72dfe9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 17 Mar 2021 22:13:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
AvbD4VHYe4H/QnyU6j8v5w==
age
7064183
vary
Accept-Encoding
content-length
69711
cf-request-id
08e3d9b76600004a68f2ba0000000001
x-ms-lease-status
unlocked
last-modified
Thu, 27 Aug 2020 03:43:22 GMT
server
cloudflare
etag
0x8D84A3B58DE8819
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b5a3eed9-c01e-0069-3a3b-db874a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
63199238a8504a68-FRA
expires
Thu, 25 Mar 2021 22:13:54 GMT
delivery
mboxedge37.tt.omtrdc.net/rest/v1/ 		688 B
731 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mboxedge37.tt.omtrdc.net/rest/v1/delivery?client=mcclatchy&sessionId=193f1edda12e4d7f8086707ac30c2e62&version=2.3.0
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/static/yozons-lib/adobe.t2_3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.133.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-133-54.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5b3ea6fc86781848dea65272e7c5e308910d89d0a6152cc73a4b37a48e01f8e7

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ledger-enquirer.com
date
Wed, 17 Mar 2021 22:13:54 GMT
content-encoding
gzip
access-control-allow-credentials
true
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-request-id
09fadf6c7ba115983fd67aa156d6cd10
content-type
application/json;charset=UTF-8
4dec59cd-4660-4b42-a19b-ac879d3df704
https://www.ledger-enquirer.com/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.ledger-enquirer.com/4dec59cd-4660-4b42-a19b-ac879d3df704
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
apstag.js
c.amazon-adsystem.com/aax2/ 		119 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/static/yozons-lib/netdale.213d63050927570a5814.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
Server /
Resource Hash
86cef609c85d2c2ce6a507af54e77a9c150e2fa408043e1454082614c4b0ce2b

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 21:59:37 GMT
content-encoding
gzip
server
Server
age
857
etag
d2bbe61d6c9cfd2f9d26c66417c4fb1e
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 8033f9c6b87a03b2eca7c2db5157e10e.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-version-id
qpGbqo5n5ftYm2ZsSSwwmAxZeGfbwfiX
x-amz-cf-id
IVJvvJ3aWKpWMng6xgehlGPgVUQ-GJmw98spZA0n2fmgS8J3WVw0NQ==
anchor
www.google.com/recaptcha/api2/ Frame 69C6 		20 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCJGUUAAAAADAmkD2iQN_k8a6FCpgo2VBei6su&co=aHR0cHM6Ly93d3cubGVkZ2VyLWVucXVpcmVyLmNvbTo0NDM.&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=invisible&badge=inline&cb=5db33x9b3f07
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
59e03ac4334547f1ced56595fd3acc42750e9cbf691542396effd3e8f549a60a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZrcI7EXgq+cXBODZyAB7qA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LcCJGUUAAAAADAmkD2iQN_k8a6FCpgo2VBei6su&co=aHR0cHM6Ly93d3cubGVkZ2VyLWVucXVpcmVyLmNvbTo0NDM.&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=invisible&badge=inline&cb=5db33x9b3f07
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ledger-enquirer.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=211=Vf1nABZTAOHYKFytawM0vp4hYbn3VBed1pjttWqfXY4u2_imK0bpsy4tIapZcMtmlLvsz2WyfPiyvKUaE18u_qTHyjw8R2DiXcJvmuieOg7hUv3iZdZ35bGlYqmwTD_Di88-idAjIkuA6lGubAF7zQYQ5Djyz6fSGuaikE4q6uI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ledger-enquirer.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 17 Mar 2021 22:13:54 GMT
content-security-policy
script-src 'report-sample' 'nonce-ZrcI7EXgq+cXBODZyAB7qA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
10738
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pdp.gif
www.ledger-enquirer.com/static/yozons-lib/ 		0
0
lt.min.js
tags.crwdcntrl.net/lt/c/7464/ 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/7464/lt.min.js
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/static/yozons-lib/netdale.213d63050927570a5814.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-79.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
df2d4c7249d3cd8c72c62a2a5a0ebcbac038929d94e78fee17ce47a65753d9c3

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 19:09:14 GMT
content-encoding
gzip
etag
W/"74c87edc41baa3f91422f75b6f071473"
last-modified
Mon, 15 Feb 2021 19:13:45 GMT
server
AmazonS3
age
11081
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 3395b043e03ecb4acfd925a6e5a26e92.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
BQ_pQHScI8ftncH7X0yb-f7wiJ-Da7DB07AGITe4Cd_K5QjawbV7fA==
checksub
contributor.google.com/scripts/7df76a16abfcab18:D:3ae5531da4ae6362/ 		392 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://contributor.google.com/scripts/7df76a16abfcab18:D:3ae5531da4ae6362/checksub
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorTargetingClientJs.en_US.DArU4wHv44Y.es5.O/d=1/ct=zgms/rs=AJlcJMzQOlsf--fDG7gZ12Xwpbaj-Dkk7w/m=contributor
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f447eadf79748cdc576dbc1d13edfad9373e5cb42624792dbb875549bdaed337
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RPAlo16Ioww2BjfEZtfuJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorTargetingHttp/cspreport;worker-src 'self', script-src 'nonce-RPAlo16Ioww2BjfEZtfuJg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorTargetingHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.ledger-enquirer.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-RPAlo16Ioww2BjfEZtfuJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorTargetingHttp/cspreport;worker-src 'self', script-src 'nonce-RPAlo16Ioww2BjfEZtfuJg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorTargetingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXAZrJRCvuYysT9c1RumEDbR5v3PFPRPP4qISzVM2SGrMWLHOoFS46a3aKEhVgJ8a8zdSI_hQzf81OBst2I
fundingchoicesmessages.google.com/f/ 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXAZrJRCvuYysT9c1RumEDbR5v3PFPRPP4qISzVM2SGrMWLHOoFS46a3aKEhVgJ8a8zdSI_hQzf81OBst2I
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/static/yozons-lib/gfc.4f915468ca1e4515c584.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dedc6e38afe9332230dc2358a7e20b17bdbeefed31623bad93ece68270e83544
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-suueO8aHqxFMPEuUEqiX5Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-suueO8aHqxFMPEuUEqiX5Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'report-sample' 'nonce-suueO8aHqxFMPEuUEqiX5Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-suueO8aHqxFMPEuUEqiX5Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin
date
Wed, 17 Mar 2021 22:13:54 GMT
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
origin-trial
AmWWqEiPtRKXiIreUsgUyNMptDcKdmLPlGI32DPZjDKK+yBAUi7+FT3r/9RpkTnzHyXYUWiPfirCGMg3Ogzc7gMAAAB3eyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjE0MTI0Nzk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
pubads_impl_2021031501.js
securepubads.g.doubleclick.net/gpt/ 		283 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031501.js?31060465
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
7da22511eaa997140ea43f7c0e5f732df19e1910c5cf8bdfc3e3b2782cd7b782
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 08:44:09 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102037
x-xss-protection
0
expires
Wed, 17 Mar 2021 22:13:54 GMT
rules-p-50B2Fi6bBqYto.js
rules.quantcount.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-50B2Fi6bBqYto.js
Requested by
Host: edge.quantserve.com
URL: https://edge.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:5600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b6da6699e22347ded40584215d759d21842a07be029c95c4886efa3c1385454

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:07:20 GMT
content-encoding
gzip
last-modified
Mon, 26 Mar 2018 17:43:26 GMT
server
AmazonS3
age
447
etag
W/"eeeb10fbb8e6fc7fff11277347add08a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 5cd60f530cdafe284762767565aa2747.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
J_MTD13RTFKFsNR-6tl0v0moM0WIoyTKDXOVvFGHN7oB8F-ZqpprrA==
collect
www.google-analytics.com/j/ 		4 B
76 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=294866117&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ledger-enquirer.com%2F&dh=ledger-enquirer.com&ul=en-us&de=UTF-8&dt=Home%3A%20Homepage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YFDAAAABCAAAAC~&jid=1273027236&gjid=427843720&cid=1905019986.1616019235&tid=UA-48280669-1&_gid=45953719.1616019235&_r=1&_slc=1&cd1=LED&cd2=Ledger-Enquirer&cd3=Home&cd4=_HomePage%7C%7C%7C%7C&cd5=Unregistered&cd6=Homepage&cg1=Ledger-Enquirer&cg2=Homepage&z=1726554396
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:13:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ledger-enquirer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=294866117&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ledger-enquirer.com%2F&dh=ledger-enquirer.com&ul=en-us&de=UTF-8&dt=Home%3A%20Homepage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YFDAAAABCAAAAC~&jid=203759855&gjid=888046039&cid=1905019986.1616019235&tid=UA-48280268-1&_gid=45953719.1616019235&_r=1&_slc=1&cd1=LED&cd2=Ledger-Enquirer&cd3=Home&cd4=_HomePage%7C%7C%7C%7C&cd5=Unregistered&cd6=Homepage&cg1=Ledger-Enquirer&cg2=Homepage&z=656139838
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:13:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ledger-enquirer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
6241332640001
edge.api.brightcove.com/playback/v1/accounts/5615998039001/videos/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://edge.api.brightcove.com/playback/v1/accounts/5615998039001/videos/6241332640001
Protocol
HTTP/1.1
Server
13.226.157.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-157-31.dus51.r.cloudfront.net
Software
Varnish /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
accept
Origin
https://www.ledger-enquirer.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Length
0
Connection
keep-alive
Server
Varnish
Retry-After
0
access-control-max-age
86400
Accept-Ranges
bytes
Date
Wed, 17 Mar 2021 22:13:54 GMT
Via
1.1 varnish, 1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
X-Served-By
cache-fra19139-FRA
X-Cache-Hits
0
X-Timer
S1616019235.951182,VS0,VE0
BCOV-Debug-Cache-Stats
unknown
BCOV-instance
unknown
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
Access-Control-Allow-Headers
content-type,accept,accept-language,content-language,bcov-policy,soapaction
Access-Control-Allow-Methods
HEAD,GET,OPTIONS
Cache-Control
max-age=0, no-cache, no-store
X-Cache
Miss from cloudfront
X-Amz-Cf-Pop
DUS51-C1
X-Amz-Cf-Id
9XjzAz3gblKx5BY3BqS0WnOX1Jv1t9jpk54URZV0uJ7yupiOJLoclQ==
6240805087001
edge.api.brightcove.com/playback/v1/accounts/5615998039001/videos/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://edge.api.brightcove.com/playback/v1/accounts/5615998039001/videos/6240805087001
Protocol
HTTP/1.1
Server
13.226.157.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-157-31.dus51.r.cloudfront.net
Software
Varnish /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
accept
Origin
https://www.ledger-enquirer.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Length
0
Connection
keep-alive
Server
Varnish
Retry-After
0
access-control-max-age
86400
Accept-Ranges
bytes
Date
Wed, 17 Mar 2021 22:13:54 GMT
Via
1.1 varnish, 1.1 4ba9d3779ca8afc198240a34dffb07c4.cloudfront.net (CloudFront)
X-Served-By
cache-fra19148-FRA
X-Cache-Hits
0
X-Timer
S1616019235.957675,VS0,VE0
BCOV-Debug-Cache-Stats
unknown
BCOV-instance
unknown
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
Access-Control-Allow-Headers
content-type,accept,accept-language,content-language,bcov-policy,soapaction
Access-Control-Allow-Methods
HEAD,GET,OPTIONS
Cache-Control
max-age=0, no-cache, no-store
X-Cache
Miss from cloudfront
X-Amz-Cf-Pop
DUS51-C1
X-Amz-Cf-Id
v86CpfjoRc2qxmkTvKHlli1m0dbfTwI52Sm326F3L_lIwOFL4rqWOw==
6240973164001
edge.api.brightcove.com/playback/v1/accounts/5615998039001/videos/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://edge.api.brightcove.com/playback/v1/accounts/5615998039001/videos/6240973164001
Protocol
HTTP/1.1
Server
13.226.157.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-157-31.dus51.r.cloudfront.net
Software
Varnish /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
accept
Origin
https://www.ledger-enquirer.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Length
0
Connection
keep-alive
Server
Varnish
Retry-After
0
access-control-max-age
86400
Accept-Ranges
bytes
Date
Wed, 17 Mar 2021 22:13:54 GMT
Via
1.1 varnish, 1.1 0c17d43ed0068cac968c920774378b84.cloudfront.net (CloudFront)
X-Served-By
cache-fra19162-FRA
X-Cache-Hits
0
X-Timer
S1616019235.954663,VS0,VE0
BCOV-Debug-Cache-Stats
unknown
BCOV-instance
unknown
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
Access-Control-Allow-Headers
content-type,accept,accept-language,content-language,bcov-policy,soapaction
Access-Control-Allow-Methods
HEAD,GET,OPTIONS
Cache-Control
max-age=0, no-cache, no-store
X-Cache
Miss from cloudfront
X-Amz-Cf-Pop
DUS51-C1
X-Amz-Cf-Id
uUNZMTKw9HaL-dO46W-3eemWJHu2tEqk1K8HKPCQ8amOT48-l5cezw==
6241332640001
edge.api.brightcove.com/playback/v1/accounts/5615998039001/videos/ 		8 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://edge.api.brightcove.com/playback/v1/accounts/5615998039001/videos/6241332640001
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/wps/build/webpack/videoStory.bundle-667b380d20e928f31b53.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.157.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-157-31.dus51.r.cloudfront.net
Software
/
Resource Hash
68f223f9012a4dd8a6f66843682558f528ccb7c7d49df114df05bbabe4ae9855

Request headers

Accept
application/json;pk=BCpkADawqM0sp145AC-QwP_tQKDZlotCXhflzjJRknNv0M0UAJ87jO9uKYv8yX3bzCFkVO003US-zLSCuwAEeUoGk5BoNtoRl4X6o9hrJIzUwH2N7WHWpY43noJneot5pzllN8zRsHLaa5Lx
Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:13:54 GMT
Powered-From
eu-central-1a
Bcov-Request-Id
c57cc464-2d88-464e-9226-2d3befcd0dff
Age
4525
Policy-Key-Accountid
5615998039001
X-Cache
Miss from cloudfront
Connection
keep-alive
Powered-By
BC
Content-Length
7683
Via
1.1 varnish, 1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
X-Served-By
cache-fra19124-FRA
BCOV-instance
unknown
Policy-Key-Raw
BCpkADawqM0sp145AC-QwP_tQKDZlotCXhflzjJRknNv0M0UAJ87jO9uKYv8yX3bzCFkVO003US-zLSCuwAEeUoGk5BoNtoRl4X6o9hrJIzUwH2N7WHWpY43noJneot5pzllN8zRsHLaa5Lx
X-Timer
S1616019235.985728,VS0,VE3
Access-Control-Allow-Methods
HEAD,GET,OPTIONS
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
Cache-Control
max-age=0, no-cache, no-store
Account-Status
APPROVED
BCOV-Debug-Cache-Stats
unknown
X-Amz-Cf-Pop
DUS51-C1
Accept-Ranges
bytes
Access-Control-Allow-Headers
content-type,accept,accept-language,content-language,bcov-policy,soapaction
X-Amz-Cf-Id
wjgk4SQhS_Ar5KGytNBAaJ0oQwm8zyTKh1ohrTJ8NlhZSBgXLoM0Dw==
X-Cache-Hits
1
6240805087001
edge.api.brightcove.com/playback/v1/accounts/5615998039001/videos/ 		8 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://edge.api.brightcove.com/playback/v1/accounts/5615998039001/videos/6240805087001
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/wps/build/webpack/videoStory.bundle-667b380d20e928f31b53.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.157.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-157-31.dus51.r.cloudfront.net
Software
/
Resource Hash
68ec0453e1ea9d060200872881a65d6773b10505642f42e387f3abb2f2a0aecc

Request headers

Accept
application/json;pk=BCpkADawqM0sp145AC-QwP_tQKDZlotCXhflzjJRknNv0M0UAJ87jO9uKYv8yX3bzCFkVO003US-zLSCuwAEeUoGk5BoNtoRl4X6o9hrJIzUwH2N7WHWpY43noJneot5pzllN8zRsHLaa5Lx
Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:13:54 GMT
Powered-From
eu-central-1b
Bcov-Request-Id
9acd036f-fb32-41fc-9c8f-6f999fd29fe1
Age
2570
Policy-Key-Accountid
5615998039001
X-Cache
Miss from cloudfront
Connection
keep-alive
Powered-By
BC
Content-Length
7822
Via
1.1 varnish, 1.1 4ba9d3779ca8afc198240a34dffb07c4.cloudfront.net (CloudFront)
X-Served-By
cache-fra19183-FRA
BCOV-instance
unknown
Policy-Key-Raw
BCpkADawqM0sp145AC-QwP_tQKDZlotCXhflzjJRknNv0M0UAJ87jO9uKYv8yX3bzCFkVO003US-zLSCuwAEeUoGk5BoNtoRl4X6o9hrJIzUwH2N7WHWpY43noJneot5pzllN8zRsHLaa5Lx
X-Timer
S1616019235.992095,VS0,VE1
Access-Control-Allow-Methods
HEAD,GET,OPTIONS
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
Cache-Control
max-age=0, no-cache, no-store
Account-Status
APPROVED
BCOV-Debug-Cache-Stats
unknown
X-Amz-Cf-Pop
DUS51-C1
Accept-Ranges
bytes
Access-Control-Allow-Headers
content-type,accept,accept-language,content-language,bcov-policy,soapaction
X-Amz-Cf-Id
kiTIPOazuAFHzM2BCPUgefV59AvtN1lhPKYCOFkkhWFEobKy4OfqRQ==
X-Cache-Hits
1
6240973164001
edge.api.brightcove.com/playback/v1/accounts/5615998039001/videos/ 		8 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://edge.api.brightcove.com/playback/v1/accounts/5615998039001/videos/6240973164001
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/wps/build/webpack/videoStory.bundle-667b380d20e928f31b53.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.157.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-157-31.dus51.r.cloudfront.net
Software
/
Resource Hash
7d10a7504a79b23cbf299d54e8a88d621d59d21f08e89011894db6661d2184d7

Request headers

Accept
application/json;pk=BCpkADawqM0sp145AC-QwP_tQKDZlotCXhflzjJRknNv0M0UAJ87jO9uKYv8yX3bzCFkVO003US-zLSCuwAEeUoGk5BoNtoRl4X6o9hrJIzUwH2N7WHWpY43noJneot5pzllN8zRsHLaa5Lx
Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:13:55 GMT
Powered-From
eu-central-1b
Bcov-Request-Id
dc4b641d-0904-4b93-a51a-72d2aa9401bb
Age
0
Policy-Key-Accountid
5615998039001
X-Cache
Miss from cloudfront
Connection
keep-alive
Powered-By
BC
Content-Length
8135
Via
1.1 varnish, 1.1 0c17d43ed0068cac968c920774378b84.cloudfront.net (CloudFront)
X-Served-By
cache-fra19178-FRA
BCOV-instance
unknown
Policy-Key-Raw
BCpkADawqM0sp145AC-QwP_tQKDZlotCXhflzjJRknNv0M0UAJ87jO9uKYv8yX3bzCFkVO003US-zLSCuwAEeUoGk5BoNtoRl4X6o9hrJIzUwH2N7WHWpY43noJneot5pzllN8zRsHLaa5Lx
X-Timer
S1616019235.994075,VS0,VE56
Access-Control-Allow-Methods
HEAD,GET,OPTIONS
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
Cache-Control
max-age=0, no-cache, no-store
Account-Status
APPROVED
BCOV-Debug-Cache-Stats
unknown
X-Amz-Cf-Pop
DUS51-C1
Accept-Ranges
bytes
Access-Control-Allow-Headers
content-type,accept,accept-language,content-language,bcov-policy,soapaction
X-Amz-Cf-Id
QgS1lGx9CrxfQtfS4JkgmxfGz6BzwhUkNkkS-v21MSq9FSX-vsqVyQ==
X-Cache-Hits
0
pdp.gif
www.ledger-enquirer.com/static/yozons-lib/ 		42 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ledger-enquirer.com/static/yozons-lib/pdp.gif?k=eyJpZCI6Im1pX2FzX2xlZF81ODQ0ODAyOTQ1MDc3NDU4NzQ3MDI3OTkyNzMzNzE0OTcyOTE3N18xNjE2MDE5MjM0NjgwIiwiZG9tSW50ZXJhY3RpdmUiOjI0NjksImdwdFJlcXVlc3RlZCI6MjM3OCwicmVxdWVzdFN0YXJ0Ijo0MzksInpldXNSZXF1ZXN0ZWQiOjE4MTh9
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
MI /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:55 GMT
x-mi-in-market
0
surrogate-control
varnish=ESI/2.1
mi-cache-age
396978
content-length
42
last-modified
Tue, 09 Mar 2021 14:40:11 GMT
server
MI
etag
"2a-5bd1b870b88c0"
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
x-varnish
688724036, 135760105 780621527
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
false
mi-cache
HIT
content-type
image/gif
access-control-allow-headers
*
p.js
cdn.parsely.com/keys/ledger-enquirer.com/ 		66 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/ledger-enquirer.com/p.js
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/static/yozons-lib/parsely.912a0e80a826a12dc8f2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.206.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-206-118.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
00bac33744984c0b33ac4f0a657ee07fb37aff996779a9bbc2368ddbad45d4d9

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Wed, 17 Mar 2021 15:15:21 GMT
content-encoding
gzip
last-modified
Thu, 18 Feb 2021 19:43:14 GMT
server
nginx
age
25067
etag
W/"602ec352-10719"
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
cache-control
max-age=86400, public
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
I25d8F9i3FgHkW46901WiKERFN49obh9OGvJt39W1rtRnhHOrSypVA==
expires
Thu, 18 Mar 2021 15:15:21 GMT
t
jadserve.postrelease.com/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.ledger-enquirer.com%2F&ntv_mvi&us_privacy=1---
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.183.218.81 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
cdeb2d8d66421813fc60686d765bb8da830d38f0377c87bc3f75679489d2194e

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:13:55 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
2744
expires
Mon, 1 Jan 1990 12:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-48280669-1&cid=1905019986.1616019235&jid=1273027236&gjid=427843720&_gid=45953719.1616019235&_u=YFDAAAAACAAAAC~&z=687507625
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 17 Mar 2021 22:13:54 GMT
content-type
text/plain
access-control-allow-origin
https://www.ledger-enquirer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 284C 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.ledger-enquirer.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ledger-enquirer.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=110072
Expires
Fri, 19 Mar 2021 04:48:26 GMT
Date
Wed, 17 Mar 2021 22:13:54 GMT
Connection
keep-alive
Vary
Accept-Encoding
en.json
cdn.cookielaw.org/consent/8a234c1f-815c-45c5-971b-bb6ec9dfb3b8/0e95dc32-54e6-46f1-96fa-56201f4a1ac5/ 		67 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/8a234c1f-815c-45c5-971b-bb6ec9dfb3b8/0e95dc32-54e6-46f1-96fa-56201f4a1ac5/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
128a429bcdea21cf0c6b5e6bb6695eefa441f50999cfb49e399cf2e3fe74e282
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 17 Mar 2021 22:13:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Oms6PWhXv5eQTuOAvDDr7g==
age
7073
vary
Accept-Encoding
content-length
11854
cf-request-id
08e3d9b8a500001f4508082000000001
x-ms-lease-status
unlocked
last-modified
Thu, 20 Aug 2020 16:31:18 GMT
server
cloudflare
etag
0x8D84526771DA87D
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
0f01151c-d01e-0098-4ba9-b456d9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6319923aaab41f45-FRA
beacon.js
sb.scorecardresearch.com/ Frame 3688 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.53.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-53-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:13:55 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
884
Expires
Thu, 18 Mar 2021 22:13:55 GMT
/
lasteventf-tm.everesttech.net/ 		0
139 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lasteventf-tm.everesttech.net/?_les_imsOrgId=3B6E35F15A82BBB00A495D91@AdobeOrg&_les_sdid=33D83829790A9FD5-398FEA56DD225CD7&_les_last_search_click=&_les_rsid=mccltallmcclatchy&_les_mid=58448029450774587470279927337149729177&_les_url=https%3A%2F%2Fwww.ledger-enquirer.com%2F
Requested by
Host: media.ledger-enquirer.com
URL: https://media.ledger-enquirer.com/mistats/products/escenic_s_code.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:55 GMT
via
1.1 varnish
server
Varnish
x-timer
S1616019235.015461,VS0,VE0
x-cache
MISS
content-type
text/plain
access-control-allow-origin
https://www.ledger-enquirer.com
access-control-allow-credentials
true
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-fra19146-FRA
ga-audiences
www.google.com/ads/ 		42 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-48280669-1&cid=1905019986.1616019235&jid=1273027236&_u=YFDAAAAACAAAAC~&z=1397295707
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:13:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-48280669-1&cid=1905019986.1616019235&jid=1273027236&_u=YFDAAAAACAAAAC~&z=1397295707
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:13:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&url=https%3A%2F%2Fwww.ledger-enquirer.com%2F&page=Southeast%20Breaking%20News%2C%20Sports%20%26%20Crime%20%7C%20%20Columbus%20Ledger-Enquirer&sec=Homepage&prem=0&ptype=Home&tv=js-2.2.18-e&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tid=75a74237-2011-40f4-8504-8998ba473d15&pid=7693fcfc-23cf-4979-a1b9-78e8504363c3&dtm=1616019235024&qnm=_matherq&vp=1600x1200&ds=1600x5930&tofa=1616019235&vid=1&duid=b9da8df487cd7fed&fp=99543720&cid=ma12095&mrk=74930901&cx=eyJjYXRlZ29yeSI6eyJjYXRlZ29yaWVzIjpbWyJfSG9tZVBhZ2V8fHx8Il1dfSwicGVyZiI6eyJzdGFydCI6IjE2MTYwMTkyMzIwOTkiLCJyZWRpckNudCI6IjAiLCJuYXZUeXBlIjoibGluayIsImhlYXBVIjoiMjMuMW1iIiwiaGVhcFQiOiIyNC41bWIiLCJmZXRjaFMiOiIzNjQiLCJkb21haW5TIjoiMzY1IiwiZG9tYWluRSI6IjM2NiIsImNvbm5TIjoiMzY2IiwiY29ubkUiOiI0MzkiLCJzc2xTIjoiMzg1IiwicmVxdVMiOiI0MzkiLCJyZXNwUyI6IjExNTYiLCJyZXNwRSI6IjExNzgiLCJkb21Mb2FkIjoiMTE1OSIsImRvbUludGVyIjoiMjQ2OSIsImRvbUxvYWRTIjoiMjU0MCIsImRvbUxvYWRFIjoiMjU1NyJ9LCJrZXl3b3JkcyI6WyJOZXdzIiwiQ29sdW1idXMiLCJMZWRnZXItRW5xdWlyZXIiLCJHQSIsIkdlb3JnaWEiLCJoZWFkbGluZSIsInN0b3JpZXMiLCJhcnRpY2xlcyIsIm9waW5pb24iLCJuZXdzcGFwZXIiXX0
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.168.95.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:13:55 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
Test_oPS_Script_Loads
sqs.us-east-1.amazonaws.com/397719490216/ 		378 B
658 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sqs.us-east-1.amazonaws.com/397719490216/Test_oPS_Script_Loads?Action=SendMessage&MessageBody=cid%3D11%26bt%3Dnull
Requested by
Host: d15kdpgjg3unno.cloudfront.net
URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
3.236.169.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
277c533808a5f17a6c0fbdb71b7bfe1b9c6f112ed281beac7bcf4bad7378a9ad

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 17 Mar 2021 22:13:55 GMT
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-RequestId
cf193b10-687a-5283-adac-63dce919396e
Content-Length
378
Content-Type
text/xml
pixel;r=1569767543;labels=LED;rf=0;a=p-50B2Fi6bBqYto;url=https%3A%2F%2Fwww.ledger-enquirer.com%2F;uht=2;fpan=1;fpa=P0-7859657-1616019235038;ns=0;ce=1;qjs=1;qv=e576aef5-20210317211205;cm=;gdpr=0;ref...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1569767543;labels=LED;rf=0;a=p-50B2Fi6bBqYto;url=https%3A%2F%2Fwww.ledger-enquirer.com%2F;uht=2;fpan=1;fpa=P0-7859657-1616019235038;ns=0;ce=1;qjs=1;qv=e576aef5-20210317211205;cm=;gdpr=0;ref=;d=ledger-enquirer.com;je=0;sr=1600x1200x24;dst=1;et=1616019235038;tzo=-60;ogl=site_name.Columbus%20Ledger-Enquirer%2Ctitle.Southeast%20Breaking%20News%252C%20Sports%20%26%20Crime%20%7C%20%20Columbus%20Ledger-Enquirer%2Cimage.https%3A%2F%2Fwww%252Eledger-enquirer%252Ecom%2Fwps%2Fbuild%2Fimages%2Fledger-enquirer%2Ffacebook%252Ejpg
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:13:55 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
geo.rlcdn.com/ 		119 B
343 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.rlcdn.com/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
f6f4b4586d702093c9cc07e981206978d58633f46da7c721f46513d4dcc71b11

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:55 GMT
content-encoding
gzip
etag
W/"77-cXC7RsophzXiswRXM3nplIMkqBo"
server
Google Frontend
x-powered-by
Express
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
557d3e2e7949077fe6bee5b553a3dde1
cache-control
private
content-length
129
wrap.js
confiant-integrations.global.ssl.fastly.net/gpt/202103091517/ 		195 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gpt/202103091517/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/awMxVZLpNW6K6EG6WC5S8oR_a68/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
98c6e0838ef56e75a3d90be996ca6e47d87483fb9d7b4148cdd56acb7b133cb8

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:13:55 GMT
Content-Encoding
gzip
Age
159
X-Cache
HIT
Connection
keep-alive
Content-Length
59634
x-amz-id-2
X9eB/rBuE11zvNDBkCysOumOCqGpd225qj4WHKhJgF4kURlW2pTC10D8Ky5ExNZmxnIuJQpnPpo=
X-Served-By
cache-hhn4031-HHN
Last-Modified
Tue, 09 Mar 2021 20:18:13 GMT
Server
AmazonS3
X-Timer
S1616019235.111539,VS0,VE0
ETag
"ac59bed9604ac24662a02b9b73fcedfa"
x-amz-request-id
VQWR4RSSA137YCVQ
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
119
prebid
ib.adnxs.com/ut/v3/ 		19 B
722 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: mcclatchy-ledger-enquirer.zeustechnology.com
URL: https://mcclatchy-ledger-enquirer.zeustechnology.com/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 22:13:55 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.56:80
AN-X-Request-Uuid
bc2d6356-f0a3-43c9-87c4-297c7a92d153
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.ledger-enquirer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=105&profileId=184&cb=39703567656
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.ledger-enquirer.com
date
Wed, 17 Mar 2021 22:13:54 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
arj
mcclatchy-d.openx.net/w/1.0/
Redirect Chain
  • https://mcclatchy-d.openx.net/w/1.0/arj?auid=541284220,541284239&aus=970x250,728x90,960x30,970x90|300x250,300x600&bc=hb_dyn_wapo&be=1&ch=UTF-8&ju=https%3A%2F%2Fwww.ledger-enquirer.com%2F&res=1600x1...
  • https://mcclatchy-d.openx.net/w/1.0/arj?cc=1&auid=541284220,541284239&aus=970x250,728x90,960x30,970x90|300x250,300x600&bc=hb_dyn_wapo&be=1&ch=UTF-8&ju=https%3A%2F%2Fwww.ledger-enquirer.com%2F&res=1...
191 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcclatchy-d.openx.net/w/1.0/arj?cc=1&auid=541284220,541284239&aus=970x250,728x90,960x30,970x90|300x250,300x600&bc=hb_dyn_wapo&be=1&ch=UTF-8&ju=https%3A%2F%2Fwww.ledger-enquirer.com%2F&res=1600x1200x24&tz=-60&nocache=1616019235126&us_privacy=1---
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
1b5173389eacc0574e4d0814ffd99f5bfffcd41a38a88cdb74b770a08ac9dc5b

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:13:55 GMT
content-encoding
gzip
server
OXGW/16.203.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.ledger-enquirer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
178
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Wed, 17 Mar 2021 22:13:55 GMT
via
1.1 google
server
OXGW/16.203.0
location
https://mcclatchy-d.openx.net/w/1.0/arj?cc=1&auid=541284220,541284239&aus=970x250,728x90,960x30,970x90|300x250,300x600&bc=hb_dyn_wapo&be=1&ch=UTF-8&ju=https%3A%2F%2Fwww.ledger-enquirer.com%2F&res=1600x1200x24&tz=-60&nocache=1616019235126&us_privacy=1---
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.ledger-enquirer.com
access-control-allow-credentials
true
alt-svc
clear
content-length
0
translator
hbopenbid.pubmatic.com/ 		0
122 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=zeus_client
Requested by
Host: mcclatchy-ledger-enquirer.zeustechnology.com
URL: https://mcclatchy-ledger-enquirer.zeustechnology.com/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.ledger-enquirer.com
date
Wed, 17 Mar 2021 22:13:54 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		347 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=6291&site_id=80306&tk_flint=custom&slots=2&size_id=2%3B15&alt_size_ids=55%2C57%3B10&zone_id=493134%3B493134&rp_floor=0.01&us_privacy=1---
Requested by
Host: mcclatchy-ledger-enquirer.zeustechnology.com
URL: https://mcclatchy-ledger-enquirer.zeustechnology.com/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.51 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
322d684cc42c48a357096fd026e2d8fb670961457699f2d3a87c1d97187af2f2

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 22:13:55 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.ledger-enquirer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
347
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		133 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.ledger-enquirer.com%2F&pid=fOkjKknERHBmK&cb=0&ws=1600x1200&v=7.60.00&t=1000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%2C%22960x30%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F7675%2FCLB.site_ledger-enquirer%2F_HomePage%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F7675%2FCLB.site_ledger-enquirer%2F_HomePage%22%7D%5D&cfgv=0&pubid=10f892c4-b76d-4f37-b1fd-0ae5d74780b5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
Server /
Resource Hash
6cc64cc7fbad9db59f8f8575dc1ba336d8757e7ef4c7c22bc503df6c4eef1a2c

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:55 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
DUS51-C1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.ledger-enquirer.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
136
via
1.1 8033f9c6b87a03b2eca7c2db5157e10e.cloudfront.net (CloudFront)
x-amz-cf-id
pjSh7g5GzZpEteRJ7LevGQ9prnnjlKvDTBHZhU8ec6ltGKzvrexkMw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Z_m26sDjicOoQtCCmuJEtOsMPnFQWWIm
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
55788
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Sat, 06 Mar 2021 01:32:40 GMT
server
AmazonS3
date
Wed, 17 Mar 2021 06:44:08 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
0V5NNbHQ0idE9I8w58SoCjOUm_OZzRr615vWtxv77v7DzN7JxfLWzw==
styles__ltr.css
www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/ Frame 69C6 		50 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCJGUUAAAAADAmkD2iQN_k8a6FCpgo2VBei6su&co=aHR0cHM6Ly93d3cubGVkZ2VyLWVucXVpcmVyLmNvbTo0NDM.&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=invisible&badge=inline&cb=5db33x9b3f07
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 21:01:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 04:05:18 GMT
server
sffe
age
4339
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25479
x-xss-protection
0
expires
Thu, 17 Mar 2022 21:01:36 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/ Frame 69C6 		331 KB
332 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCJGUUAAAAADAmkD2iQN_k8a6FCpgo2VBei6su&co=aHR0cHM6Ly93d3cubGVkZ2VyLWVucXVpcmVyLmNvbTo0NDM.&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=invisible&badge=inline&cb=5db33x9b3f07
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6fcdd11c229160158b2399cfc0524bd1712b0b24e86e9d3432e5eec78d9e518
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 13:51:31 GMT
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 04:05:18 GMT
server
sffe
age
30144
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
339223
x-xss-protection
0
expires
Thu, 17 Mar 2022 13:51:31 GMT
AGSKWxXIhNNV0dTbCiTlkjFmsUicHV3o2LP4lgT6GJX5ReT_D580zpCfPHnLnDm0fmfTNAh6gjQeEWkAUgUgNErd
fundingchoicesmessages.google.com/l/ 		0
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/l/AGSKWxXIhNNV0dTbCiTlkjFmsUicHV3o2LP4lgT6GJX5ReT_D580zpCfPHnLnDm0fmfTNAh6gjQeEWkAUgUgNErd?pvid=0A5E6A49-23FC-47AC-8B9C-300F3A4C8FAA&anonid=BB17696A-DDA3-435B-9260-6FEB31F3BEB8
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.zUv7DEBvr4M.es5.O/d=1/ct=zgms/rs=AJlcJMzCejMjcXp50qXTa7C3V7r0i61B_Q/m=loader_js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gM+B+eYArhbXCSAa+ynICw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-gM+B+eYArhbXCSAa+ynICw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 17 Mar 2021 22:13:55 GMT
x-content-type-options
nosniff
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.ledger-enquirer.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
origin-trial
AmWWqEiPtRKXiIreUsgUyNMptDcKdmLPlGI32DPZjDKK+yBAUi7+FT3r/9RpkTnzHyXYUWiPfirCGMg3Ogzc7gMAAAB3eyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjE0MTI0Nzk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
content-security-policy
script-src 'report-sample' 'nonce-gM+B+eYArhbXCSAa+ynICw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-gM+B+eYArhbXCSAa+ynICw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXIhNNV0dTbCiTlkjFmsUicHV3o2LP4lgT6GJX5ReT_D580zpCfPHnLnDm0fmfTNAh6gjQeEWkAUgUgNErd
fundingchoicesmessages.google.com/l/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/l/AGSKWxXIhNNV0dTbCiTlkjFmsUicHV3o2LP4lgT6GJX5ReT_D580zpCfPHnLnDm0fmfTNAh6gjQeEWkAUgUgNErd?pvid=0A5E6A49-23FC-47AC-8B9C-300F3A4C8FAA&anonid=BB17696A-DDA3-435B-9260-6FEB31F3BEB8
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.zUv7DEBvr4M.es5.O/d=1/ct=zgms/rs=AJlcJMzCejMjcXp50qXTa7C3V7r0i61B_Q/m=loader_js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-st9UPKkNFmQ5GsoKWjw5ZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-st9UPKkNFmQ5GsoKWjw5ZA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 17 Mar 2021 22:13:55 GMT
x-content-type-options
nosniff
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.ledger-enquirer.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
origin-trial
AmWWqEiPtRKXiIreUsgUyNMptDcKdmLPlGI32DPZjDKK+yBAUi7+FT3r/9RpkTnzHyXYUWiPfirCGMg3Ogzc7gMAAAB3eyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjE0MTI0Nzk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
content-security-policy
script-src 'report-sample' 'nonce-st9UPKkNFmQ5GsoKWjw5ZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-st9UPKkNFmQ5GsoKWjw5ZA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXIhNNV0dTbCiTlkjFmsUicHV3o2LP4lgT6GJX5ReT_D580zpCfPHnLnDm0fmfTNAh6gjQeEWkAUgUgNErd
fundingchoicesmessages.google.com/l/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/l/AGSKWxXIhNNV0dTbCiTlkjFmsUicHV3o2LP4lgT6GJX5ReT_D580zpCfPHnLnDm0fmfTNAh6gjQeEWkAUgUgNErd?pvid=0A5E6A49-23FC-47AC-8B9C-300F3A4C8FAA&anonid=BB17696A-DDA3-435B-9260-6FEB31F3BEB8
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.zUv7DEBvr4M.es5.O/d=1/ct=zgms/rs=AJlcJMzCejMjcXp50qXTa7C3V7r0i61B_Q/m=loader_js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-P0GqUIlERvnyi6H8jouqsQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-P0GqUIlERvnyi6H8jouqsQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 17 Mar 2021 22:13:55 GMT
x-content-type-options
nosniff
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.ledger-enquirer.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
origin-trial
AmWWqEiPtRKXiIreUsgUyNMptDcKdmLPlGI32DPZjDKK+yBAUi7+FT3r/9RpkTnzHyXYUWiPfirCGMg3Ogzc7gMAAAB3eyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjE0MTI0Nzk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
content-security-policy
script-src 'report-sample' 'nonce-P0GqUIlERvnyi6H8jouqsQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-P0GqUIlERvnyi6H8jouqsQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWSXKtsr6m5EubZEKeOcqzOAC_brTq-qD40JvEGvz1l3hauWxEBigesUXNLXZSU3Fg-RPbzm-iIADTZD0xQ
fundingchoicesmessages.google.com/f/ 		78 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWSXKtsr6m5EubZEKeOcqzOAC_brTq-qD40JvEGvz1l3hauWxEBigesUXNLXZSU3Fg-RPbzm-iIADTZD0xQ?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjE2MDE5MjM1LDIzNTAwMDAwMF0sIjBBNUU2QTQ5LTIzRkMtNDdBQy04QjlDLTMwMEYzQTRDOEZBQSIsIkJCMTc2OTZBLUREQTMtNDM1Qi05MjYwLTZGRUIzMUYzQkVCOCIsbnVsbCxbbnVsbCxbN11dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.zUv7DEBvr4M.es5.O/d=1/ct=zgms/rs=AJlcJMzCejMjcXp50qXTa7C3V7r0i61B_Q/m=loader_js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fc3442f9b25c4d3e4f1a5e370459cfc4afdf730e94a68be11e084d1d3682c7f8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HmNJvazGZrEP9B0gYC10yw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-HmNJvazGZrEP9B0gYC10yw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:13:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
origin-trial
AmWWqEiPtRKXiIreUsgUyNMptDcKdmLPlGI32DPZjDKK+yBAUi7+FT3r/9RpkTnzHyXYUWiPfirCGMg3Ogzc7gMAAAB3eyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjE0MTI0Nzk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-HmNJvazGZrEP9B0gYC10yw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-HmNJvazGZrEP9B0gYC10yw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXIhNNV0dTbCiTlkjFmsUicHV3o2LP4lgT6GJX5ReT_D580zpCfPHnLnDm0fmfTNAh6gjQeEWkAUgUgNErd
fundingchoicesmessages.google.com/l/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/l/AGSKWxXIhNNV0dTbCiTlkjFmsUicHV3o2LP4lgT6GJX5ReT_D580zpCfPHnLnDm0fmfTNAh6gjQeEWkAUgUgNErd?pvid=0A5E6A49-23FC-47AC-8B9C-300F3A4C8FAA&anonid=BB17696A-DDA3-435B-9260-6FEB31F3BEB8
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.zUv7DEBvr4M.es5.O/d=1/ct=zgms/rs=AJlcJMzCejMjcXp50qXTa7C3V7r0i61B_Q/m=loader_js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TfjeDLChJ7FhEz3PZhVaKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-TfjeDLChJ7FhEz3PZhVaKA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 17 Mar 2021 22:13:55 GMT
x-content-type-options
nosniff
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.ledger-enquirer.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
origin-trial
AmWWqEiPtRKXiIreUsgUyNMptDcKdmLPlGI32DPZjDKK+yBAUi7+FT3r/9RpkTnzHyXYUWiPfirCGMg3Ogzc7gMAAAB3eyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjE0MTI0Nzk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
content-security-policy
script-src 'report-sample' 'nonce-TfjeDLChJ7FhEz3PZhVaKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-TfjeDLChJ7FhEz3PZhVaKA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
id
dpm.demdex.net/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=3B6E35F15A82BBB00A495D91%40AdobeOrg&d_nsid=0&d_mid=58448029450774587470279927337149729177&d_coop_safe=1&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=mcid%0158448029450774587470279927337149729177&ts=1616019235253
Requested by
Host: media.ledger-enquirer.com
URL: https://media.ledger-enquirer.com/mistats/micb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.66.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-66-13.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
9064c98a963ceb9bb6ca03f6ed6894096dc846991b6c52bc7f7c776013cedd8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v090-0cdd441e7.edge-irl1.demdex.com 5.80.7.20210304103356 2ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-TID
rdkSUlb2QDY=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.ledger-enquirer.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
991
Expires
Thu, 01 Jan 1970 00:00:00 GMT
s15132014741871
mcclatchy.sc.omtrdc.net/b/ss/mccltallmcclatchy/10/JS-2.22.0/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcclatchy.sc.omtrdc.net/b/ss/mccltallmcclatchy/10/JS-2.22.0/s15132014741871?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=17%2F2%2F2021%2023%3A13%3A55%203%20-60&cid.&mcid.&id=58448029450774587470279927337149729177&.mcid&.cid&d.&nsid=0&jsonv=1&.d&sdid=33D83829790A9FD5-398FEA56DD225CD7&mid=58448029450774587470279927337149729177&aamlh=6&ce=UTF-8&pageName=D%3Dv4&g=https%3A%2F%2Fwww.ledger-enquirer.com%2F&cc=USD&ch=D%3Dv23&server=D%3Dv24&xact=mi_as_led_58448029450774587470279927337149729177_1616019234680&events=event7%2Cevent62%3D1478&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=D%3Dv54&v1=Unregistered&h1=LED%7CLedger-Enquirer%7C_HomePage%7C%7C%7C%7C%7CHomepage&c2=dev%3Aother&c3=D%3Dv7&v4=Home%3A%20Homepage&c5=meter%3Astorage_unsupported&c6=D%3Dh1&v7=Home&c10=%2F&v10=Nativo%2CNewsletter%20CTA&c11=ecidfailed%3Ano%7Cecidtimeout%3Ano%7Cmicb%3Ayes%7ChasFocus%3Ayes%7Crefresh%3Ano&c12=pageview%3Anormal&v12=no%20referrer&c13=Unregistered&c14=D%3Dv16&c15=dev%3Aother&v15=New&c17=D%3Dv8&c18=D%3Dv15&c20=D%3Dv51&c21=_HomePage&v23=Homepage&v24=ledger-enquirer.com&v25=Homepage&c26=D%3Dv26&v26=LED&c27=D%3Dv27&v27=Ledger-Enquirer&c28=Homepage%3A7065&v30=score%3A9&c33=6%3A13PM&c34=Wednesday&c35=D%3Dv13&c36=D%3Dv10&c39=D%3Dv14&c41=D%3Dv74&v41=_HomePage%7C%7C%7C%7C%7CHomepage&c43=D%3Dv55&c44=Entry%20Page&v45=loggedin%3Ano&c47=escenic%3Adesktop&v48=XT_CreditCardDecline_032320%3A%20Default&c49=D%3Dv12&v50=D%3Dv0&v54=https%3A%2F%2Fwww.ledger-enquirer.com%2F&v55=Entry%20Page&c56=D%3Dv45&c58=core%3Ayes%7Cdl%3Ayes&v71=1&v74=Product%3A%20Escenic&v79=D%3Dmid&v84=1478&v85=Unknown&v90=count%3A0&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=3B6E35F15A82BBB00A495D91%40AdobeOrg&AQE=1
Requested by
Host: media.ledger-enquirer.com
URL: https://media.ledger-enquirer.com/mistats/products/escenic_s_code.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.181.18.61 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-18-61.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
710367e61dfdc0ae141e184d86cc5749199da663162d5aa6d093a7e3361ca592
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-aam-tid
vEJW/ISgTXw=
date
Wed, 17 Mar 2021 22:13:55 GMT
x-content-type-options
nosniff
x-c
main-1434.I637bed.M0-481
p3p
CP="This is not a P3P policy"
content-length
2490
x-xss-protection
1; mode=block
dcs
dcs-prod-irl1-v090-08c1ed468.edge-irl1.demdex.com 5.80.7.20210304103356 7ms (+1ms)
pragma
no-cache
last-modified
Thu, 18 Mar 2021 22:13:55 GMT
server
jag
xserver
anedge-7df884dd44-cqfx2
etag
3470374883952721920-4621787220744723706
vary
*
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Tue, 16 Mar 2021 22:13:55 GMT
pixel_16915f57
www.ledger-enquirer.com/akam/11/ 		0
634 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ledger-enquirer.com/akam/11/pixel_16915f57
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/akam/11/16915f57
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:13:55 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=0, no-cache
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
0
expires
Wed, 17 Mar 2021 22:13:55 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/6.5.0/assets/ 		12 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.5.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 17 Mar 2021 22:13:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
NgHQTHCGWwGmNE0ie37G8A==
age
2551850
vary
Accept-Encoding
content-length
3248
cf-request-id
08e3d9bad100001f454c099000000001
x-ms-lease-status
unlocked
last-modified
Thu, 27 Aug 2020 03:43:16 GMT
server
cloudflare
etag
0x8D84A3B556B9C39
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
3772e8d7-301e-005e-7645-042be5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6319923e1da71f45-FRA
expires
Thu, 25 Mar 2021 22:13:55 GMT
otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.5.0/assets/ 		61 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.5.0/assets/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.5.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f5bf5edcefe950e16d287cdcb9c28690952439098ee0639f4a960fe268ae231
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 17 Mar 2021 22:13:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
ebGLXbyX4UjJx8DgFc7F7g==
age
11638236
vary
Accept-Encoding
content-length
14901
cf-request-id
08e3d9bad200001f456a334000000001
x-ms-lease-status
unlocked
last-modified
Thu, 27 Aug 2020 03:43:17 GMT
server
cloudflare
etag
0x8D84A3B55B1B344
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
9ec1fbae-e01e-0153-49a1-b182bc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6319923e1da81f45-FRA
expires
Thu, 25 Mar 2021 22:13:55 GMT
/
p1.parsely.com/plogger/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1616019235562&plid=2117376&idsite=ledger-enquirer.com&url=https%3A%2F%2Fwww.ledger-enquirer.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22subscriber%22%3Afalse%7D&sid=1&surl=https%3A%2F%2Fwww.ledger-enquirer.com%2F&sref=&sts=1616019235554&slts=0&title=Southeast+Breaking+News%2C+Sports+%26+Crime+%7C+Columbus+Ledger-Enquirer&date=Wed+Mar+17+2021+23%3A13%3A55+GMT%2B0100+(Central+European+Standard+Time)&action=pageview&pvid=92592241&u=pid%3Df58d7ef65af8bb3421ec75c920d62024
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.161.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:13:56 GMT
Cache-Control
no-cache
Last-Modified
Wednesday, 17-Mar-2021 22:13:56 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
video_info
context.iris.tv/ 		126 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://context.iris.tv/video_info?access_token=1d9f05c8b00daddfbffcf5afa8a0691bf6370c0cd9dfc8bc6fb38e13c4474dab&global=GlobalIrisPlayer&client_token=5615998039001&platform_id=6241332640001
Requested by
Host: ovp.iris.tv
URL: https://ovp.iris.tv/libs/context/iris-context.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-106.dus51.r.cloudfront.net
Software
Zer01ne /
Resource Hash
d7f8caccc1ee6725f2e5e893f332c7e688fe74d4603303148be129cc2c658808

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 21:46:39 GMT
via
1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
server
Zer01ne
age
1636
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=3600, stale-while-revalidate=600, stale-if-error=600
x-amz-cf-pop
DUS51-C1
x-robots-tag
noindex, follow
x-amz-cf-id
JULw7S7VZTVVM_H4DcEzVvuruoTTQ0E5VVlAAdni95L2AmWAoBRwug==
video_info
context.iris.tv/ 		113 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://context.iris.tv/video_info?access_token=1d9f05c8b00daddfbffcf5afa8a0691bf6370c0cd9dfc8bc6fb38e13c4474dab&global=GlobalIrisPlayer&client_token=5615998039001&platform_id=6240805087001
Requested by
Host: ovp.iris.tv
URL: https://ovp.iris.tv/libs/context/iris-context.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-106.dus51.r.cloudfront.net
Software
Zer01ne /
Resource Hash
1082d15945df430bc0a0e2b334fca25e58f244cbe8f87d3453994fbe6fe0b6b5

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 21:31:06 GMT
via
1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
server
Zer01ne
age
2569
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=3600, stale-while-revalidate=600, stale-if-error=600
x-amz-cf-pop
DUS51-C1
x-robots-tag
noindex, follow
x-amz-cf-id
Yn6kByEmIDSwDoNb6srNpjQaHRfqDYqE11E-bOvUFlZWqmKJh785zQ==
PugMaster
image6.pubmatic.com/AdServer/ Frame 284C 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=13222275&p=159414&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
cce3e63f916aacd3c749356e9dbb14639dcd368764185cc6803e66c31ad0c190

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:13:55 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
states-vaccinated.json
media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/ 		36 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/states-vaccinated.json
Requested by
Host: media.mcclatchy.com
URL: https://media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/main.0847933d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9038dc56cd08392efb2e6058d48f3adbc453d5fa4e4aae17f4ad11ecb9722bc5

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:13:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Mar 2021 15:00:01 GMT
Server
Apache
ETag
"8fb3-5bdbcbcc1f156"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
max-age=600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7846
us-jhu.json
media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/ 		317 B
973 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/us-jhu.json
Requested by
Host: media.mcclatchy.com
URL: https://media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/main.0847933d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bdd36b3dd514b2b58700994682bb706fb76fd1190fe2bd6e6e6f1e6cd295fad1

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:13:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Mar 2021 22:00:02 GMT
Server
Apache
ETag
"13d-5bdc29ad7e5da"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
max-age=600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
168
events
bidder.criteo.com/csm/ 		0
153 B 		Other
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.ledger-enquirer.com
date
Wed, 17 Mar 2021 22:13:55 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
pixel.gif
static.criteo.net/images/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:55 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 12 Mar 2022 22:13:55 GMT
pixel.gif
static.criteo.net/images/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:55 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 12 Mar 2022 22:13:55 GMT
ibs:dpid=771&dpuuid=CAESEF7jyqQ18qjn78KuqmT9T44&google_cver=1
dpm.demdex.net/ Frame 0BF6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NTg5MTMzMDg2Mjg1MTcwMjkyNDAyMzMxNjU4MjYyNjU5MDY3MzQ=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEF7jyqQ18qjn78KuqmT9T44&google_cver=1?gdpr=0&gdpr_consent=
42 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEF7jyqQ18qjn78KuqmT9T44&google_cver=1?gdpr=0&gdpr_consent=
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.66.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-66-13.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://mcclatchy.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v090-0aa4cc226.edge-irl1.demdex.com 5.80.7.20210304103356 0ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
czvndFs/Seo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:13:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEF7jyqQ18qjn78KuqmT9T44&google_cver=1?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
video_info
context.iris.tv/ 		139 B
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://context.iris.tv/video_info?access_token=1d9f05c8b00daddfbffcf5afa8a0691bf6370c0cd9dfc8bc6fb38e13c4474dab&global=GlobalIrisPlayer&client_token=5615998039001&platform_id=6240973164001
Requested by
Host: ovp.iris.tv
URL: https://ovp.iris.tv/libs/context/iris-context.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-106.dus51.r.cloudfront.net
Software
Zer01ne /
Resource Hash
70a94b61dc64f4e84e55928b6bd57db766cb84a51eab3e9638036fec136347ba

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 21:31:06 GMT
via
1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
server
Zer01ne
age
2568
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=3600, stale-while-revalidate=600, stale-if-error=600
x-amz-cf-pop
DUS51-C1
x-robots-tag
noindex, follow
x-amz-cf-id
_djWiBBRXhk4Rad-h4a7fshx9ccQ-lYExfXGzKlQL0ZREnwACvZdew==
_2xKQbc9DIbjwndoguyGCGx3O9kecy5W0kvVgEU1jhM.js
www.google.com/js/bg/ Frame 69C6 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/_2xKQbc9DIbjwndoguyGCGx3O9kecy5W0kvVgEU1jhM.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff6c4a41b73d0c86e3c2776882ec86086c773bd91e732e56d24bd58045358e13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCJGUUAAAAADAmkD2iQN_k8a6FCpgo2VBei6su&co=aHR0cHM6Ly93d3cubGVkZ2VyLWVucXVpcmVyLmNvbTo0NDM.&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=invisible&badge=inline&cb=5db33x9b3f07
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 21:01:37 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 18:00:00 GMT
server
sffe
age
4338
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5711
x-xss-protection
0
expires
Thu, 17 Mar 2022 21:01:37 GMT
b2
sb.scorecardresearch.com/ Frame 3688
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035363&ns__t=1616019235786&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Southeast%20Breaking%20News%2C%20Sports%20%26%20Crime%20%7C%20Columbus%20Ledger-Enquirer&c7=https...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035363&ns__t=1616019235786&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Southeast%20Breaking%20News%2C%20Sports%20%26%20Crime%20%7C%20Columbus%20Ledger-Enquirer&c7=http...
0
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6035363&ns__t=1616019235786&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Southeast%20Breaking%20News%2C%20Sports%20%26%20Crime%20%7C%20Columbus%20Ledger-Enquirer&c7=https%3A%2F%2Fwww.ledger-enquirer.com%2F&c9=&cs_ak_ss=1
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.53.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-53-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 22:13:55 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=2&c2=6035363&ns__t=1616019235786&ns_c=UTF-8&ns_if=1&cv=3.5&c8=Southeast%20Breaking%20News%2C%20Sports%20%26%20Crime%20%7C%20Columbus%20Ledger-Enquirer&c7=https%3A%2F%2Fwww.ledger-enquirer.com%2F&c9=&cs_ak_ss=1
Pragma
no-cache
Date
Wed, 17 Mar 2021 22:13:55 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame BD84
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_pm-db5_rbd_cnv
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_pm-db5_rbd_cnv&dcc=t
255 B
942 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_pm-db5_rbd_cnv&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
ea068bc08ab847733b3dd8f9a6a110134f56808cda3cbe619947f1d0da3a0579

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.ledger-enquirer.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A19Y1WEbMEAKjkVPDu4kOrU|t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ledger-enquirer.com/

Response headers

Server
Server
Date
Wed, 17 Mar 2021 22:13:56 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
205
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie
ad-id=A19Y1WEbMEAKjkVPDu4kOrU; Domain=.amazon-adsystem.com; Expires=Fri, 01-Oct-2021 22:13:56 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Apr-2026 22:13:56 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip

Redirect headers

Server
Server
Date
Wed, 17 Mar 2021 22:13:56 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_pm-db5_rbd_cnv&dcc=t
Set-Cookie
ad-id=A19Y1WEbMEAKjkVPDu4kOrU|t; Domain=.amazon-adsystem.com; Expires=Fri, 01-Oct-2021 22:13:55 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
User-Agent
identity
api.rlcdn.com/api/ 		0
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185522-76365265602189.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 17 Mar 2021 22:13:55 GMT
via
1.1 google
alt-svc
clear
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.ledger-enquirer.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
rid
match.adsrvr.org/track/ 		109 B
549 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=185522
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185522-76365265602189.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.21.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-21-183.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5e750872034fd046688fe77c3d9b4c4d7f49b80922f066acc84196137c7500df

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 17 Mar 2021 22:13:55 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ledger-enquirer.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Fri, 16 Apr 2021 22:13:55 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 69C6 		102 B
240 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCJGUUAAAAADAmkD2iQN_k8a6FCpgo2VBei6su&co=aHR0cHM6Ly93d3cubGVkZ2VyLWVucXVpcmVyLmNvbTo0NDM.&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=invisible&badge=inline&cb=5db33x9b3f07
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9c2464add3c699d2be6d7ec889eed8d56ff71327ce4fc9e43955cea79b117fce
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCJGUUAAAAADAmkD2iQN_k8a6FCpgo2VBei6su&co=aHR0cHM6Ly93d3cubGVkZ2VyLWVucXVpcmVyLmNvbTo0NDM.&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=invisible&badge=inline&cb=5db33x9b3f07
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Wed, 17 Mar 2021 22:13:55 GMT
pixel
cm.g.doubleclick.net/ Frame 0BF6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUZKLUlnQUFBSmdITHhOZw==
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUZKLUlnQUFBSmdITHhOZw==
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mcclatchy.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:13:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:13:55 GMT
via
1.1 varnish
server
Varnish
x-timer
S1616019236.949401,VS0,VE0
x-served-by
cache-fra19146-FRA
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUZKLUlnQUFBSmdITHhOZw==
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
master.m3u8
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998039001/7b5a5923-dcf8-4513-9563-b1c5bc13b08b/10s/ 		6 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998039001/7b5a5923-dcf8-4513-9563-b1c5bc13b08b/10s/master.m3u8?fastly_token=NjA3NzViYTBfNmU3ZDdlZDgzMmQxMDc5NGM2NWVhZTM2NWM2YWUyZjZkMjI0NmM3YjhjNzJlZGJkMjVmOWZiYTlhNDQ0OGQ5OQ%3D%3D
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/wps/build/webpack/videoStory.bundle-667b380d20e928f31b53.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ BC
Resource Hash
a635edb59bf760273dcbb4d04e091987e2496addfde69f2c095bf32a3c9606a6

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:56 GMT
via
1.1 varnish
age
0
x-powered-by
BC
x-cache
MISS
x-bolt-device-group
desktop-chrome
content-length
6588
x-served-by
cache-hhn4067-HHN
x-device-group
desktop-chrome
x-timer
S1616019236.977612,VS0,VE38
x-powered-from
gantry
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Server,Range,Content-Length,Content-Range
cache-control
s-maxage=1209600, max-age=1209600
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits
0
master.m3u8
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998039001/7b07104a-6a61-4dfb-a2fb-82eafe4054e1/10s/ 		6 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998039001/7b07104a-6a61-4dfb-a2fb-82eafe4054e1/10s/master.m3u8?fastly_token=NjA3NzYzMTdfNjQ2NDE4MGE2OTczYjNlNzFlYjYwNDQ5ZDA0M2Q2NzQ4MGI2ODk3NDdiNmVjOWMwZjkzZjljOWQ0NDQwMDMzOA%3D%3D
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/wps/build/webpack/videoStory.bundle-667b380d20e928f31b53.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ BC
Resource Hash
8fe14fba4b350b94412bdee5915a3711f88aede515d05c24c425b3e3bb564ed0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:56 GMT
via
1.1 varnish
age
0
x-powered-by
BC
x-cache
MISS
x-bolt-device-group
desktop-chrome
content-length
6588
x-served-by
cache-hhn4067-HHN
x-device-group
desktop-chrome
x-timer
S1616019236.977581,VS0,VE44
x-powered-from
gantry
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Server,Range,Content-Length,Content-Range
cache-control
s-maxage=1209600, max-age=1209600
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits
0
usersync.aspx
dis.criteo.com/dis/ Frame F18C 		43 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=13222275&p=159414&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Wed, 17 Mar 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1243
x-powered-by
ASP.NET
date
Wed, 17 Mar 2021 22:13:55 GMT
content-length
43
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame C528
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5253690073884644860
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5253690073884644860
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=13222275&p=159414&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=159414:2; KADUSERCOOKIE=689FC59C-276B-4C0B-B3E6-90C744AEB308; chkChromeAb67Sec=1; DPSync3=1617148800%3A221_201_227_226; SyncRTB3=1617148800%3A7_161_13_54_56_3_220_21%7C1616803200%3A63%7C1617235200%3A35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Wed, 17 Mar 2021 22:13:56 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_336=5844-5253690073884644860; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 16-Apr-2021 22:13:56 GMT; path=/ PugT=1616019236; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 16-Apr-2021 22:13:56 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 15-Jun-2021 22:13:56 GMT; path=/
X-lat
lhrpug003:0:404
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5253690073884644860
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 284C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aJ_FnCdrTAuz5pDHRK6zCA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:13:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=114544
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Fri, 19 Mar 2021 06:03:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:13:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 284C 		95 B
596 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=689FC59C-276B-4C0B-B3E6-90C744AEB308
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:56 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6319924149c65364-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08e3d9bccd00005364e7a02000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame 284C
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=689FC59C-276B-4C0B-B3E6-90C744AEB308&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=689FC59C-276B-4C0B-B3E6-90C744AEB308&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=689FC59C-276B-4C0B-B3E6-90C744AEB308&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:13:57 GMT
frontend-id
3
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:13:56 GMT
frontend-id
13
location
/pubmatic/1/info2?sType=sync&sExtCookieId=689FC59C-276B-4C0B-B3E6-90C744AEB308&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 284C
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=689FC59C-276B-4C0B-B3E6-90C744AEB308&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=689FC59C-276B-4C0B-B3E6-90C744AEB308&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=689FC59C-276B-4C0B-B3E6-90C744AEB308&addseg=31
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=689FC59C-276B-4C0B-B3E6-90C744AEB308&addseg=31
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:13:56 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Wed, 17 Mar 2021 22:13:56 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=689FC59C-276B-4C0B-B3E6-90C744AEB308&addseg=31
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
Pug
image2.pubmatic.com/AdServer/ Frame 284C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Njg5RkM1OUMtMjc2Qi00QzBCLUIzRTYtOTBDNzQ0QUVCMzA4&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:13:56 GMT
X-lat
lhrpug009:0:350
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:13:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 284C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENmsecBKMN-CdG_6wzzCVnA&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENmsecBKMN-CdG_6wzzCVnA&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:13:56 GMT
X-lat
lhrpug018:0:367
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:13:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENmsecBKMN-CdG_6wzzCVnA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 284C 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:56 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 16 Mar 2021 22:13:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 284C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=bff16d09-675f-4d13-9410-60a283c92efa
42 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=bff16d09-675f-4d13-9410-60a283c92efa
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:13:55 GMT
X-lat
amspug015:0:287
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:13:56 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=bff16d09-675f-4d13-9410-60a283c92efa
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame 284C
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2041863045849423668
42 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2041863045849423668
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:13:55 GMT
X-lat
amspug006:0:433
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:13:56 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2041863045849423668
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 284C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:6d9f6052-7f24-4e00-b8f6-6a5f28858dc1&gdpr=0&gdpr_consent=
42 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:6d9f6052-7f24-4e00-b8f6-6a5f28858dc1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:13:55 GMT
X-lat
amspug013:0:294
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Wed, 17 Mar 2021 22:13:55 GMT
Server
MT3 3611 f10363c master cdg-pixel-x1
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:6d9f6052-7f24-4e00-b8f6-6a5f28858dc1&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 17 Mar 2021 22:13:54 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 284C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3228286691239197805&gdpr=0&gdpr_consent=
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3228286691239197805&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:13:56 GMT
X-lat
lhrpug004:0:320
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 22:13:56 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.87:80
AN-X-Request-Uuid
02dcf567-8b8e-439f-8293-48f5cbb34b51
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3228286691239197805&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 284C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=28abe8fd-f470-49bd-8bb1-830bf588812b
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=28abe8fd-f470-49bd-8bb1-830bf588812b
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=25035ae6-db5e-4705-93c2-c0fe45cd2966&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=28abe8fd-f470-49bd-8bb1-830bf588812b&gdpr=&gdpr_consent=&gdpr_pd=
1 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=28abe8fd-f470-49bd-8bb1-830bf588812b&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:13:55 GMT
X-lat
amspug019:0:309
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=28abe8fd-f470-49bd-8bb1-830bf588812b&gdpr=&gdpr_consent=&gdpr_pd=
date
Wed, 17 Mar 2021 22:13:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
master.m3u8
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/03445dc0-9c8d-4c06-8200-e0fd65a33bbd/10s/ 		7 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/03445dc0-9c8d-4c06-8200-e0fd65a33bbd/10s/master.m3u8?fastly_token=NjA3NzZjY2FfODBmYmU1MzMyZDAxMTlmOWU5ZmI2ZWJiNGExNjE1NWZmNWI3NDkxMWFiOWQ2ZTM5MThkZDRjZDFlNDRmOTVkNQ%3D%3D&pubid=5615998039001
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/wps/build/webpack/videoStory.bundle-667b380d20e928f31b53.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ BC
Resource Hash
563c2011610b4867040d34d8493d127ecea5de6c150b09228114281c88d7cc52

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:56 GMT
via
1.1 varnish
age
0
x-powered-by
BC
x-cache
MISS
x-bolt-device-group
desktop-chrome
content-length
6908
x-served-by
cache-hhn4067-HHN
x-device-group
desktop-chrome
x-timer
S1616019236.083921,VS0,VE39
x-powered-from
gantry
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Server,Range,Content-Length,Content-Range
cache-control
s-maxage=1209600, max-age=1209600
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits
0
4ee26a53-8053-4a48-a61e-f09194865c75
https://www.ledger-enquirer.com/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.ledger-enquirer.com/4ee26a53-8053-4a48-a61e-f09194865c75
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d0d96becd8907f01322e1a38c1e01b95380244119c1d53df9940959e62f44bb

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
5415
Content-Type
application/javascript
IrisUpNext.css
ovp.iris.tv/libs/adaptive/styles/v2/ 		14 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ovp.iris.tv/libs/adaptive/styles/v2/IrisUpNext.css
Requested by
Host: ovp.iris.tv
URL: https://ovp.iris.tv/libs/adaptive/v2/iris.adaptive.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:1a00:15:d134:4e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
04a74928965ed27c791351d7e70bc0bb40194158a56fd949b19c66f28d4835c1

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 01:18:45 GMT
via
1.1 f2db75b601dc30df73b1beb29596a375.cloudfront.net (CloudFront)
last-modified
Thu, 10 Dec 2020 21:39:59 GMT
server
AmazonS3
age
852912
etag
"840c928a4f9a6d6ee5ca76af8031b7ea"
x-cache
Hit from cloudfront
x-amz-version-id
8bGmSv38jufOtvTVvpCK84CQNHI2iGn8
cache-control
max-age=31536000, must-revalidate
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
text/css
content-length
14368
x-amz-cf-id
n1zIDqGS8W2dMp8g_AqBhxN5Dz_8iRqzj4vnJ7Pi8F-Kn3sJRxMVqQ==
IrisButtons.css
ovp.iris.tv/libs/adaptive/styles/ 		6 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ovp.iris.tv/libs/adaptive/styles/IrisButtons.css
Requested by
Host: ovp.iris.tv
URL: https://ovp.iris.tv/libs/adaptive/v2/iris.adaptive.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:1a00:15:d134:4e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
85fa47de6b71bbce922b3d89b645018063f5d4b1c7ac1383ada0da3729de6702

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 05:01:20 GMT
via
1.1 f2db75b601dc30df73b1beb29596a375.cloudfront.net (CloudFront)
last-modified
Thu, 10 Dec 2020 21:56:44 GMT
server
AmazonS3
age
1617157
etag
"e54832afd18f0ed157b8160ac7e4a9d2"
x-cache
Hit from cloudfront
x-amz-version-id
CcqFDVhLmj7fMBiS5W3t1iFW3PtkExjg
cache-control
max-age=31536000, must-revalidate
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
text/css
content-length
6053
x-amz-cf-id
9Lq02-zsamCtWAKC3vdz7gIQwhAFfez-dD40PlfNvRHu-w9ONRVtbQ==
bridge3.447.1_en.html
imasdk.googleapis.com/js/core/ Frame D856 		576 KB
188 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
559004a545a13667b7f7b0abdec7892df86ae2d2b36536c76ca37cbbf1b5bccc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.447.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ledger-enquirer.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ledger-enquirer.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
192496
date
Sun, 14 Mar 2021 13:29:38 GMT
expires
Mon, 14 Mar 2022 13:29:38 GMT
last-modified
Sun, 14 Mar 2021 13:23:56 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
290658
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Wed, 17 Mar 2021 22:13:56 GMT
image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998039001/7b5a5923-dcf8-4513-9563-b1c5bc13b08b/8a03be1c-27bd-4dbf-839c-409a930212f5/1280x720/match/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998039001/7b5a5923-dcf8-4513-9563-b1c5bc13b08b/8a03be1c-27bd-4dbf-839c-409a930212f5/1280x720/match/image.jpg
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.25.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-25-48.fra56.r.cloudfront.net
Software
/ BC
Resource Hash
e0669ecee925b20d4d67f0666dbf4479ee266e23388f5582ddb8c00710c4917d

Request headers

Origin
https://www.ledger-enquirer.com
Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 18:15:48 GMT
Via
1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
Age
14288
X-Powered-From
gantry
X-Powered-By
BC
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
FRA56-C2
X-Amz-Cf-Id
4miyt12vBg-ka6T1iUww00SpUHi4tmwtNAPNmqmUYz6-BiVs_4rK5w==
Expires
Thu, 17 Mar 2022 18:15:48 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ledger-enquirer.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 17 Mar 2021 22:13:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ddbab225-b66d-4dc9-857c-62ab07c772a3
https://www.ledger-enquirer.com/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.ledger-enquirer.com/ddbab225-b66d-4dc9-857c-62ab07c772a3
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d0d96becd8907f01322e1a38c1e01b95380244119c1d53df9940959e62f44bb

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
5415
Content-Type
application/javascript
bridge3.447.1_en.html
imasdk.googleapis.com/js/core/ Frame 0DDD 		576 KB
188 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
559004a545a13667b7f7b0abdec7892df86ae2d2b36536c76ca37cbbf1b5bccc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.447.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ledger-enquirer.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ledger-enquirer.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
192496
date
Sun, 14 Mar 2021 13:29:38 GMT
expires
Mon, 14 Mar 2022 13:29:38 GMT
last-modified
Sun, 14 Mar 2021 13:23:56 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
290658
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998039001/7b07104a-6a61-4dfb-a2fb-82eafe4054e1/dcddef8d-cadd-42bb-8a30-0eb32b74fc40/1280x720/match/ 		154 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998039001/7b07104a-6a61-4dfb-a2fb-82eafe4054e1/dcddef8d-cadd-42bb-8a30-0eb32b74fc40/1280x720/match/image.jpg
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.25.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-25-48.fra56.r.cloudfront.net
Software
/ BC
Resource Hash
0521da9cc69f21b9fd110191b17217e2dfcf5461f95ef66c344d92d15ab1a0e5

Request headers

Origin
https://www.ledger-enquirer.com
Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 01:01:41 GMT
Via
1.1 08b9c2fd11813ffdb8fa03129d0a465d.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
Age
162735
X-Powered-From
gantry
X-Powered-By
BC
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
FRA56-C2
X-Amz-Cf-Id
2J1Z3FgkF_XK2D3mP2XTO8gnB4LSCInSr2tdoOmocH_SO_mJ3znGkA==
Expires
Wed, 16 Mar 2022 01:01:41 GMT
rendition.m3u8
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998039001/7b5a5923-dcf8-4513-9563-b1c5bc13b08b/91ac9e0a-2281-4005-8a30-598e6fdcf08c/10s/ 		6 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998039001/7b5a5923-dcf8-4513-9563-b1c5bc13b08b/91ac9e0a-2281-4005-8a30-598e6fdcf08c/10s/rendition.m3u8?fastly_token=NjA3NzZkNGVfYjJmMWFjYzNlNjJkOWJjZDVkY2QzN2ZiZjFlZjg5NTU0MTQxMjAyNTVhNWU4NTQ3ZjQxODAxMTdiN2YxNDQ2MA%3D%3D
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/wps/build/webpack/videoStory.bundle-667b380d20e928f31b53.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ BC
Resource Hash
e3ef3539e23b78a4c30c5e7d1093f9534e3750332515e7f2c18b8cbe981a6f47

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:56 GMT
via
1.1 varnish
age
0
x-powered-by
BC
x-cache
MISS
content-length
6028
x-served-by
cache-hhn4067-HHN
x-device-group
desktop-chrome
x-timer
S1616019236.189582,VS0,VE117
x-powered-from
gantry
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Server,Range,Content-Length,Content-Range
cache-control
s-maxage=1209600, max-age=1209600
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits
0
rendition.m3u8
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998039001/7b07104a-6a61-4dfb-a2fb-82eafe4054e1/249ce0b0-a389-4de2-aabd-cc605ac9a171/10s/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998039001/7b07104a-6a61-4dfb-a2fb-82eafe4054e1/249ce0b0-a389-4de2-aabd-cc605ac9a171/10s/rendition.m3u8?fastly_token=NjA3NzZkMjJfNGIzOGQ2NThiNGQyNTQwMjc2MDRjMjdhNWVlMjM1NjRkMGY1ZmU5NWRmNWU2YjVjYjA2ZTYwNzdlNzQxODliZg%3D%3D
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/wps/build/webpack/videoStory.bundle-667b380d20e928f31b53.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ BC
Resource Hash
e2aed6b8c0cd9df8de5c813f021c2ed4489f4f39bad38be06f4a290d22301547

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:56 GMT
via
1.1 varnish
age
0
x-powered-by
BC
x-cache
MISS
content-length
4448
x-served-by
cache-hhn4067-HHN
x-device-group
desktop-chrome
x-timer
S1616019236.198584,VS0,VE139
x-powered-from
gantry
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Server,Range,Content-Length,Content-Range
cache-control
s-maxage=1209600, max-age=1209600
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame 0BF6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YFJ-IgAAAJgHLxNg&expires=90
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YFJ-IgAAAJgHLxNg&expires=90
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://mcclatchy.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:13:56 GMT
via
1.1 varnish
server
Varnish
x-timer
S1616019236.273970,VS0,VE0
x-served-by
cache-fra19146-FRA
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YFJ-IgAAAJgHLxNg&expires=90
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
89167571-6faa-4ff9-887c-5222b6ad2e60
https://www.ledger-enquirer.com/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.ledger-enquirer.com/89167571-6faa-4ff9-887c-5222b6ad2e60
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d0d96becd8907f01322e1a38c1e01b95380244119c1d53df9940959e62f44bb

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
5415
Content-Type
application/javascript
bridge3.447.1_en.html
imasdk.googleapis.com/js/core/ Frame 5BAD 		576 KB
188 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
559004a545a13667b7f7b0abdec7892df86ae2d2b36536c76ca37cbbf1b5bccc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.447.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ledger-enquirer.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ledger-enquirer.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
192496
date
Sun, 14 Mar 2021 13:29:38 GMT
expires
Mon, 14 Mar 2022 13:29:38 GMT
last-modified
Sun, 14 Mar 2021 13:23:56 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
290658
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998031001/03445dc0-9c8d-4c06-8200-e0fd65a33bbd/8752c74c-3088-4afe-a03b-c168721ce3de/1280x720/match/ 		177 KB
177 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998031001/03445dc0-9c8d-4c06-8200-e0fd65a33bbd/8752c74c-3088-4afe-a03b-c168721ce3de/1280x720/match/image.jpg?pubId=5615998039001
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.25.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-25-48.fra56.r.cloudfront.net
Software
/ BC
Resource Hash
b6a39ee870f3d3e0df25798083cbc711eebd0a56013bb4cd7c513e69d846378d

Request headers

Origin
https://www.ledger-enquirer.com
Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 14:54:40 GMT
Via
1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
Age
112756
X-Powered-From
gantry
X-Powered-By
BC
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
FRA56-C2
X-Amz-Cf-Id
JI2TNq6rTjEvUeC6QvOwNhPKzrLd8Lb2SLXNxhJLbsTiCbCN88gZhA==
Expires
Wed, 16 Mar 2022 14:54:40 GMT
rendition.m3u8
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/03445dc0-9c8d-4c06-8200-e0fd65a33bbd/bacdbd2f-46be-4a59-8bcd-77af35c74f7c/10s/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/03445dc0-9c8d-4c06-8200-e0fd65a33bbd/bacdbd2f-46be-4a59-8bcd-77af35c74f7c/10s/rendition.m3u8?fastly_token=NjA3NzZjY2JfNjJjYWIyZmU5NjM3YzlmODY2ZGU0Y2FjNDQ2MjdhYTk3NTE3MmQ2NjNkYjdiMTEzMzY4NTFhMTEwOWE3ZDgxYQ%3D%3D&pubid=5615998039001
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/wps/build/webpack/videoStory.bundle-667b380d20e928f31b53.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ BC
Resource Hash
42049e40c6a31f850b7dff36ee43ef3f75c20ecb2ab0ddd6ffaa7d18dadf7296

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:56 GMT
via
1.1 varnish
age
0
x-powered-by
BC
x-cache
MISS
content-length
1356
x-served-by
cache-hhn4067-HHN
x-device-group
desktop-chrome
x-timer
S1616019236.347329,VS0,VE124
x-powered-from
gantry
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Server,Range,Content-Length,Content-Range
cache-control
s-maxage=1209600, max-age=1209600
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits
0
moatcontent.js
z.moatads.com/nativonielsen548znrb18/ 		167 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/nativonielsen548znrb18/moatcontent.js?moatClientLevel1=8857
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-172.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:56 GMT
content-encoding
gzip
last-modified
Mon, 24 Aug 2020 17:04:05 GMT
server
AmazonS3
x-amz-request-id
BY4M2YBSDS5X7T3W
etag
"774acff2cee5852cdfc3fd8471cb2667"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=9045
accept-ranges
bytes
content-length
55696
x-amz-id-2
uhu3Q/9rVotIX9kSOgiT4CjFxsI593sftCVvbksutv+D9hdZe1kSQBM8GAPntCptb01sAz33QLM=
C4A1A8B2AEC94AC6BF33CAD9D71CF6ED.jpg
ntvcld-a.akamaihd.net/image/upload/w_75,h_75,c_fit,f_auto/assets/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntvcld-a.akamaihd.net/image/upload/w_75,h_75,c_fit,f_auto/assets/C4A1A8B2AEC94AC6BF33CAD9D71CF6ED.jpg
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.107.122 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-122.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
e454f6f9e79ecf329c1a37dee75042168bb0a7b84aea3df6292a39b6651eb146

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:13:57 GMT
Last-Modified
Wed, 17 Feb 2021 21:40:18 GMT
Server
Akamai Image Manager
ETag
"96591ea06c9d4646fbaca56bf4f08181"
Content-Type
image/webp
Cache-Control
private, no-transform, max-age=2513563
Connection
keep-alive
Content-Length
1292
Expires
Fri, 16 Apr 2021 00:26:40 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
623 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=46,302&ntv_ui=00632e36-0b90-4e8c-a9ce-19cb06e9e419&ntv_a=v4YGApKdKAXa0QA&ntv_fl=7uDOAz88QViW5FhnhWWSVY37EAjmUKybCOt6O3NyYeuH6WaYIeUCBZLiH7moxVfxsUQWa3duUGWrv5izxdPYIEqlkWY4r4ovZyq31bduJRYJQhKXq8KcYLRKkwH-Zndi&ord=-1451763526&ntv_ht=I39SYAA&ntv_tad=16&ntv_az=nuQYFaFqoER1YQat&ntv_al=PxLHKz8Sxyo=&ntv_ak=Sr0LkQrkC5FKvQuR&ntv_it
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.183.218.81 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:13:56 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
623 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=00632e36-0b90-4e8c-a9ce-19cb06e9e419&ntv_fl=7uDOAz88QViW5FhnhWWSVY37EAjmUKybCOt6O3NyYeuH6WaYIeUCBZLiH7moxVfxsUQWa3duUGWrv5izxdPYIEqlkWY4r4ovZyq31bduJRYJQhKXq8KcYLRKkwH-Zndi&ntv_ht=I39SYAA&ntv_at=323&ntv_a=AAAAAAAAAAXa0QA&ntv_jtr=10&ntv_it
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.183.218.81 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:13:56 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
bframe
www.google.com/recaptcha/api2/ Frame EED7 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&k=6LcCJGUUAAAAADAmkD2iQN_k8a6FCpgo2VBei6su&cb=pwi4xoikda38
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
43822d4b76a516bdd2996de8f3b6d441be74b7808c4213e977cb1939c074eba5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JqoRkWONAfZeV45TQUdvWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&k=6LcCJGUUAAAAADAmkD2iQN_k8a6FCpgo2VBei6su&cb=pwi4xoikda38
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ledger-enquirer.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=211=Vf1nABZTAOHYKFytawM0vp4hYbn3VBed1pjttWqfXY4u2_imK0bpsy4tIapZcMtmlLvsz2WyfPiyvKUaE18u_qTHyjw8R2DiXcJvmuieOg7hUv3iZdZ35bGlYqmwTD_Di88-idAjIkuA6lGubAF7zQYQ5Djyz6fSGuaikE4q6uI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ledger-enquirer.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 17 Mar 2021 22:13:56 GMT
content-security-policy
script-src 'report-sample' 'nonce-JqoRkWONAfZeV45TQUdvWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1113
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
securepubads.g.doubleclick.net/gampad/ 		19 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2290853280485553&correlator=1020918873334567&output=ldjh&impl=fifs&eid=31060465%2C31060367%2C31060421%2C44739387%2C21065725&vrg=2021031501&ptt=17&us_privacy=1---&sc=1&sfv=1-0-37&ecs=20210317&iu_parts=7675%2CCLB.site_ledger-enquirer%2C_HomePage&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1x1%2C970x250%7C728x90%7C960x30%7C970x90%2C300x250%7C300x600&ists=4&prev_scp=slot%3D1%26zeus_rendercount%3D1%7Catf%3Dy%26pkg%3Da%26slot%3D2%26zeus_rendercount%3D1%26amznbid%3D2%26amznp%3D2%7Catf%3Dy%26pkg%3Db%26slot%3D4%26zeus_rendercount%3D1%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=zeus%3Dapplied%26id%3D%26pl%3Dhomepage%26ref%3D%26sect%3Decefrontpage%26sids%3D%26swgt%3Dna%26top%3D%26vl%3D0%26lpid%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1616019093&dt=1616019236466&dlt=1616019233258&idt=1847&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933%2C800%2C410&adys=-12245933%2C117%2C1561&adks=3292069259%2C2754511822%2C1467212873&ucis=1%7C2%7C3&ifi=1&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ledger-enquirer.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1x1%7C1600x280%7C360x250&msz=0x0%7C31x280%7C1x250&ga_vid=1905019986.1616019235&ga_sid=1616019236&ga_hid=294866117&ga_fc=false&fws=128%2C0%2C0&ohw=0%2C0%2C0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031501.js?31060465
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
bcd3a2f2007b15a4b3c4d4352057a1e74f73418aeb7e80fff99d3400350b6ad1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:56 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6981
x-xss-protection
0
google-lineitem-id
5479766553,5630811307,5630724679
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138317917956,138341293266,138341224854
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ledger-enquirer.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c1f31c4f12c0eaaad54eb18038e2b798.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://c1f31c4f12c0eaaad54eb18038e2b798.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031501.js?31060465
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031501.js?31060465
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rendition.m3u8
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998039001/7b5a5923-dcf8-4513-9563-b1c5bc13b08b/b691597f-901b-4a1c-b5fc-e36002851504/10s/ 		6 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998039001/7b5a5923-dcf8-4513-9563-b1c5bc13b08b/b691597f-901b-4a1c-b5fc-e36002851504/10s/rendition.m3u8?fastly_token=NjA3NzZkNGVfNmIwMTFmYzk2ZGQ5OTlkYjgyYWJmYjhhZTU4YmNmNDFjODVjZDM0YjJiNDU0OTVjZWJmMDA0NjQ0OTU3YWY0YQ%3D%3D
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/wps/build/webpack/videoStory.bundle-667b380d20e928f31b53.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ BC
Resource Hash
aa3b3812b3a449981a288944e972a03d1c918c237cca3d2a58018a4ad0c2acfb

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:56 GMT
via
1.1 varnish
age
0
x-powered-by
BC
x-cache
MISS
content-length
6014
x-served-by
cache-hhn4067-HHN
x-device-group
desktop-chrome
x-timer
S1616019237.504637,VS0,VE120
x-powered-from
gantry
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Server,Range,Content-Length,Content-Range
cache-control
s-maxage=1209600, max-age=1209600
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame 0BF6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YFJ-IgAAAJgHLxNg
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YFJ-IgAAAJgHLxNg&C=1
43 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YFJ-IgAAAJgHLxNg&C=1
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://mcclatchy.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 22:13:57 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 17 Mar 2021 22:13:57 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 22:13:56 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YFJ-IgAAAJgHLxNg&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
279
Expires
Wed, 17 Mar 2021 22:13:56 GMT
rendition.m3u8
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998039001/7b07104a-6a61-4dfb-a2fb-82eafe4054e1/bf6d2a75-f7e1-4012-9399-d59e37679c87/10s/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998039001/7b07104a-6a61-4dfb-a2fb-82eafe4054e1/bf6d2a75-f7e1-4012-9399-d59e37679c87/10s/rendition.m3u8?fastly_token=NjA3NzZkMjJfMTI2Yzk4MWFiNWY0ZGE3MzIyYWVmYmUwZWY2ODI1NGJkMTAwZTU4MmJmYzBkY2RhZWRhZDM0ZWJmYWU3OTY5Ng%3D%3D
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/wps/build/webpack/videoStory.bundle-667b380d20e928f31b53.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ BC
Resource Hash
e1f216e60c7a2abfdaac8937b538cc9def82819dc461bba9a61ff343402d9492

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:56 GMT
via
1.1 varnish
age
0
x-powered-by
BC
x-cache
MISS
content-length
4438
x-served-by
cache-hhn4067-HHN
x-device-group
desktop-chrome
x-timer
S1616019237.517173,VS0,VE130
x-powered-from
gantry
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Server,Range,Content-Length,Content-Range
cache-control
s-maxage=1209600, max-age=1209600
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits
0
rendition.m3u8
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/03445dc0-9c8d-4c06-8200-e0fd65a33bbd/3b91b1aa-79c1-4839-ac75-887a520da54b/10s/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998031001/03445dc0-9c8d-4c06-8200-e0fd65a33bbd/3b91b1aa-79c1-4839-ac75-887a520da54b/10s/rendition.m3u8?fastly_token=NjA3NzZjY2JfZjRjZDlmMDdmMGJjMGE4ZTM1ZDcyZWUzMzRjMzE5NGNkZjJkZTE0NmE3ZTgzMDAxYWM3NGQ3N2MxMWI1Yjk1Nw%3D%3D&pubid=5615998039001
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/wps/build/webpack/videoStory.bundle-667b380d20e928f31b53.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ BC
Resource Hash
463bbb39c01920e907f91fc29d179be88a63eb8611d73c0741ccc8f1dd665bbc

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:56 GMT
via
1.1 varnish
age
0
x-powered-by
BC
x-cache
MISS
content-length
1766
x-served-by
cache-hhn4067-HHN
x-device-group
desktop-chrome
x-timer
S1616019237.638628,VS0,VE118
x-powered-from
gantry
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Server,Range,Content-Length,Content-Range
cache-control
s-maxage=1209600, max-age=1209600
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits
0
us-vaccinated.json
media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/us-vaccinated.json
Requested by
Host: media.mcclatchy.com
URL: https://media.mcclatchy.com/static/2020/coronavirus/covid-embed-tracker/main.0847933d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
496170da5f23440057139b0326f4f740f4d84f536f8969b0fc6e4fa14ba55811

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:13:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Mar 2021 15:00:02 GMT
Server
Apache
ETag
"cc3-5bdbcbcc97a8f"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
max-age=551
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
643
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame C454 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 21:23:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
3026
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Wed, 17 Mar 2021 22:23:30 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 82D1 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 21:23:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
3026
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Wed, 17 Mar 2021 22:23:30 GMT
setuid
ib.adnxs.com/ Frame 0BF6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://ib.adnxs.com/setuid?entity=158&code=YFJ-IgAAAJgHLxNg
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=158&code=YFJ-IgAAAJgHLxNg
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mcclatchy.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 22:13:57 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.78:80
AN-X-Request-Uuid
ff132b17-28fa-4f00-8374-a30fa047fbbc
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:13:57 GMT
via
1.1 varnish
server
Varnish
x-timer
S1616019237.004413,VS0,VE0
x-served-by
cache-fra19146-FRA
x-cache
HIT
location
https://ib.adnxs.com/setuid?entity=158&code=YFJ-IgAAAJgHLxNg
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1C05 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 21:27:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
2792
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Wed, 17 Mar 2021 22:27:25 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7D52 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsucbVSSXUcIx1ydqmlW0dqxH_iLJPkQYT-gP24ppc-KGvbsfYpSpUMlpAip42P_gqKUv3LCbPfuAatAe_fN7r1kg8mlDzMMIPICVVDtjMc3N_fNJYYsNYxhpU1Jf4Z6YVyYuZ8ETJ8xJVzRA3ZNwzueHxQmJiK4ibANXNTbyALlyq6XJWAZ6PiTTHg7Rd-zlIZd8nCnIbTie4Rn1g-xLdHmAjHucUCt_2t5g1ufkBcxOS08aQwMkELtwmxAvy789s07IQOchqVGbbfJtbl_Dc_KMvnV0knEK7fAsFu0Gnj7K3xssxjVNFNEh0SIbej--MgpJwI9lBZsAp-S-FhVdw&sig=Cg0ArKJSzLruytGrQEHYEAE&urlfix=1&adurl=
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 17 Mar 2021 22:13:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7D52 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980836519751"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36389
x-xss-protection
0
expires
Wed, 17 Mar 2021 22:13:57 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame FBFA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZIpvjV2J4KYRk2tx28l2doCYs6wlrOtflyvLdvrKPowYy92Q5o94fdVf0SPeU9pVgTgBFx6E6JHL5naDHuYoxvyc7xAdnuPF38i2Ntks0MPB8dQpwLakbM1RjCeck3uw9XfmK0N90sdwWslHFNauOQu2CfprxSJBkBuHIY8AQnZmE_IYCYJ8L2jaWBga_FKXEfBy4HNIwDSGvJ4WMC3e-QNAqJUn_qeLZ_OeAZoC1Vgnoloxi3ZlRYpjZ3VxCnQfJioNq7sawHnLYAwQ5fblJsj--B873wEHvPoQIkVFdseebc2OK5cFfvtT9CbaG-p9QqWEr9vpNi108jqARVngAfAYMoZJ1q41moRDU&sig=Cg0ArKJSzCO7Ca4zlBdDEAE&urlfix=1&adurl=
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 17 Mar 2021 22:13:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FBFA 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980836519751"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36389
x-xss-protection
0
expires
Wed, 17 Mar 2021 22:13:57 GMT
1542708752862892661
tpc.googlesyndication.com/simgad/ Frame FBFA 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1542708752862892661?
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf98b9a7dbf18e105886293f7063c3adfd1318ac90db9ae4a3b02f9e8eecf4ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 01:23:06 GMT
x-content-type-options
nosniff
age
75051
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63319
x-xss-protection
0
last-modified
Mon, 01 Feb 2021 23:06:08 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Mar 2022 01:23:06 GMT
14221371079760943072
tpc.googlesyndication.com/simgad/ Frame 34AA
Redirect Chain
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDnq7jUeBABGAEoATIIRCa0hO01vLpA1fzu7AU
  • https://tpc.googlesyndication.com/simgad/14221371079760943072
43 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14221371079760943072
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 23:16:53 GMT
x-content-type-options
nosniff
age
341824
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
last-modified
Mon, 07 Oct 2019 22:37:26 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Mar 2022 23:16:53 GMT

Redirect headers

timing-allow-origin
*
date
Wed, 17 Mar 2021 12:38:57 GMT
x-content-type-options
nosniff
server
cafe
age
34500
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/14221371079760943072
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 16 Apr 2021 12:38:57 GMT
FREE.gif
www.ledger-enquirer.com/static/img/placeholder/ 		328 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ledger-enquirer.com/static/img/placeholder/FREE.gif?mias=9JSOiojIzBnIsU2csFmZ6IycuJCLiADO2QzMykTMwYTM2EzX3cTM5IzN5QTM3MzM3ITO5cjMwcDN3gTN0czNwUDN5IDM4QDN4UzXkVGbfNXYflWbiojIpRnIsISZnFGcl12bIJiOig2YiwSfwUTM3MjM5EDM2EjNxojIlRmciwSO0EzNzITOxAjNxYTM6IyckJnIsgzN0YzMykTMwYTM2EjOiMXcyJCLzYDNyMjM5EDM2EjNxojIzdGcisnOiQnIs0XM6ISO3YDNycDMzYTNiwSM6IyNwMTMxgDMzYTNiwSM6IyM1UjN2cTO3QTNisnOiMHZpJye
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
AkamaiGHost /
Resource Hash
8c92061ecd87ac83d34922deec523bdd40d8c72651485d18a7f711bcb4889c78

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:57 GMT
server
AkamaiGHost
mime-version
1.0
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html
access-control-allow-origin
*
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
328
expires
Wed, 17 Mar 2021 22:13:57 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031501.js?31060465
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980824644616"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28204
x-xss-protection
0
expires
Wed, 17 Mar 2021 22:13:57 GMT
pr
aax-eu.amazon-adsystem.com/s/v3/ Frame 930A 		1 KB
848 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_cnv_pm-db5_rbd&fv=1.0&a=cm&cm3ppd=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_pm-db5_rbd_cnv&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
b0730feeaa8693523b2f4181a13b66162dd372dc98410718a8300a43c230b6b9

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_pm-db5_rbd_cnv&dcc=t
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A19Y1WEbMEAKjkVPDu4kOrU; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_pm-db5_rbd_cnv&dcc=t

Response headers

Server
Server
Date
Wed, 17 Mar 2021 22:13:57 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
487
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
web.js
ads.celtra.com/ba36d5c9/ Frame 7D52 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.celtra.com/ba36d5c9/web.js?&clickUrl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssHHV-8pjH3nXU3aGoftaqg7C4QEvcgndIGM-OTXjN7nGlrRc818zoiFuuIn2km35Jrwn_5kV9r7U4SsZvZZDmZQZ1hCu9GOk-23FxYm8VllrNzxVQ8uDpikv6B3VjDWeXLHKqBQkJiaXbDQv0leYnazF9NZPZ1oS0GqUQE822bjcFjoeQMu8QxJNzFUsb3l91PRxExkffUjKPPRchHuy4tDMvSoRUYwew8raT2RUJ5PW5qmYmhuWzIv7lRvZ6NnV8DomKgY_pgotxxfL4ex2_IiPgmaz-2whuEFalv_A2mmvJvEKvG8C3HdBw802HzAbvfSnHfcZlimg%26sig%3DCg0ArKJSzMe_QlpoZbInEAE%26urlfix%3D1%26adurl%3D&widthBreakpoint=2500&expandDirection=undefined&preferredClickThroughWindow=new&clickEvent=advertiser&iosAdvId=&androidAdvId=&externalAdServer=GoogleAdManager&tagVersion=html-standard-7&eas.JWVjaWQh=138341293266&externalCreativeId=138341293266&externalPlacementId=15117294&externalSiteId=15116694&externalSiteName=ledger-enquirer.com&externalLineItemId=5630811307&externalCampaignId=2825983899&externalAdvertiserId=4992071915&scriptId=celtra-script-1&clientTimestamp=1616019237.227&clientTimeZoneOffsetInMinutes=-60&hostPageLoadId=46603086804432814
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.22.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c254b30973cc66b03005876c003d80c437f628356310ab23879fdc5825d0817e

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 22:13:57 GMT
content-encoding
gzip
Content-Type
application/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
4859
Expires
0
sd
us-u.openx.net/w/1.0/ Frame 0BF6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YFJ-IgAAAJgHLxNg
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YFJ-IgAAAJgHLxNg
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://mcclatchy.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:13:57 GMT
via
1.1 google
server
OXGW/16.203.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:13:57 GMT
via
1.1 varnish
server
Varnish
x-timer
S1616019237.267599,VS0,VE0
x-served-by
cache-fra19146-FRA
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YFJ-IgAAAJgHLxNg
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
styles__ltr.css
www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/ Frame EED7 		50 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&k=6LcCJGUUAAAAADAmkD2iQN_k8a6FCpgo2VBei6su&cb=pwi4xoikda38
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 21:01:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 04:05:18 GMT
server
sffe
age
4341
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25479
x-xss-protection
0
expires
Thu, 17 Mar 2022 21:01:36 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/ Frame EED7 		331 KB
331 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&k=6LcCJGUUAAAAADAmkD2iQN_k8a6FCpgo2VBei6su&cb=pwi4xoikda38
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6fcdd11c229160158b2399cfc0524bd1712b0b24e86e9d3432e5eec78d9e518
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 13:51:31 GMT
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 04:05:18 GMT
server
sffe
age
30146
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
339223
x-xss-protection
0
expires
Thu, 17 Mar 2022 13:51:31 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNTYzMDgxMTMwNyIsImVidXkiOiIyODI1OTgzODk5IiwiZWFkdiI6IjQ5OTIwNzE5MTUiLCJlY2lkIjoiMTM4MzQxMjkzMjY2IiwiZWVudiI6ImoiLCJlcGlkIjoiMTUxMTcyOTQiLCJlc2lkIjoiMTUxMTY2OTQifQ&tv=js-2.2.18-e&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tid=569c05ae-e17b-4c60-919c-437763e3e6ca&pid=7693fcfc-23cf-4979-a1b9-78e8504363c3&dtm=1616019237387&qnm=_matherq&vp=1600x1200&ds=1600x6366&tofa=1616019235&vid=1&duid=b9da8df487cd7fed&fp=99543720&cid=ma12095&mrk=74930901&url=https%3A%2F%2Fwww.ledger-enquirer.com%2F
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.168.95.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:13:57 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
truncated
/ Frame 7D52 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
75bb5aa2e14d429ba49e8785c3876f2c8b8e14165c17420c07228b00c4e2e729

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
trk.gif
jadserve.postrelease.com/ 		43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=28&ntv_ui=00632e36-0b90-4e8c-a9ce-19cb06e9e419&ntv_a=v4YGApKdKAXa0QA&ntv_fl=7uDOAz88QViW5FhnhWWSVY37EAjmUKybCOt6O3NyYeuH6WaYIeUCBZLiH7moxVfxsUQWa3duUGWrv5izxdPYIEqlkWY4r4ovZyq31bduJRYJQhKXq8KcYLRKkwH-Zndi&ord=1963944185&ntv_ht=I39SYAA&ntv_it
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.183.218.81 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:13:57 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
8857
s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/ 		319 B
609 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/8857?t=2021217232
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-172.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c567fcbe7577902d1281888aedf0ab76c50565cdae655d1285aa0f7c586cc0f3

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
NDLntGR0.rB_W0n7u8s9YsW4C25ErzMF
last-modified
Wed, 17 Mar 2021 22:00:57 GMT
server
AmazonS3
x-amz-request-id
AE03APKF62VM7XAH
etag
"825662a6af1be11898dd9f0ebbb1be07"
content-type
application/octet-stream
date
Wed, 17 Mar 2021 22:13:57 GMT
accept-ranges
bytes
content-length
319
x-amz-id-2
fUZ8fSTnNGUdwg/i4eQM/nogA14+b5Qkbp1VewYvdbDY5aJJ+GdS5QY6PmpUmc0GsytRpq2gMKM=
Pug
image2.pubmatic.com/AdServer/ Frame 0BF6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFJ-IgAAAJgHLxNg
1 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFJ-IgAAAJgHLxNg
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mcclatchy.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:13:57 GMT
X-lat
lhrpug015:0:434
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:13:57 GMT
via
1.1 varnish
server
Varnish
x-timer
S1616019237.471353,VS0,VE0
x-served-by
cache-fra19146-FRA
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFJ-IgAAAJgHLxNg
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
truncated
/ Frame FBFA 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7924eb15632c1b7c6c0d3a867db277188ca3497fdf217a2d91b13858d4a832f1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame FBFA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsujJjH0857IPHYFXiRTQgXRDnqrmoyDBUZ7JXHZXq7ercaf2o1VEfcmarKDWmTr7Mb40gp_kKxPwWdS7cVZQ_YzSx4VPPOXoFtEzYVffNH5NXmTcLaPtSfCFgBujLyzU9Ih2T9nk28fAGNoAWOEyhWIkAMRRiER9jzG4EETlJI9d1UNCRywA5kjSymaioLcuDxGe2UnFKfnq7VcWub__KX81S1VYJx8UfimBACoXMNuZbFNJb-mZUxCjUQZIoEY4CyLycV_b--i8aJaQdhIf50DkfWH0CrcDpZMraJEF-D2smIXvIlvTyjdM2pOr14qwMR1zRG7y04hEBceB1J6Er2n&sig=Cg0ArKJSzGPlvnHDQ0W4EAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 17 Mar 2021 22:13:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 17 Mar 2021 22:13:57 GMT
web.js
cache-ssl.celtra.com/api/creatives/afdae985/compiled/ Frame 7D52 		432 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cache-ssl.celtra.com/api/creatives/afdae985/compiled/web.js?v=5-66f45b4535&secure=1&cachedVariantChoices=W10-&eventMetadataExperiment=newMeta&inmobi=0
Requested by
Host: ads.celtra.com
URL: https://ads.celtra.com/ba36d5c9/web.js?&clickUrl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssHHV-8pjH3nXU3aGoftaqg7C4QEvcgndIGM-OTXjN7nGlrRc818zoiFuuIn2km35Jrwn_5kV9r7U4SsZvZZDmZQZ1hCu9GOk-23FxYm8VllrNzxVQ8uDpikv6B3VjDWeXLHKqBQkJiaXbDQv0leYnazF9NZPZ1oS0GqUQE822bjcFjoeQMu8QxJNzFUsb3l91PRxExkffUjKPPRchHuy4tDMvSoRUYwew8raT2RUJ5PW5qmYmhuWzIv7lRvZ6NnV8DomKgY_pgotxxfL4ex2_IiPgmaz-2whuEFalv_A2mmvJvEKvG8C3HdBw802HzAbvfSnHfcZlimg%26sig%3DCg0ArKJSzMe_QlpoZbInEAE%26urlfix%3D1%26adurl%3D&widthBreakpoint=2500&expandDirection=undefined&preferredClickThroughWindow=new&clickEvent=advertiser&iosAdvId=&androidAdvId=&externalAdServer=GoogleAdManager&tagVersion=html-standard-7&eas.JWVjaWQh=138341293266&externalCreativeId=138341293266&externalPlacementId=15117294&externalSiteId=15116694&externalSiteName=ledger-enquirer.com&externalLineItemId=5630811307&externalCampaignId=2825983899&externalAdvertiserId=4992071915&scriptId=celtra-script-1&clientTimestamp=1616019237.227&clientTimeZoneOffsetInMinutes=-60&hostPageLoadId=46603086804432814
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-39.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
83f02c3275bb158b325645dedbb029eaf6bcb3916e652fbfdc603b5cbf92fe3f

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 03:12:15 GMT
content-encoding
gzip
age
68502
x-cache
Hit from cloudfront
content-length
102548
access-control-allow-origin
*
server
Apache
etag
"4351b70b568a917c6d96a4c7f0c7adecefc7e126344995630fb30e3e7c902d1b"
vary
Accept-Encoding
x-varnish
2674027
via
1.1 varnish (Varnish/5.0), 1.1 0d4b487d54766de7560aa02de852bbf8.cloudfront.net (CloudFront)
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control
max-age=31556926
access-control-allow-credentials
false
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
FMbYgPasQ-OM_qEk24GxFmqBQH64Iudid5mk0YNs3l4LbYYtnutL7w==
truncated
/ Frame 7D52 		167 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
b551340e-1eac-4e0a-b88d-c188e4f2a4b8
https://www.ledger-enquirer.com/ Frame 7D52 		167 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://www.ledger-enquirer.com/b551340e-1eac-4e0a-b88d-c188e4f2a4b8
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
167
Content-Type
image/png
/
fundingchoicesmessages.google.com/f/AGSKWxWNVqGGnANAvlnIsf8tgFrlTZttw_Y7KnV77f6ADFGth1EryqE4S8kKZ5FkfpmQN_lTb5rmF9FqN_o9ABoXFwdLFgwW96Xe7IILFyreyikgpwb6juuMwm8LhAduw4Rc2TWVDd7DMQSdudLFwYgVcDzQ7GUv-... 		54 B
435 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWNVqGGnANAvlnIsf8tgFrlTZttw_Y7KnV77f6ADFGth1EryqE4S8kKZ5FkfpmQN_lTb5rmF9FqN_o9ABoXFwdLFgwW96Xe7IILFyreyikgpwb6juuMwm8LhAduw4Rc2TWVDd7DMQSdudLFwYgVcDzQ7GUv-dneVSxC7oDUUwlQeEjbG2xQXRWTxG10SvkRDuDBcL1fGsYBzEmNIbbCInmS6gB6ksvqcHZvjEYNQjcWTWI=/_/ads/?id=/ads/popshow..ads.core.-doubleclick.js/adoptionicon.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_US.REWrUaQMz1A.es5.O/d=1/ct=zgms/rs=AJlcJMxwhySYB05j966dFkMCE2IVghWm9Q/m=detection
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6021d076be6cab534c58d762b310389d3a8eaf20e26075f564f971970e860884
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-77vSsW7neI123d7xOh4ehw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-77vSsW7neI123d7xOh4ehw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'report-sample' 'nonce-77vSsW7neI123d7xOh4ehw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-77vSsW7neI123d7xOh4ehw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin
date
Wed, 17 Mar 2021 22:13:57 GMT
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
origin-trial
AmWWqEiPtRKXiIreUsgUyNMptDcKdmLPlGI32DPZjDKK+yBAUi7+FT3r/9RpkTnzHyXYUWiPfirCGMg3Ogzc7gMAAAB3eyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjE0MTI0Nzk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
rum.js
pagead2.googlesyndication.com/pagead/js/ 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/rum.js
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_US.REWrUaQMz1A.es5.O/d=1/ct=zgms/rs=AJlcJMxwhySYB05j966dFkMCE2IVghWm9Q/m=detection
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3477e8fe3b7becd59943c9497c9a6cdcb7768f59f5c0bba0bcf981c923b25c6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 21:42:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1915
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20897
x-xss-protection
0
server
cafe
etag
7857869394883405340
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 17 Mar 2021 22:42:02 GMT
AGSKWxVBwWHk-jLQU52B3DHSs9g7oQkxB-nXBUPrQOa7OcVawvhygwa8cXiXliVlOtG5iKFGUuOhXoufoNytnu0krOiVK7Zt12FGsFdg1PE--jkWIbOxC4HlaWcGR5QTvIRGn3qQrH4kb8qKw2zoxUpgSYNtceHmGlkYR4gwn8mPUola-FMy8tmKK7rkRQ==
fundingchoicesmessages.google.com/l/ 		0
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/l/AGSKWxVBwWHk-jLQU52B3DHSs9g7oQkxB-nXBUPrQOa7OcVawvhygwa8cXiXliVlOtG5iKFGUuOhXoufoNytnu0krOiVK7Zt12FGsFdg1PE--jkWIbOxC4HlaWcGR5QTvIRGn3qQrH4kb8qKw2zoxUpgSYNtceHmGlkYR4gwn8mPUola-FMy8tmKK7rkRQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_US.REWrUaQMz1A.es5.O/d=1/ct=zgms/rs=AJlcJMxwhySYB05j966dFkMCE2IVghWm9Q/m=detection
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TgI2Afz/NxTCFFKlxXGIjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-TgI2Afz/NxTCFFKlxXGIjg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 17 Mar 2021 22:13:57 GMT
x-content-type-options
nosniff
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.ledger-enquirer.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
origin-trial
AmWWqEiPtRKXiIreUsgUyNMptDcKdmLPlGI32DPZjDKK+yBAUi7+FT3r/9RpkTnzHyXYUWiPfirCGMg3Ogzc7gMAAAB3eyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjE0MTI0Nzk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
content-security-policy
script-src 'report-sample' 'nonce-TgI2Afz/NxTCFFKlxXGIjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-TgI2Afz/NxTCFFKlxXGIjg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/ Frame 0BF6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YFJ-IgAAAJgHLxNg&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YFJ-IgAAAJgHLxNg&img=1&__user_check__=1&sync_id=11a3b004-876e-11eb-b15b-18c6427b1106
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YFJ-IgAAAJgHLxNg&img=1&__user_check__=1&sync_id=11a3b004-876e-11eb-b15b-18c6427b1106
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.125 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://mcclatchy.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:13:57 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
16
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Wed, 17 Mar 2021 22:13:57 GMT
Server
nginx
Location
/partner?adv_id=6409&uid=YFJ-IgAAAJgHLxNg&img=1&__user_check__=1&sync_id=11a3b004-876e-11eb-b15b-18c6427b1106
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
108
Connection
keep-alive
Content-Length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 930A
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com/s%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=bd132a01707629a9cef9
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=bd132a01707629a9cef9
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_cnv_pm-db5_rbd&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 22:13:58 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Wed, 17 Mar 2021 22:13:58 GMT
via
1.1 91528fdf97ef415d04fa66a0fbb562d7.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
DUS51-C1
x-cache
LambdaGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=bd132a01707629a9cef9
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
4HdkwRuK_QUoz49OST5lJHy9QTh4mG38dY5NAFVvBlPhdoCcsXhdyQ==
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 89B6 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_cnv_pm-db5_rbd&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a7a51949d343df29964d86649fe40db47517d23beb564e02ba6bd093f920010a

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YFJ-JEQm5rKawX1neXn8BgAA; CMPS=3202; CMPRO=1187; CMRUM3=5860527f252760YFJ-IgAAAJgHLxNg; CMST=YFJ-JWBSfyUA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|45|241|230|90|65|57|47
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1697
Expires
Wed, 17 Mar 2021 22:13:58 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 17 Mar 2021 22:13:58 GMT
Connection
keep-alive
Set-Cookie
CMID=YFJ-JEQm5rKawX1neXn8BgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 17 Mar 2022 22:13:58 GMT CMPS=3202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 15 Jun 2021 22:13:58 GMT CMPRO=1187;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 15 Jun 2021 22:13:58 GMT CMRUM3=4160527f2605a0&2d60527f2605a0&f160527f2605a00&e660527f2627600&3960527f2605a0&5860527f252760YFJ-IgAAAJgHLxNg&5a60527f2605a0&2f60527f2605a0&2760527f260b40;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 17 Mar 2022 22:13:58 GMT CMST=YFJ-JWBSfyYA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 18 Mar 2021 22:13:58 GMT
current
amazon-tam-match.dotomi.com/match/bounce/ Frame 7645 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_cnv_pm-db5_rbd&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2010 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
amazon-tam-match.dotomi.com
:scheme
https
:path
/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Wed, 17 Mar 2021 22:13:58 GMT
cache-control
no-cache, private, max-age=0, no-store
expires
0
pragma
no-cache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7D2E 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_cnv_pm-db5_rbd&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=159414:2; KADUSERCOOKIE=689FC59C-276B-4C0B-B3E6-90C744AEB308; chkChromeAb67Sec=1; DPSync3=1617148800%3A221_201_227_226; SyncRTB3=1617148800%3A7_161_13_54_56_3_220_21%7C1616803200%3A63%7C1617235200%3A35; PUBMDCID=3; KRTBCOOKIE_336=5844-5253690073884644860; KRTBCOOKIE_80=16514-CAESENmsecBKMN-CdG_6wzzCVnA&KRTB&22987-CAESENmsecBKMN-CdG_6wzzCVnA&KRTB&23025-CAESENmsecBKMN-CdG_6wzzCVnA; KRTBCOOKIE_57=22776-3228286691239197805; KRTBCOOKIE_377=6810-bff16d09-675f-4d13-9410-60a283c92efa&KRTB&22918-bff16d09-675f-4d13-9410-60a283c92efa&KRTB&23031-bff16d09-675f-4d13-9410-60a283c92efa; KRTBCOOKIE_27=16735-uid:6d9f6052-7f24-4e00-b8f6-6a5f28858dc1&KRTB&16736-uid:6d9f6052-7f24-4e00-b8f6-6a5f28858dc1&KRTB&23019-uid:6d9f6052-7f24-4e00-b8f6-6a5f28858dc1&KRTB&23114-uid:6d9f6052-7f24-4e00-b8f6-6a5f28858dc1; KRTBCOOKIE_391=22924-2041863045849423668&KRTB&23263-2041863045849423668; KRTBCOOKIE_466=16530-28abe8fd-f470-49bd-8bb1-830bf588812b; KRTBCOOKIE_218=22978-YFJ-IgAAAJgHLxNg&KRTB&23194-YFJ-IgAAAJgHLxNg&KRTB&23209-YFJ-IgAAAJgHLxNg&KRTB&23244-YFJ-IgAAAJgHLxNg; PugT=1616019237
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=114542
Expires
Fri, 19 Mar 2021 06:03:00 GMT
Date
Wed, 17 Mar 2021 22:13:58 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame D8F1 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_cnv_pm-db5_rbd&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
khaos=KME04MBK-C-A1JL; rsid=1|AIfsdBUH+v3fWCPuzNowDE/csJlhKa2tlCBRUZWfPw9zp4X5PWrjQqqTCqCKieGkTxzCtT3GWjvGSkTNWjmsGgfE/2wGlVwK8BMqZcvhERo6p23GCL9aNcX4JPKBYjCRbro=; ses2=; vis2=80306^1; ses15=; vis15=80306^1; audit=1|0o8zzNO5o4a445/ph/Ovo3p4/TMPY9XwpmlTqaQWWgC6v7mXduY/egSq4Drh4WjJZ9qhNrrrOvYAPa3Tu7xkzOBxGCOXoSK1ueUQ+xkeWjKma+WVcS1g3g==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 17 Mar 2021 22:13:58 GMT
Connection
keep-alive
Vary
Accept-Encoding
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNTYzMDcyNDY3OSIsImVidXkiOiIyODI1Mjc4MDI0IiwiZWFkdiI6IjI2OTcxNjE0IiwiZWNpZCI6IjEzODM0MTIyNDg1NCIsImVlbnYiOiJqIiwiZXBpZCI6IjE1MTE3Mjk0IiwiZXNpZCI6IjE1MTE2Njk0In0&tv=js-2.2.18-e&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tid=151a28b7-cf32-4d84-8c6a-2c4c242cd958&pid=7693fcfc-23cf-4979-a1b9-78e8504363c3&dtm=1616019237498&qnm=_matherq&vp=1600x1200&ds=1600x6366&tofa=1616019235&vid=1&duid=b9da8df487cd7fed&fp=99543720&cid=ma12095&mrk=74930901&url=https%3A%2F%2Fwww.ledger-enquirer.com%2F
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.168.95.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:13:57 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
reload
www.google.com/recaptcha/api2/ Frame EED7 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LcCJGUUAAAAADAmkD2iQN_k8a6FCpgo2VBei6su
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f36ddb47c8fa8f345ff29672f24c62f790b237ec29e4d8a96ca2ccde24751985
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/bframe?hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&k=6LcCJGUUAAAAADAmkD2iQN_k8a6FCpgo2VBei6su&cb=pwi4xoikda38
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Wed, 17 Mar 2021 22:13:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11736
x-xss-protection
1; mode=block
expires
Wed, 17 Mar 2021 22:13:57 GMT
b.php
www.facebook.com/fr/ Frame 0BF6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YFJ-IgAAAJgHLxNg&t=2592000&o=0
43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YFJ-IgAAAJgHLxNg&t=2592000&o=0
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://mcclatchy.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
x-fb-debug
+fB3BDkSVwpB0JHs42lgi2hpabOdo+MWFhVhRoDOyb+K/cVpfB9ZEc4DmA/pTk26c/29RgrR6KfUycxvGbOusQ==
content-encoding
br
x-content-type-options
nosniff
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 17 Mar 2021 15:13:57 PDT
strict-transport-security
max-age=15552000; preload
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
image/gif
vary
Accept-Encoding
cache-control
public, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
expires
Wed, 17 Mar 2021 15:13:57 PDT

Redirect headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:13:57 GMT
via
1.1 varnish
server
Varnish
x-timer
S1616019238.781421,VS0,VE0
x-served-by
cache-fra19146-FRA
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YFJ-IgAAAJgHLxNg&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
ads
pubads.g.doubleclick.net/gampad/ Frame D856 		1 KB
910 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?ad_type=video&client=ca-video-pub-3446305859157241&env=vp&gdfp_req=1&unviewed_position_start=1&output=xml_vast4&sz=400x300&url=https%3A%2F%2Fwww.ledger-enquirer.com%2F&correlator=1937747021908982&adsafe=high&videoad_start_delay=0&max_ad_duration=30000&sdmax=120000&vpa=click&vpmute=0&adtest=false&ciu_szs=300x250&iu=%2F7675%2FCLB.site_ledger-enquirer%2F_HomePage&hl=en&cmsid=2475969&description_url=https%3A%2F%2Fwww.ledger-enquirer.com%2Fnews%2Fnation-world%2Fnational%2Farticle250005079.html&vid_t=Atlanta%20police%20give%20update%20on%20spa%20shootings%20that%20left%208%20dead&vid=6241332640001&cust_params=sec_sect%3D28861%26topic%3D%26vpa%3D0%26vpmute%3D0%26iris_id%3Diris_90f7a2ef3d562225%26iris_context%3Dic_2782847%2Cic_9564594%2Cic_1145748&sdkv=h.3.447.1&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.8.0&us_privacy=1---&sdki=44d&adk=4234945749&sdk_apis=2%2C7%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.ledger-enquirer.com%2Ffe00dc14-75c8-4147-a7e0-df52d5e8539a&sid=2F9FA1BD-6A21-4D36-9BC1-C3A545F07879&eid=44725355%2C44729226%2C44736271&dt=1616019237840&cookie_enabled=1&scor=2007970746141371&ged=ve4_td5_tt1_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
9c9748ec7fadb426998e9b48ef25acb759a97528ba42bc0bf5078c995ac66891
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
831
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 0DDD 		1 KB
876 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?ad_type=video&client=ca-video-pub-3446305859157241&env=vp&gdfp_req=1&unviewed_position_start=1&output=xml_vast4&sz=400x300&url=https%3A%2F%2Fwww.ledger-enquirer.com%2F&correlator=78801464832682&adsafe=high&videoad_start_delay=0&max_ad_duration=30000&sdmax=120000&vpa=click&vpmute=0&adtest=false&ciu_szs=300x250&iu=%2F7675%2FCLB.site_ledger-enquirer%2F_HomePage&hl=en&cmsid=2475969&description_url=https%3A%2F%2Fwww.ledger-enquirer.com%2Fnews%2Fcoronavirus%2Farticle249964169.html&vid_t=%E2%80%98This%20looks%20like%20a%20small%20city.%E2%80%99%20Columbus%20readies%20for%20mass%20COVID%20vaccination%20site%20opening&vid=6240805087001&cust_params=sec_sect%3D82716%26topic%3D%26vpa%3D0%26vpmute%3D0%26iris_id%3Diris_f86ad0c90f8fad1c%26iris_context%3Dic_2002746%2Cic_3165844&sdkv=h.3.447.1&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250&is_amp=0&u_so=p&ctv=0&mpt=videojs-ima&mpv=1.8.0&us_privacy=1---&sdki=44d&adk=1397588983&sdk_apis=2%2C7%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.ledger-enquirer.com%2Fbe661cb2-a0ff-4bae-85ed-5f34a804acd3&sid=2F9FA1BD-6A21-4D36-9BC1-C3A545F07879&eid=44725355%2C44729226%2C44736271&dt=1616019237856&cookie_enabled=1&scor=4091521068732772&ged=ve4_td5_tt1_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
bc4e9d1236b76a6d90148779846505fc3eb58176b1d1b6e50a25e9ab18e9aa15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
844
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 5BAD 		1 KB
874 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?ad_type=video&client=ca-video-pub-3446305859157241&env=vp&gdfp_req=1&unviewed_position_start=1&output=xml_vast4&sz=400x300&url=https%3A%2F%2Fwww.ledger-enquirer.com%2F&correlator=2169326025512522&adsafe=high&videoad_start_delay=0&max_ad_duration=30000&sdmax=120000&vpa=click&vpmute=0&adtest=false&ciu_szs=300x250&iu=%2F7675%2FCLB.site_ledger-enquirer%2F_HomePage&hl=en&cmsid=2475969&description_url=https%3A%2F%2Fwww.ledger-enquirer.com%2Fnews%2Fcoronavirus%2Farticle249973079.html&vid_t=NASCAR%20legend%20Richard%20Petty%20gets%20his%20COVID-19%20vaccine&vid=6240973164001&cust_params=sec_sect%3D82716%2C28921%26topic%3D%26vpa%3D0%26vpmute%3D0%26iris_id%3Diris_969266c910ff990e%26iris_context%3Dic_7811401%2Cic_2002746%2Cic_7361327%2Cic_3165844&sdkv=h.3.447.1&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250&is_amp=0&u_so=p&ctv=0&mpt=videojs-ima&mpv=1.8.0&us_privacy=1---&sdki=44d&adk=1484760408&sdk_apis=2%2C7%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.ledger-enquirer.com%2Fa0db813d-986d-4e7d-941e-bb6aceae2968&sid=2F9FA1BD-6A21-4D36-9BC1-C3A545F07879&eid=44725355%2C44729226%2C44736271&dt=1616019237876&cookie_enabled=1&scor=2265031387692370&ged=ve4_td5_tt1_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ee8125fa978bcd4c05392936007cf0d2c983f4767e527a7dcdc41f67c549dc8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
842
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 284C 		0
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159414&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:13:57 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame EED7 		600 B
726 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/refresh_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/styles__ltr.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Mar 2021 18:11:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
187373
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
600
x-xss-protection
0
expires
Mon, 22 Mar 2021 18:11:05 GMT
audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame EED7 		530 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/audio_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/styles__ltr.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 02:33:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
589220
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
530
x-xss-protection
0
expires
Thu, 18 Mar 2021 02:33:38 GMT
info_2x.png
www.gstatic.com/recaptcha/api2/ Frame EED7 		665 B
744 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/info_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/styles__ltr.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 10:51:20 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
386558
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
665
x-xss-protection
0
expires
Sat, 20 Mar 2021 10:51:20 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EED7 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&k=6LcCJGUUAAAAADAmkD2iQN_k8a6FCpgo2VBei6su&cb=pwi4xoikda38
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.google.com
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 19:41:25 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
527553
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
expires
Fri, 11 Mar 2022 19:41:25 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EED7 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&k=6LcCJGUUAAAAADAmkD2iQN_k8a6FCpgo2VBei6su&cb=pwi4xoikda38
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.google.com
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 19:40:13 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:33:16 GMT
server
sffe
age
9225
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15340
x-xss-protection
0
expires
Thu, 17 Mar 2022 19:40:13 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EED7 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&k=6LcCJGUUAAAAADAmkD2iQN_k8a6FCpgo2VBei6su&cb=pwi4xoikda38
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.google.com
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 19:40:13 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
age
9225
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
expires
Thu, 17 Mar 2022 19:40:13 GMT
_2xKQbc9DIbjwndoguyGCGx3O9kecy5W0kvVgEU1jhM.js
www.google.com/js/bg/ Frame EED7 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/_2xKQbc9DIbjwndoguyGCGx3O9kecy5W0kvVgEU1jhM.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff6c4a41b73d0c86e3c2776882ec86086c773bd91e732e56d24bd58045358e13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/recaptcha/api2/bframe?hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&k=6LcCJGUUAAAAADAmkD2iQN_k8a6FCpgo2VBei6su&cb=pwi4xoikda38
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 21:01:37 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 18:00:00 GMT
server
sffe
age
4341
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5711
x-xss-protection
0
expires
Thu, 17 Mar 2022 21:01:37 GMT
payload
www.google.com/recaptcha/api2/ Frame EED7 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/recaptcha/api2/payload?p=06AGdBq25JGp5F020TwND8q1L05lcTBt9XOpmjBy0niAqd63CfrxlQlaRO_aboq6BP7--w01pRpEbDxXmBc8zTzkhok9Nv-369Wh6DAOIv9vS-joDY00QICb_NTKqemUC-1FOQ3MM05tH2ye_NHyrDYTuHlEvS9ATXTvV5epJKlGACimQKur4_CFuMIrK0-kpVGixTQ1dLb4gvVnI-AZpYeqnu_B308vZ1Hw&k=6LcCJGUUAAAAADAmkD2iQN_k8a6FCpgo2VBei6su
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2c11ad549ca17b21451b1958493f11a98717bc86e2cf3bf2273022f55146d551
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/bframe?hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&k=6LcCJGUUAAAAADAmkD2iQN_k8a6FCpgo2VBei6su&cb=pwi4xoikda38
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:58 GMT
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
private, max-age=30
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22860
x-xss-protection
1; mode=block
expires
Wed, 17 Mar 2021 22:13:58 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=47&ntv_ui=00632e36-0b90-4e8c-a9ce-19cb06e9e419&ntv_a=v4YGApKdKAXa0QA&ntv_fl=7uDOAz88QViW5FhnhWWSVY37EAjmUKybCOt6O3NyYeuH6WaYIeUCBZLiH7moxVfxsUQWa3duUGWrv5izxdPYIEqlkWY4r4ovZyq31bduJRYJQhKXq8KcYLRKkwH-Zndi&ord=2126198534&ntv_ht=I39SYAA&ntv_tad=16&ntv_it
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.183.218.81 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:13:58 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
AGSKWxVBwWHk-jLQU52B3DHSs9g7oQkxB-nXBUPrQOa7OcVawvhygwa8cXiXliVlOtG5iKFGUuOhXoufoNytnu0krOiVK7Zt12FGsFdg1PE--jkWIbOxC4HlaWcGR5QTvIRGn3qQrH4kb8qKw2zoxUpgSYNtceHmGlkYR4gwn8mPUola-FMy8tmKK7rkRQ==
fundingchoicesmessages.google.com/l/ 		0
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/l/AGSKWxVBwWHk-jLQU52B3DHSs9g7oQkxB-nXBUPrQOa7OcVawvhygwa8cXiXliVlOtG5iKFGUuOhXoufoNytnu0krOiVK7Zt12FGsFdg1PE--jkWIbOxC4HlaWcGR5QTvIRGn3qQrH4kb8qKw2zoxUpgSYNtceHmGlkYR4gwn8mPUola-FMy8tmKK7rkRQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_US.REWrUaQMz1A.es5.O/d=1/ct=zgms/rs=AJlcJMxwhySYB05j966dFkMCE2IVghWm9Q/m=detection
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-eJ+x/tLxardqXa3W6GKmKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-eJ+x/tLxardqXa3W6GKmKg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 17 Mar 2021 22:13:58 GMT
x-content-type-options
nosniff
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.ledger-enquirer.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
origin-trial
AmWWqEiPtRKXiIreUsgUyNMptDcKdmLPlGI32DPZjDKK+yBAUi7+FT3r/9RpkTnzHyXYUWiPfirCGMg3Ogzc7gMAAAB3eyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjE0MTI0Nzk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
content-security-policy
script-src 'report-sample' 'nonce-eJ+x/tLxardqXa3W6GKmKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-eJ+x/tLxardqXa3W6GKmKg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVBwWHk-jLQU52B3DHSs9g7oQkxB-nXBUPrQOa7OcVawvhygwa8cXiXliVlOtG5iKFGUuOhXoufoNytnu0krOiVK7Zt12FGsFdg1PE--jkWIbOxC4HlaWcGR5QTvIRGn3qQrH4kb8qKw2zoxUpgSYNtceHmGlkYR4gwn8mPUola-FMy8tmKK7rkRQ==
fundingchoicesmessages.google.com/l/ 		0
890 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/l/AGSKWxVBwWHk-jLQU52B3DHSs9g7oQkxB-nXBUPrQOa7OcVawvhygwa8cXiXliVlOtG5iKFGUuOhXoufoNytnu0krOiVK7Zt12FGsFdg1PE--jkWIbOxC4HlaWcGR5QTvIRGn3qQrH4kb8qKw2zoxUpgSYNtceHmGlkYR4gwn8mPUola-FMy8tmKK7rkRQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_US.REWrUaQMz1A.es5.O/d=1/ct=zgms/rs=AJlcJMxwhySYB05j966dFkMCE2IVghWm9Q/m=detection
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-x5doFx+3Y+/FA0HIerpGng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-x5doFx+3Y+/FA0HIerpGng' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 17 Mar 2021 22:13:58 GMT
x-content-type-options
nosniff
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.ledger-enquirer.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
origin-trial
AmWWqEiPtRKXiIreUsgUyNMptDcKdmLPlGI32DPZjDKK+yBAUi7+FT3r/9RpkTnzHyXYUWiPfirCGMg3Ogzc7gMAAAB3eyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjE0MTI0Nzk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
content-security-policy
script-src 'report-sample' 'nonce-x5doFx+3Y+/FA0HIerpGng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-x5doFx+3Y+/FA0HIerpGng' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUPP-NHKALQjyrIR6FwwAfXo2Oxo1hRqZU5qADDccPTvedLrEVM06yeRRMtoar3flRIEYOFUMR_TIt1updyPMHcAylpBqMCGrf9MJ-F9riNtKRL-h15AEYukCvUuGlA609wg1hMNHZswA12BtOseeafzBwbVxkM17rII5ly6YHAeW817_sFuaKXYg==
fundingchoicesmessages.google.com/f/ 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUPP-NHKALQjyrIR6FwwAfXo2Oxo1hRqZU5qADDccPTvedLrEVM06yeRRMtoar3flRIEYOFUMR_TIt1updyPMHcAylpBqMCGrf9MJ-F9riNtKRL-h15AEYukCvUuGlA609wg1hMNHZswA12BtOseeafzBwbVxkM17rII5ly6YHAeW817_sFuaKXYg==?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjE2MDE5MjM4LDM3MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsWzEsWzcsNl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_US.REWrUaQMz1A.es5.O/d=1/ct=zgms/rs=AJlcJMxwhySYB05j966dFkMCE2IVghWm9Q/m=detection
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4159ff41a12a38b034dc0de405dd8718265b291912ff07634c8f8b11abc9ad9c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MBbKfY+cMJXl5C1DXYwy8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-MBbKfY+cMJXl5C1DXYwy8w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:13:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
origin-trial
AmWWqEiPtRKXiIreUsgUyNMptDcKdmLPlGI32DPZjDKK+yBAUi7+FT3r/9RpkTnzHyXYUWiPfirCGMg3Ogzc7gMAAAB3eyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjE0MTI0Nzk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-MBbKfY+cMJXl5C1DXYwy8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-MBbKfY+cMJXl5C1DXYwy8w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVBwWHk-jLQU52B3DHSs9g7oQkxB-nXBUPrQOa7OcVawvhygwa8cXiXliVlOtG5iKFGUuOhXoufoNytnu0krOiVK7Zt12FGsFdg1PE--jkWIbOxC4HlaWcGR5QTvIRGn3qQrH4kb8qKw2zoxUpgSYNtceHmGlkYR4gwn8mPUola-FMy8tmKK7rkRQ==
fundingchoicesmessages.google.com/l/ 		0
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/l/AGSKWxVBwWHk-jLQU52B3DHSs9g7oQkxB-nXBUPrQOa7OcVawvhygwa8cXiXliVlOtG5iKFGUuOhXoufoNytnu0krOiVK7Zt12FGsFdg1PE--jkWIbOxC4HlaWcGR5QTvIRGn3qQrH4kb8qKw2zoxUpgSYNtceHmGlkYR4gwn8mPUola-FMy8tmKK7rkRQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_US.REWrUaQMz1A.es5.O/d=1/ct=zgms/rs=AJlcJMxwhySYB05j966dFkMCE2IVghWm9Q/m=detection
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Rndknn3AzEXZtM1N0gE4VA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-Rndknn3AzEXZtM1N0gE4VA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 17 Mar 2021 22:13:58 GMT
x-content-type-options
nosniff
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.ledger-enquirer.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
origin-trial
AmWWqEiPtRKXiIreUsgUyNMptDcKdmLPlGI32DPZjDKK+yBAUi7+FT3r/9RpkTnzHyXYUWiPfirCGMg3Ogzc7gMAAAB3eyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjE0MTI0Nzk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
content-security-policy
script-src 'report-sample' 'nonce-Rndknn3AzEXZtM1N0gE4VA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-Rndknn3AzEXZtM1N0gE4VA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 7AA8 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=159414:2; KADUSERCOOKIE=689FC59C-276B-4C0B-B3E6-90C744AEB308; chkChromeAb67Sec=1; DPSync3=1617148800%3A221_201_227_226; SyncRTB3=1617148800%3A7_161_13_54_56_3_220_21%7C1616803200%3A63%7C1617235200%3A35; PUBMDCID=3; KRTBCOOKIE_336=5844-5253690073884644860; KRTBCOOKIE_80=16514-CAESENmsecBKMN-CdG_6wzzCVnA&KRTB&22987-CAESENmsecBKMN-CdG_6wzzCVnA&KRTB&23025-CAESENmsecBKMN-CdG_6wzzCVnA; KRTBCOOKIE_57=22776-3228286691239197805; KRTBCOOKIE_377=6810-bff16d09-675f-4d13-9410-60a283c92efa&KRTB&22918-bff16d09-675f-4d13-9410-60a283c92efa&KRTB&23031-bff16d09-675f-4d13-9410-60a283c92efa; KRTBCOOKIE_27=16735-uid:6d9f6052-7f24-4e00-b8f6-6a5f28858dc1&KRTB&16736-uid:6d9f6052-7f24-4e00-b8f6-6a5f28858dc1&KRTB&23019-uid:6d9f6052-7f24-4e00-b8f6-6a5f28858dc1&KRTB&23114-uid:6d9f6052-7f24-4e00-b8f6-6a5f28858dc1; KRTBCOOKIE_391=22924-2041863045849423668&KRTB&23263-2041863045849423668; KRTBCOOKIE_466=16530-28abe8fd-f470-49bd-8bb1-830bf588812b; KRTBCOOKIE_218=22978-YFJ-IgAAAJgHLxNg&KRTB&23194-YFJ-IgAAAJgHLxNg&KRTB&23209-YFJ-IgAAAJgHLxNg&KRTB&23244-YFJ-IgAAAJgHLxNg; PugT=1616019237; SPugT=1616019237
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=110068
Expires
Fri, 19 Mar 2021 04:48:26 GMT
Date
Wed, 17 Mar 2021 22:13:58 GMT
Connection
keep-alive
Vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame 7D52 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuGdoEt3I3lKBy35wdKF1184gwNS1KxSPKzhC7qMi81jClU33tz5cVmOiyKDi-lOX1T5wjQGiUIAQAMpOnRQr7YLaLC6S93HkxcpuWQjp7rwZocm2UK93ZsKphSexl0NPBk_MZ1tNQh_K8AsidoT__U0gVFvqbiUQ_N699GzD09zu6JvZSRTWN04gqE-_M0ikPOfL3aBXPm-3f74AemL1JNXxTddOncGMng9l2BpO17b7s9JD6f0N-BgH6_BrLqJ_4BKq2tWz1uYLd32YJKjmNS3qr1QRy0G7a0v3btLbaqYVI8wmLjGHPZo14eZWFv6RkqUun6vLMwU2d26aIy6RWl&sig=Cg0ArKJSzKfVbUeAwiF0EAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 17 Mar 2021 22:13:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 17 Mar 2021 22:13:58 GMT
usync.js
eus.rubiconproject.com/ Frame D8F1 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e01b2c94a979c7f73e27503991c0087ddd4e3dc9b6920cae31ba9308db24bb9e

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:13:58 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=44868
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9439
Expires
Thu, 18 Mar 2021 10:41:46 GMT
casale
match.adsrvr.org/track/cmf/ Frame 89B6 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_user_id=YFJ-JEQm5rKawX1neXn8BgAA&cm_dsp_id=39&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.21.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-21-183.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:13:58 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 89B6
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YFJ-JEQm5rKawX1neXn8BgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENYFsTbtHropzNkZkG_HE_4&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENYFsTbtHropzNkZkG_HE_4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 22:13:58 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 17 Mar 2021 22:13:58 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:13:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENYFsTbtHropzNkZkG_HE_4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 89B6 		43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YFJ_JEQm5rKawX1neXn8BgAABKMAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 22:13:58 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 89B6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YFJ_JEQm5rKawX1neXn8BgAABKMAAAAB
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEELdMTAXvnzAb8UmTEVq6ZY&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEELdMTAXvnzAb8UmTEVq6ZY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 22:13:58 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Wed, 17 Mar 2021 22:13:58 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:13:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEELdMTAXvnzAb8UmTEVq6ZY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 89B6
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=23881033384C414C9BC58217D5C674DC
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=23881033384C414C9BC58217D5C674DC
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 22:13:58 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 17 Mar 2021 22:13:58 GMT

Redirect headers

date
Wed, 17 Mar 2021 22:13:58 GMT
x-content-type-options
nosniff
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=23881033384C414C9BC58217D5C674DC
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Tue, 16 Mar 2021 22:13:58 GMT
rum
dsum.casalemedia.com/ Frame 89B6
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1616105638
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1616105638
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 22:13:58 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Wed, 17 Mar 2021 22:13:58 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1616105638
pragma
no-cache
date
Wed, 17 Mar 2021 22:13:58 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame 89B6
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871878968497816051
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871878968497816051
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 22:13:58 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 17 Mar 2021 22:13:58 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871878968497816051
Date
Wed, 17 Mar 2021 22:13:58 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
crum
dsum-sec.casalemedia.com/ Frame 89B6
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=8EUGhizF1LmEqq5
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=8EUGhizF1LmEqq5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 22:13:59 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 17 Mar 2021 22:13:59 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 22:13:57 GMT
Server
PingMatch/v2.0.30-619-g1028223#rel-ec2-master i-015d5badb48c29580@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=8EUGhizF1LmEqq5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 89B6 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=index.com&id=YFJ_JEQm5rKawX1neXn8BgAABKMAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 22:13:58 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
AGSKWxW-8GJ1X9Whr_JXO7jfvJOBJ_QTStoscg8pswLGizikIOQYEkUDyzFoJ4nLuteyil8vThEenjAajhRhi38iSRGrd1u643BVWW3lAYI_mF5kT4nZFQrMltfSV_95-4rB13dZcbcPGAqN6oKAw7LOhs6XgAtNNNhbJ-YtV-K_2-2weOhX-z5xVT8omQ==
fundingchoicesmessages.google.com/l/ 		0
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/l/AGSKWxW-8GJ1X9Whr_JXO7jfvJOBJ_QTStoscg8pswLGizikIOQYEkUDyzFoJ4nLuteyil8vThEenjAajhRhi38iSRGrd1u643BVWW3lAYI_mF5kT4nZFQrMltfSV_95-4rB13dZcbcPGAqN6oKAw7LOhs6XgAtNNNhbJ-YtV-K_2-2weOhX-z5xVT8omQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.en_US.e3erZosYGus.es5.O/d=1/ct=zgms/rs=AJlcJMzhs1A8RBipMSExrv2DkThULlTiPA/m=cookie_refresh
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-P5vr8fLVHjKBFICMfwYLvA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-P5vr8fLVHjKBFICMfwYLvA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 17 Mar 2021 22:13:58 GMT
x-content-type-options
nosniff
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.ledger-enquirer.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
origin-trial
AmWWqEiPtRKXiIreUsgUyNMptDcKdmLPlGI32DPZjDKK+yBAUi7+FT3r/9RpkTnzHyXYUWiPfirCGMg3Ogzc7gMAAAB3eyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjE0MTI0Nzk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
content-security-policy
script-src 'report-sample' 'nonce-P5vr8fLVHjKBFICMfwYLvA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-P5vr8fLVHjKBFICMfwYLvA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxW-8GJ1X9Whr_JXO7jfvJOBJ_QTStoscg8pswLGizikIOQYEkUDyzFoJ4nLuteyil8vThEenjAajhRhi38iSRGrd1u643BVWW3lAYI_mF5kT4nZFQrMltfSV_95-4rB13dZcbcPGAqN6oKAw7LOhs6XgAtNNNhbJ-YtV-K_2-2weOhX-z5xVT8omQ==
fundingchoicesmessages.google.com/l/ 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/l/AGSKWxW-8GJ1X9Whr_JXO7jfvJOBJ_QTStoscg8pswLGizikIOQYEkUDyzFoJ4nLuteyil8vThEenjAajhRhi38iSRGrd1u643BVWW3lAYI_mF5kT4nZFQrMltfSV_95-4rB13dZcbcPGAqN6oKAw7LOhs6XgAtNNNhbJ-YtV-K_2-2weOhX-z5xVT8omQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.en_US.e3erZosYGus.es5.O/d=1/ct=zgms/rs=AJlcJMzhs1A8RBipMSExrv2DkThULlTiPA/m=cookie_refresh
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FsEOySa9q/e2Z1meJGuA3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-FsEOySa9q/e2Z1meJGuA3Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 17 Mar 2021 22:13:58 GMT
x-content-type-options
nosniff
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.ledger-enquirer.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
origin-trial
AmWWqEiPtRKXiIreUsgUyNMptDcKdmLPlGI32DPZjDKK+yBAUi7+FT3r/9RpkTnzHyXYUWiPfirCGMg3Ogzc7gMAAAB3eyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjE0MTI0Nzk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
content-security-policy
script-src 'report-sample' 'nonce-FsEOySa9q/e2Z1meJGuA3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-FsEOySa9q/e2Z1meJGuA3Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjE2MDE5MjM3eGU5NDMxYWQ5ODQ1ZDQxeDE2Nzc0MjA1IiwiYWNjb3VudElkIjoiNTkwZTEzODQiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI2OTYzMjMyOTcwMDIxNTY5IiwiaW5kZXgiO...
track.celtra.com/json/ 		35 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjE2MDE5MjM3eGU5NDMxYWQ5ODQ1ZDQxeDE2Nzc0MjA1IiwiYWNjb3VudElkIjoiNTkwZTEzODQiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI2OTYzMjMyOTcwMDIxNTY5IiwiaW5kZXgiOjAsImNsaWVudFRpbWVzdGFtcCI6MTYxNjAxOTIzOC42ODEsIm5hbWUiOiJjb250YWluZXJCZWNhbWVWaWV3YWJsZSJ9XX0=?crc32c=4024517438
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.207.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 22:13:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
PugMaster
image6.pubmatic.com/AdServer/ Frame 7AA8 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=74782580&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
835c8e3cbcc1e237777ccd12220046e701b7036b993a3d27f7d683c6bec5e137

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:13:57 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
ecm3
aax-eu.amazon-adsystem.com/s/ Frame D8F1
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu&us_privacy=1---
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=KME04MBK-C-A1JL&ex=d-rubiconproject.com&status=ok&us_privacy=1---
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=KME04MBK-C-A1JL&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_cnv_pm-db5_rbd&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 22:13:59 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=KME04MBK-C-A1JL&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Expires
0
match
c1.adform.net/serving/cookie/ Frame CC46 		35 B
325 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=689FC59C-276B-4C0B-B3E6-90C744AEB308
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=74782580&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?party=14&cid=689FC59C-276B-4C0B-B3E6-90C744AEB308
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1; uid=2041863045849423668
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 17 Mar 2021 22:13:58 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=2041863045849423668; expires=Sun, 16 May 2021 22:13:58 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame DFA0
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEZGIwN0FwUDRBQUFfWWM3V2RMdw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADdb07ApP4AAA_Yc7WdLw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AADdb07ApP4AAA_Yc7WdLw&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADdb07ApP4AAA_Yc7WdLw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_part...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=8812183928366814656
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADdb07ApP4AAA_Yc7WdLw
42 B
773 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADdb07ApP4AAA_Yc7WdLw
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=74782580&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=689FC59C-276B-4C0B-B3E6-90C744AEB308; PUBMDCID=3; KRTBCOOKIE_336=5844-5253690073884644860; KRTBCOOKIE_80=16514-CAESENmsecBKMN-CdG_6wzzCVnA&KRTB&22987-CAESENmsecBKMN-CdG_6wzzCVnA&KRTB&23025-CAESENmsecBKMN-CdG_6wzzCVnA; KRTBCOOKIE_57=22776-3228286691239197805; KRTBCOOKIE_377=6810-bff16d09-675f-4d13-9410-60a283c92efa&KRTB&22918-bff16d09-675f-4d13-9410-60a283c92efa&KRTB&23031-bff16d09-675f-4d13-9410-60a283c92efa; KRTBCOOKIE_27=16735-uid:6d9f6052-7f24-4e00-b8f6-6a5f28858dc1&KRTB&16736-uid:6d9f6052-7f24-4e00-b8f6-6a5f28858dc1&KRTB&23019-uid:6d9f6052-7f24-4e00-b8f6-6a5f28858dc1&KRTB&23114-uid:6d9f6052-7f24-4e00-b8f6-6a5f28858dc1; KRTBCOOKIE_391=22924-2041863045849423668&KRTB&23263-2041863045849423668; KRTBCOOKIE_466=16530-28abe8fd-f470-49bd-8bb1-830bf588812b; KRTBCOOKIE_218=22978-YFJ-IgAAAJgHLxNg&KRTB&23194-YFJ-IgAAAJgHLxNg&KRTB&23209-YFJ-IgAAAJgHLxNg&KRTB&23244-YFJ-IgAAAJgHLxNg; pi=156657:3; chkChromeAb67Sec=2; DPSync3=1616025600%3A174%7C1617148800%3A221_201_227_226_219_197; SyncRTB3=1617235200%3A35%7C1617148800%3A54_8_22_56_81_88_78_165_176_189_7_204_161_13_71_166_5_55_220_21_222_104_3%7C1616544000%3A67_15_2_223%7C1616803200%3A63%7C1618531200%3A203; KRTBCOOKIE_107=1471-uid:8EUGhizF1LmEqq5; KRTBCOOKIE_153=1923-YYkQomDfF6N6iUeiZdsIo2HfEqd6iRPyNo1fdhQ_&KRTB&19420-YYkQomDfF6N6iUeiZdsIo2HfEqd6iRPyNo1fdhQ_&KRTB&22979-YYkQomDfF6N6iUeiZdsIo2HfEqd6iRPyNo1fdhQ_; KRTBCOOKIE_1101=23040-6940749781214230679; KRTBCOOKIE_22=14911-3470211263641356968; KRTBCOOKIE_409=22966-62Bl2lozPbzrMxqeVmo9WfRV&KRTB&23212-62Bl2lozPbzrMxqeVmo9WfRV; SPugT=1616019238; KRTBCOOKIE_1074=22956-e_dbcbf815-085c-4167-b533-29f537535061; KRTBCOOKIE_188=3189-47a8e636-30ec-4fad-a1ca-cb90e10d14fe-60527f27-4348; PugT=1616019239
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Wed, 17 Mar 2021 22:13:59 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_699=22727-AADdb07ApP4AAA_Yc7WdLw; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 16-Apr-2021 22:13:59 GMT; path=/ PugT=1616019239; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 16-Apr-2021 22:13:59 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 15-Jun-2021 22:13:59 GMT; path=/
X-lat
lhrpug001:0:475
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Date
Wed, 17 Mar 2021 22:13:59 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADdb07ApP4AAA_Yc7WdLw
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 5B21
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6940749781214230679
42 B
771 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6940749781214230679
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=74782580&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=689FC59C-276B-4C0B-B3E6-90C744AEB308; PUBMDCID=3; KRTBCOOKIE_336=5844-5253690073884644860; KRTBCOOKIE_80=16514-CAESENmsecBKMN-CdG_6wzzCVnA&KRTB&22987-CAESENmsecBKMN-CdG_6wzzCVnA&KRTB&23025-CAESENmsecBKMN-CdG_6wzzCVnA; KRTBCOOKIE_57=22776-3228286691239197805; KRTBCOOKIE_377=6810-bff16d09-675f-4d13-9410-60a283c92efa&KRTB&22918-bff16d09-675f-4d13-9410-60a283c92efa&KRTB&23031-bff16d09-675f-4d13-9410-60a283c92efa; KRTBCOOKIE_27=16735-uid:6d9f6052-7f24-4e00-b8f6-6a5f28858dc1&KRTB&16736-uid:6d9f6052-7f24-4e00-b8f6-6a5f28858dc1&KRTB&23019-uid:6d9f6052-7f24-4e00-b8f6-6a5f28858dc1&KRTB&23114-uid:6d9f6052-7f24-4e00-b8f6-6a5f28858dc1; KRTBCOOKIE_391=22924-2041863045849423668&KRTB&23263-2041863045849423668; KRTBCOOKIE_466=16530-28abe8fd-f470-49bd-8bb1-830bf588812b; KRTBCOOKIE_218=22978-YFJ-IgAAAJgHLxNg&KRTB&23194-YFJ-IgAAAJgHLxNg&KRTB&23209-YFJ-IgAAAJgHLxNg&KRTB&23244-YFJ-IgAAAJgHLxNg; SPugT=1616019237; pi=156657:3; chkChromeAb67Sec=2; DPSync3=1616025600%3A174%7C1617148800%3A221_201_227_226_219_197; SyncRTB3=1617235200%3A35%7C1617148800%3A54_8_22_56_81_88_78_165_176_189_7_204_161_13_71_166_5_55_220_21_222_104_3%7C1616544000%3A67_15_2_223%7C1616803200%3A63%7C1618531200%3A203; KRTBCOOKIE_107=1471-uid:8EUGhizF1LmEqq5; KRTBCOOKIE_153=1923-YYkQomDfF6N6iUeiZdsIo2HfEqd6iRPyNo1fdhQ_&KRTB&19420-YYkQomDfF6N6iUeiZdsIo2HfEqd6iRPyNo1fdhQ_&KRTB&22979-YYkQomDfF6N6iUeiZdsIo2HfEqd6iRPyNo1fdhQ_; PugT=1616019239
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Wed, 17 Mar 2021 22:13:57 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_1101=23040-6940749781214230679; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 16-Apr-2021 22:13:57 GMT; path=/ PugT=1616019237; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 16-Apr-2021 22:13:57 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 15-Jun-2021 22:13:57 GMT; path=/
X-lat
amspug006:0:298
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Wed, 17 Mar 2021 22:13:59 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6940749781214230679; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6940749781214230679
bridge
cm.adgrx.com/ Frame C236 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=74782580&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.170 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Wed, 17 Mar 2021 22:13:59 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-2
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame F800
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=62Bl2lozPbzrMxqeVmo9WfRV
42 B
811 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=62Bl2lozPbzrMxqeVmo9WfRV
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=74782580&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=689FC59C-276B-4C0B-B3E6-90C744AEB308; PUBMDCID=3; KRTBCOOKIE_336=5844-5253690073884644860; KRTBCOOKIE_80=16514-CAESENmsecBKMN-CdG_6wzzCVnA&KRTB&22987-CAESENmsecBKMN-CdG_6wzzCVnA&KRTB&23025-CAESENmsecBKMN-CdG_6wzzCVnA; KRTBCOOKIE_57=22776-3228286691239197805; KRTBCOOKIE_377=6810-bff16d09-675f-4d13-9410-60a283c92efa&KRTB&22918-bff16d09-675f-4d13-9410-60a283c92efa&KRTB&23031-bff16d09-675f-4d13-9410-60a283c92efa; KRTBCOOKIE_27=16735-uid:6d9f6052-7f24-4e00-b8f6-6a5f28858dc1&KRTB&16736-uid:6d9f6052-7f24-4e00-b8f6-6a5f28858dc1&KRTB&23019-uid:6d9f6052-7f24-4e00-b8f6-6a5f28858dc1&KRTB&23114-uid:6d9f6052-7f24-4e00-b8f6-6a5f28858dc1; KRTBCOOKIE_391=22924-2041863045849423668&KRTB&23263-2041863045849423668; KRTBCOOKIE_466=16530-28abe8fd-f470-49bd-8bb1-830bf588812b; KRTBCOOKIE_218=22978-YFJ-IgAAAJgHLxNg&KRTB&23194-YFJ-IgAAAJgHLxNg&KRTB&23209-YFJ-IgAAAJgHLxNg&KRTB&23244-YFJ-IgAAAJgHLxNg; SPugT=1616019237; pi=156657:3; chkChromeAb67Sec=2; DPSync3=1616025600%3A174%7C1617148800%3A221_201_227_226_219_197; SyncRTB3=1617235200%3A35%7C1617148800%3A54_8_22_56_81_88_78_165_176_189_7_204_161_13_71_166_5_55_220_21_222_104_3%7C1616544000%3A67_15_2_223%7C1616803200%3A63%7C1618531200%3A203; KRTBCOOKIE_107=1471-uid:8EUGhizF1LmEqq5; KRTBCOOKIE_153=1923-YYkQomDfF6N6iUeiZdsIo2HfEqd6iRPyNo1fdhQ_&KRTB&19420-YYkQomDfF6N6iUeiZdsIo2HfEqd6iRPyNo1fdhQ_&KRTB&22979-YYkQomDfF6N6iUeiZdsIo2HfEqd6iRPyNo1fdhQ_; PugT=1616019239
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Wed, 17 Mar 2021 22:13:59 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_409=22966-62Bl2lozPbzrMxqeVmo9WfRV&KRTB&23212-62Bl2lozPbzrMxqeVmo9WfRV; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 16-Apr-2021 22:13:59 GMT; path=/ PugT=1616019239; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 16-Apr-2021 22:13:59 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 15-Jun-2021 22:13:59 GMT; path=/
X-lat
lhrpug011:0:333
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

server
openresty
date
Wed, 17 Mar 2021 22:13:59 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=62Bl2lozPbzrMxqeVmo9WfRV; Max-Age=63072000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=62Bl2lozPbzrMxqeVmo9WfRV
strict-transport-security
max-age=0; includeSubDomains;
i.match
s.tribalfusion.com/z/ Frame 4EA6
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
443 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=74782580&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=a7noeUwyEoMpuMNra1AIOrPcnF0sjKg9uAQ7Vdee
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 17 Mar 2021 22:13:59 GMT
content-type
image/gif; charset=utf-8
content-length
43
set-cookie
__cfduid=d635aeade55543b5813145e483415e1781616019239; expires=Fri, 16-Apr-21 22:13:59 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aAnseFqO2c9U2OqnverKsyFEfI4Zdar8B4hxFq8acCyLQuZbPmQbZcSCPsZdLhlMiLTplBocQjSZajk0RBVCTSbm8; path=/; domain=.tribalfusion.com; expires=Tue, 15-Jun-2021 22:13:59 GMT; SameSite=None; Secure; ANON_ID_old=aAnseFqO2c9U2OqnverKsyFEfI4Zdar8B4hxFq8acCyLQuZbPmQbZcSCPsZdLhlMiLTplBocQjSZajk0RBVCTSbm8; path=/; domain=.tribalfusion.com; expires=Tue, 15-Jun-2021 22:13:59 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
cf-request-id
08e3d9c91e000006014cba9000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
63199254f9eb0601-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Wed, 17 Mar 2021 22:13:59 GMT
content-type
text/html
set-cookie
__cfduid=d635aeade55543b5813145e483415e1781616019239; expires=Fri, 16-Apr-21 22:13:59 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=a7noeUwyEoMpuMNra1AIOrPcnF0sjKg9uAQ7Vdee; path=/; domain=.tribalfusion.com; expires=Tue, 15-Jun-2021 22:13:59 GMT; SameSite=None; Secure; ANON_ID_old=a7noeUwyEoMpuMNra1AIOrPcnF0sjKg9uAQ7Vdee; path=/; domain=.tribalfusion.com; expires=Tue, 15-Jun-2021 22:13:59 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
10
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
cf-request-id
08e3d9c86f0000060142202000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
63199253e8960601-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 4399
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=1g6iWYIu9Mpi&pid=557219
1 B
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=1g6iWYIu9Mpi&pid=557219
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=74782580&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=689FC59C-276B-4C0B-B3E6-90C744AEB308; PUBMDCID=3; KRTBCOOKIE_336=5844-5253690073884644860; KRTBCOOKIE_80=16514-CAESENmsecBKMN-CdG_6wzzCVnA&KRTB&22987-CAESENmsecBKMN-CdG_6wzzCVnA&KRTB&23025-CAESENmsecBKMN-CdG_6wzzCVnA; KRTBCOOKIE_57=22776-3228286691239197805; KRTBCOOKIE_377=6810-bff16d09-675f-4d13-9410-60a283c92efa&KRTB&22918-bff16d09-675f-4d13-9410-60a283c92efa&KRTB&23031-bff16d09-675f-4d13-9410-60a283c92efa; KRTBCOOKIE_27=16735-uid:6d9f6052-7f24-4e00-b8f6-6a5f28858dc1&KRTB&16736-uid:6d9f6052-7f24-4e00-b8f6-6a5f28858dc1&KRTB&23019-uid:6d9f6052-7f24-4e00-b8f6-6a5f28858dc1&KRTB&23114-uid:6d9f6052-7f24-4e00-b8f6-6a5f28858dc1; KRTBCOOKIE_391=22924-2041863045849423668&KRTB&23263-2041863045849423668; KRTBCOOKIE_466=16530-28abe8fd-f470-49bd-8bb1-830bf588812b; KRTBCOOKIE_218=22978-YFJ-IgAAAJgHLxNg&KRTB&23194-YFJ-IgAAAJgHLxNg&KRTB&23209-YFJ-IgAAAJgHLxNg&KRTB&23244-YFJ-IgAAAJgHLxNg; pi=156657:3; chkChromeAb67Sec=2; DPSync3=1616025600%3A174%7C1617148800%3A221_201_227_226_219_197; SyncRTB3=1617235200%3A35%7C1617148800%3A54_8_22_56_81_88_78_165_176_189_7_204_161_13_71_166_5_55_220_21_222_104_3%7C1616544000%3A67_15_2_223%7C1616803200%3A63%7C1618531200%3A203; KRTBCOOKIE_107=1471-uid:8EUGhizF1LmEqq5; KRTBCOOKIE_153=1923-YYkQomDfF6N6iUeiZdsIo2HfEqd6iRPyNo1fdhQ_&KRTB&19420-YYkQomDfF6N6iUeiZdsIo2HfEqd6iRPyNo1fdhQ_&KRTB&22979-YYkQomDfF6N6iUeiZdsIo2HfEqd6iRPyNo1fdhQ_; KRTBCOOKIE_1101=23040-6940749781214230679; KRTBCOOKIE_22=14911-3470211263641356968; KRTBCOOKIE_409=22966-62Bl2lozPbzrMxqeVmo9WfRV&KRTB&23212-62Bl2lozPbzrMxqeVmo9WfRV; PugT=1616019239; SPugT=1616019238
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Wed, 17 Mar 2021 22:13:58 GMT
Content-Type
text/html; charset=utf-8
Content-Length
1
Connection
keep-alive
Set-Cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 15-Jun-2021 22:13:58 GMT; path=/
X-lat
amspug011:0:346
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-568ff9c7d-jh48z
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
set-cookie
V=1g6iWYIu9Mpi;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Sat, 12-Mar-2022 22:13:59 GMT;Max-Age=31104000;SameSite=None INGRESSCOOKIE=ca17d9ac3e475163; path=/; HttpOnly; Secure; SameSite=None
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=1g6iWYIu9Mpi&pid=557219
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 2BAA
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7b95bb3c-e43d-4f0a-94c6-ec33cc34fb4c-tuct74c04a7&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7b95bb3c-e43d-4f0a-94c6-ec33cc34fb4c-tuct74c04a7&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=74782580&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7b95bb3c-e43d-4f0a-94c6-ec33cc34fb4c-tuct74c04a7&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=7b95bb3c-e43d-4f0a-94c6-ec33cc34fb4c-tuct74c04a7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Wed, 17 Mar 2021 22:13:59 GMT
via
1.1 varnish
x-served-by
cache-fra19156-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1616019239.191061,VS0,VE8
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=7b95bb3c-e43d-4f0a-94c6-ec33cc34fb4c-tuct74c04a7;Version=1;Path=/;Domain=.taboola.com;Expires=Thu, 17-Mar-2022 22:13:59 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7b95bb3c-e43d-4f0a-94c6-ec33cc34fb4c-tuct74c04a7&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Wed, 17 Mar 2021 22:13:59 GMT
via
1.1 varnish
x-served-by
cache-fra19156-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1616019239.095308,VS0,VE62
x-vcl-time-ms
62
content-length
0
check
pixel.tapad.com/idsync/ex/receive/ Frame FBC1
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
95 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=74782580&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.tapad.com
:scheme
https
:path
/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
TapAd_TS=1616019239166; TapAd_DID=128301e5-876e-11eb-8b15-9e9b130d4f06
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 17 Mar 2021 22:13:59 GMT
strict-transport-security
max-age=31536000
content-type
image/png
content-length
95
server
Jetty(9.4.28.v20200408)
via
1.1 google
alt-svc
clear

Redirect headers

date
Wed, 17 Mar 2021 22:13:59 GMT
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie
TapAd_TS=1616019239166;Expires=Sun, 16 May 2021 22:13:59 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=128301e5-876e-11eb-8b15-9e9b130d4f06;Expires=Sun, 16 May 2021 22:13:59 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
content-length
0
server
Jetty(9.4.28.v20200408)
via
1.1 google
alt-svc
clear
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 299B
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:8EUGhizF1LmEqq5&gdpr=0&gdpr_consent=
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:8EUGhizF1LmEqq5&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=74782580&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=689FC59C-276B-4C0B-B3E6-90C744AEB308; PUBMDCID=3; KRTBCOOKIE_336=5844-5253690073884644860; KRTBCOOKIE_80=16514-CAESENmsecBKMN-CdG_6wzzCVnA&KRTB&22987-CAESENmsecBKMN-CdG_6wzzCVnA&KRTB&23025-CAESENmsecBKMN-CdG_6wzzCVnA; KRTBCOOKIE_57=22776-3228286691239197805; KRTBCOOKIE_377=6810-bff16d09-675f-4d13-9410-60a283c92efa&KRTB&22918-bff16d09-675f-4d13-9410-60a283c92efa&KRTB&23031-bff16d09-675f-4d13-9410-60a283c92efa; KRTBCOOKIE_27=16735-uid:6d9f6052-7f24-4e00-b8f6-6a5f28858dc1&KRTB&16736-uid:6d9f6052-7f24-4e00-b8f6-6a5f28858dc1&KRTB&23019-uid:6d9f6052-7f24-4e00-b8f6-6a5f28858dc1&KRTB&23114-uid:6d9f6052-7f24-4e00-b8f6-6a5f28858dc1; KRTBCOOKIE_391=22924-2041863045849423668&KRTB&23263-2041863045849423668; KRTBCOOKIE_466=16530-28abe8fd-f470-49bd-8bb1-830bf588812b; KRTBCOOKIE_218=22978-YFJ-IgAAAJgHLxNg&KRTB&23194-YFJ-IgAAAJgHLxNg&KRTB&23209-YFJ-IgAAAJgHLxNg&KRTB&23244-YFJ-IgAAAJgHLxNg; PugT=1616019237; SPugT=1616019237; pi=156657:3; chkChromeAb67Sec=2; DPSync3=1616025600%3A174%7C1617148800%3A221_201_227_226_219_197; SyncRTB3=1617235200%3A35%7C1617148800%3A54_8_22_56_81_88_78_165_176_189_7_204_161_13_71_166_5_55_220_21_222_104_3%7C1616544000%3A67_15_2_223%7C1616803200%3A63%7C1618531200%3A203
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Wed, 17 Mar 2021 22:13:58 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_107=1471-uid:8EUGhizF1LmEqq5; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 15-Jun-2021 22:13:58 GMT; path=/ PugT=1616019238; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 16-Apr-2021 22:13:58 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 15-Jun-2021 22:13:58 GMT; path=/
X-lat
amspug001:0:415
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Wed, 17 Mar 2021 22:13:58 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:8EUGhizF1LmEqq5&gdpr=0&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/v2.0.30-619-g1028223#rel-ec2-master i-0ae06fec161a2bbf2@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Set-Cookie
wfivefivec=8EUGhizF1LmEqq5; Domain=.w55c.net; Expires=Sun, 17-Apr-2022 22:13:59 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Fri, 16-Apr-2021 22:13:59 GMT; Path=/; SameSite=None; Secure
Content-Length
0
Connection
keep-alive
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 102C 		43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=689FC59C-276B-4C0B-B3E6-90C744AEB308&ex=pubmatic.com
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A19Y1WEbMEAKjkVPDu4kOrU; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
Server
Date
Wed, 17 Mar 2021 22:13:59 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent
mw
mwzeom.zeotap.com/ Frame 7AA8
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=689FC59C-276B-4C0B-B3E6-90C744AEB308
  • https://spl.zeotap.com/?zdid=1332&zcluid=f49e25073dfb138d
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=a33ca8da-5ab0-4b85-644a-bf7191bc8595&reqId=d38dec9b-2022-4729-6e40-d7fbf1fb30ae&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEAKsZQHA2t5N0VHlj5POaG0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=a33ca8da-5ab0-4b85-644a-bf7191bc8595&reqId=d38dec9b-2022-4729-6e40-d7f...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEAKsZQHA2t5N0VHlj5POaG0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=a33ca8da-5ab0-4b85-644a-bf7191bc8595&reqId=d38dec9b-2022-4729-6e40-d7fbf1fb30ae&zcluid=f49e25073dfb138d&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:59 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
63199255ca0c5364-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08e3d9c99d000053641d8f2000000001

Redirect headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:13:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEAKsZQHA2t5N0VHlj5POaG0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=a33ca8da-5ab0-4b85-644a-bf7191bc8595&reqId=d38dec9b-2022-4729-6e40-d7fbf1fb30ae&zcluid=f49e25073dfb138d&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 7AA8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=6d9f6052-7f24-4e00-b8f6-6a5f28858dc1
0
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=6d9f6052-7f24-4e00-b8f6-6a5f28858dc1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Date
Wed, 17 Mar 2021 22:13:57 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8

Redirect headers

Date
Wed, 17 Mar 2021 22:13:58 GMT
Server
MT3 3611 f10363c master cdg-pixel-x28
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=6d9f6052-7f24-4e00-b8f6-6a5f28858dc1
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 17 Mar 2021 22:13:57 GMT
689FC59C-276B-4C0B-B3E6-90C744AEB308
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 7AA8 		43 B
837 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/689FC59C-276B-4C0B-B3E6-90C744AEB308?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:59 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 7AA8
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=689FC59C-276B-4C0B-B3E6-90C744AEB308&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=689FC59C-276B-4C0B-B3E6-90C744AEB308&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-DeTm_mNE2uUGgHX3yXi2dVva.lf_lgc-~A&gdpr=0&gdpr_consent=
0
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-DeTm_mNE2uUGgHX3yXi2dVva.lf_lgc-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Date
Wed, 17 Mar 2021 22:13:58 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8

Redirect headers

Date
Wed, 17 Mar 2021 22:13:59 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-DeTm_mNE2uUGgHX3yXi2dVva.lf_lgc-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 7AA8
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=YYkQomDfF6N6iUeiZdsIo2HfEqd6iRPyNo1fdhQ_
42 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=YYkQomDfF6N6iUeiZdsIo2HfEqd6iRPyNo1fdhQ_
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:13:59 GMT
X-lat
lhrpug008:0:421
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:13:59 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=YYkQomDfF6N6iUeiZdsIo2HfEqd6iRPyNo1fdhQ_
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 7AA8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFJ-IgAAAJgHLxNg&gdpr=0&gdpr_consent=
1 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFJ-IgAAAJgHLxNg&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:13:58 GMT
X-lat
amspug020:0:500
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:13:59 GMT
via
1.1 varnish
server
Varnish
x-timer
S1616019239.024232,VS0,VE0
x-served-by
cache-fra19146-FRA
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFJ-IgAAAJgHLxNg&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame 7AA8
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3470211263641356968&gdpr=0&gdpr_consent=&us_privacy=
1 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3470211263641356968&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:13:56 GMT
X-lat
amspug019:0:422
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3470211263641356968&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 17 Mar 2021 22:13:59 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 7AA8
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:9e188e22-3f6f-4bf5-b845-fe4c590c85ed&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:9e188e22-3f6f-4bf5-b845-fe4c590c85ed&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:13:58 GMT
X-lat
amspug018:0:365
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:9e188e22-3f6f-4bf5-b845-fe4c590c85ed&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Wed, 17 Mar 2021 22:13:59 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
image2.pubmatic.com/AdServer/ Frame 7AA8
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=47a8e636-30ec-4fad-a1ca-cb90e10d14fe-60527f27-4348&gdpr=0&gdpr_consent=
42 B
800 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=47a8e636-30ec-4fad-a1ca-cb90e10d14fe-60527f27-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:13:59 GMT
X-lat
lhrpug010:0:348
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:13:58 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=47a8e636-30ec-4fad-a1ca-cb90e10d14fe-60527f27-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
current
pubmatic-match.dotomi.com/match/bounce/ Frame 7AA8 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=689FC59C-276B-4C0B-B3E6-90C744AEB308&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:13:59 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 7AA8
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3228286691239197805
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3228286691239197805
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:13:58 GMT
X-lat
amspug001:0:306
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 22:13:59 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.149:80
AN-X-Request-Uuid
eb20bc38-f6e4-4d25-ae99-73f4e3b55b15
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3228286691239197805
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 7AA8
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_dbcbf815-085c-4167-b533-29f537535061
42 B
790 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_dbcbf815-085c-4167-b533-29f537535061
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:13:58 GMT
X-lat
amspug018:0:437
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_dbcbf815-085c-4167-b533-29f537535061
date
Wed, 17 Mar 2021 22:13:59 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
Pug
simage2.pubmatic.com/AdServer/ Frame 7AA8
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=12c42a1a-876e-11eb-b8c7-cd417d5d858f&gdpr=0&gdpr_consent=
1 B
793 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=12c42a1a-876e-11eb-b8c7-cd417d5d858f&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:13:58 GMT
X-lat
amspug003:0:507
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=12c42a1a-876e-11eb-b8c7-cd417d5d858f&gdpr=0&gdpr_consent=
Date
Wed, 17 Mar 2021 22:13:59 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
12c42a1b-876e-11eb-b8c7-cd417d5d858f
709414.gif
id.rlcdn.com/ Frame D8F1 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif?us_privacy=1---
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_cnv_pm-db5_rbd&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:59 GMT
via
1.1 google
alt-svc
clear
content-length
0
rubicon
match.adsrvr.org/track/cmf/ Frame D8F1 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_cnv_pm-db5_rbd&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.21.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-21-183.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:13:59 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame D8F1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/EEBZwC8elehUaVAmYBC5vg?csrc=&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2685027064798528512
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2685027064798528512
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_cnv_pm-db5_rbd&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif

Redirect headers

date
Wed, 17 Mar 2021 22:13:59 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2685027064798528512
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame D8F1
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=6d9f6052-7f24-4e00-b8f6-6a5f28858dc1
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=6d9f6052-7f24-4e00-b8f6-6a5f28858dc1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_cnv_pm-db5_rbd&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif

Redirect headers

Date
Wed, 17 Mar 2021 22:13:58 GMT
Server
MT3 3611 f10363c master cdg-pixel-x2
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=6d9f6052-7f24-4e00-b8f6-6a5f28858dc1
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 17 Mar 2021 22:13:57 GMT
pixel
cm.g.doubleclick.net/ Frame D8F1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTY5YTBmMzE4NmEzOWQ1ZjA0OTNkNTg3OThmZDUyMTQyYTI3NTI0YQ&us_privacy=1---
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTY5YTBmMzE4NmEzOWQ1ZjA0OTNkNTg3OThmZDUyMTQyYTI3NTI0YQ&us_privacy=1---
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_cnv_pm-db5_rbd&fv=1.0&a=cm&cm3ppd=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:13:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTY5YTBmMzE4NmEzOWQ1ZjA0OTNkNTg3OThmZDUyMTQyYTI3NTI0YQ&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame D8F1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJF6JeeuWLQaoRy9fcAN9nc&google_cver=1
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJF6JeeuWLQaoRy9fcAN9nc&google_cver=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_cnv_pm-db5_rbd&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:13:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJF6JeeuWLQaoRy9fcAN9nc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D8F1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01FMDRNQkstQy1BMUpM&us_privacy=1---
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01FMDRNQkstQy1BMUpM&us_privacy=1---
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_cnv_pm-db5_rbd&fv=1.0&a=cm&cm3ppd=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:13:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01FMDRNQkstQy1BMUpM&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
ads.yahoo.com/cms/ Frame D8F1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&us_privacy=1---
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KME04MBK-C-A1JL&sigv=1&esig=2~56aa1722533636b7b49c65730da32c097ff95f13&us_privacy=1---
0
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KME04MBK-C-A1JL&sigv=1&esig=2~56aa1722533636b7b49c65730da32c097ff95f13&us_privacy=1---
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_cnv_pm-db5_rbd&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:59 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KME04MBK-C-A1JL&sigv=1&esig=2~56aa1722533636b7b49c65730da32c097ff95f13&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
CLB_LIFEPOINT_HEALTH_RBBIP_210212_1920x600.jpg
cache-ssl.celtra.com/api/blobs/ef2fae2101af819b46d3cc814bccd00718ab661d0be616434c3e9b9d2a9e19d9/ Frame 997E 		162 KB
162 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cache-ssl.celtra.com/api/blobs/ef2fae2101af819b46d3cc814bccd00718ab661d0be616434c3e9b9d2a9e19d9/CLB_LIFEPOINT_HEALTH_RBBIP_210212_1920x600.jpg?transform=crush&quality=85
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-39.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
3b116330f21b3cba12b5af7ebaa8388613a6026a00267cc0a189b0bf410b1e27

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 18:28:23 GMT
via
1.1 varnish (Varnish/5.0), 1.1 0d4b487d54766de7560aa02de852bbf8.cloudfront.net (CloudFront)
age
2346335
x-cache
Hit from cloudfront
content-length
165448
server
Apache
etag
"3b116330f21b3cba12b5af7ebaa8388613a6026a00267cc0a189b0bf410b1e27"
x-varnish
3918461
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control
max-age=31556926
access-control-allow-credentials
false
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-type
image/jpeg
x-amz-cf-id
odObrQX4lJf5Gdlb3yQADV3Mj75pr9EYcd611AjcBrISKWC8yvwTBg==
CLB_LIFEPOINT_HEALTH_RBBIP_210212_1920x600.jpg
cache-ssl.celtra.com/api/blobs/ef2fae2101af819b46d3cc814bccd00718ab661d0be616434c3e9b9d2a9e19d9/ Frame 997E 		162 KB
162 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cache-ssl.celtra.com/api/blobs/ef2fae2101af819b46d3cc814bccd00718ab661d0be616434c3e9b9d2a9e19d9/CLB_LIFEPOINT_HEALTH_RBBIP_210212_1920x600.jpg?transform=crush&quality=85
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-39.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
3b116330f21b3cba12b5af7ebaa8388613a6026a00267cc0a189b0bf410b1e27

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 18:28:23 GMT
via
1.1 varnish (Varnish/5.0), 1.1 0d4b487d54766de7560aa02de852bbf8.cloudfront.net (CloudFront)
age
2346335
x-cache
Hit from cloudfront
content-length
165448
server
Apache
etag
"3b116330f21b3cba12b5af7ebaa8388613a6026a00267cc0a189b0bf410b1e27"
x-varnish
3918461
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control
max-age=31556926
access-control-allow-credentials
false
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-type
image/jpeg
x-amz-cf-id
3vS9C_8hKDSrbubPTWCmfDUDKkEhJqzqMFq0x45pQMj9Jlmt4q5e_A==
eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjE2MDE5MjM3eGU5NDMxYWQ5ODQ1ZDQxeDE2Nzc0MjA1IiwiYWNjb3VudElkIjoiNTkwZTEzODQiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI2OTYzMjMyOTcwMDIxNTY5IiwiaW5kZXgiO...
track.celtra.com/json/ 		35 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjE2MDE5MjM3eGU5NDMxYWQ5ODQ1ZDQxeDE2Nzc0MjA1IiwiYWNjb3VudElkIjoiNTkwZTEzODQiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI2OTYzMjMyOTcwMDIxNTY5IiwiaW5kZXgiOjEsImNsaWVudFRpbWVzdGFtcCI6MTYxNjAxOTIzOC43NDgsInNjb3BlIjoiZ2xvYmFsIiwidXNlckFnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2Iiwib3JpZW50YXRpb24iOjAsInRvcG1vc3RSZWFjaGFibGVXaW5kb3ciOnsid2lkdGgiOjE2MDAsImhlaWdodCI6MTIwMH0sImhvc3RXaW5kb3ciOnsid2lkdGgiOjcyOCwiaGVpZ2h0Ijo5MH0sIm5lc3RpbmciOnsiaWZyYW1lIjp0cnVlLCJmcmllbmRseUlmcmFtZSI6dHJ1ZSwiaWFiRnJpZW5kbHlJZnJhbWUiOnRydWUsImhvc3RpbGVJZnJhbWUiOmZhbHNlLCJpZnJhbWVEZXB0aCI6MX0sInBhZ2VWaXNpYmlsaXR5QXBpIjp0cnVlLCJyZXF1ZXN0QW5pbWF0aW9uRnJhbWUiOnRydWUsInRvcFdpbmRvd05hdGl2ZVJBRlN1cHBvcnRlZCI6dHJ1ZSwiYWxsb3dOb25OYXRpdmVSQUZGb3JWaWV3YWJsZVRpbWVVc2VkIjpmYWxzZSwiY2xpZW50VGltZVpvbmVPZmZzZXRJbk1pbnV0ZXMiOi02MCwic3VwcG9ydHNDb250YWluZXJWaWV3YWJpbGl0eSI6dHJ1ZSwic3VwcG9ydHNDb250YWluZXJJbml0aWFsVmlld2FiaWxpdHkiOnRydWUsInRhZ1BhcmVudFdpZHRoIjo3MjgsInRhZ1BhcmVudEhlaWdodCI6MCwiYW1wRGV0ZWN0ZWQiOmZhbHNlLCJhbXBOZXN0aW5nTGV2ZWwiOiIiLCJzYWZlRnJhbWVEZXRlY3RlZCI6ZmFsc2UsImZldGNoU3VwcG9ydGVkIjp0cnVlLCJhc2FwRW5hYmxlZCI6bnVsbCwibmF0aXZlUHJvbWlzZXNTdXBwb3J0ZWQiOnRydWUsImJlYWNvblN1cHBvcnRlZCI6dHJ1ZSwiSW50ZXJzZWN0aW9uT2JzZXJ2ZXJTdXBwb3J0ZWQiOnRydWUsImlzTXV0YXRpb25PYnNlcnZlclN1cHBvcnRlZCI6dHJ1ZSwid2ViVmlldyI6bnVsbCwiaXNXaW5kb3dPcGVuTmF0aXZlIjp0cnVlLCJwcm90b0xvYWRpbmciOnsiZGF0YUxvYWRTdGF0dXMiOiJzdXBwb3J0ZWQiLCJibG9iTG9hZFN0YXR1cyI6InN1cHBvcnRlZCJ9LCJ0b3BXaW5kb3dMb2NhdGlvbiI6Imh0dHBzOi8vd3d3LmxlZGdlci1lbnF1aXJlci5jb20iLCJ0b3BXaW5kb3dMb2NhdGlvbkxlbmd0aCI6MzEsIm5hbWUiOiJlbnZpcm9ubWVudEluZm8ifSx7InNlc3Npb25JZCI6InMxNjE2MDE5MjM3eGU5NDMxYWQ5ODQ1ZDQxeDE2Nzc0MjA1IiwiYWNjb3VudElkIjoiNTkwZTEzODQiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI2OTYzMjMyOTcwMDIxNTY5IiwiaW5kZXgiOjIsImNsaWVudFRpbWVzdGFtcCI6MTYxNjAxOTIzOS41MywibmFtZSI6InZpZXdwb3J0UGxhY2VtZW50R2VvbWV0cnkiLCJwYWdlRGltZW5zaW9ucyI6eyJoZWlnaHQiOjY0OTQsIndpZHRoIjoxNjAwfSwidmlld3BvcnRQb3NpdGlvblJlY3QiOnsid2lkdGgiOjE2MDAsImhlaWdodCI6MTIwMCwibGVmdCI6MCwidG9wIjowfSwiZmlyc3RQbGFjZW1lbnRQb3NpdGlvblJlY3QiOnsibGVmdCI6MCwidG9wIjowLCJ3aWR0aCI6MCwiaGVpZ2h0IjowfX0seyJzZXNzaW9uSWQiOiJzMTYxNjAxOTIzN3hlOTQzMWFkOTg0NWQ0MXgxNjc3NDIwNSIsImFjY291bnRJZCI6IjU5MGUxMzg0Iiwic3RyZWFtIjoiYWRFdmVudHMiLCJpbnN0YW50aWF0aW9uIjoiNjk2MzIzMjk3MDAyMTU2OSIsImluZGV4IjozLCJjbGllbnRUaW1lc3RhbXAiOjE2MTYwMTkyMzkuNzE1LCJuYW1lIjoiY3JlYXRpdmVMb2FkZWQiLCJ2aWV3YWJpbGl0eTAwTWVhc3VyYWJsZSI6dHJ1ZSwidmlld2FiaWxpdHk1MDFNZWFzdXJhYmxlIjp0cnVlLCJ2aWV3YWJsZVRpbWVNZWFzdXJhYmxlIjp0cnVlLCJjZG5WYXJpYW50Ijoibm9uZSJ9XX0=?crc32c=1634672462
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.207.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 22:13:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjE2MDE5MjM3eGU5NDMxYWQ5ODQ1ZDQxeDE2Nzc0MjA1IiwiYWNjb3VudElkIjoiNTkwZTEzODQiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI2OTYzMjMyOTcwMDIxNTY5IiwiaW5kZXgiO...
track.celtra.com/json/ 		35 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjE2MDE5MjM3eGU5NDMxYWQ5ODQ1ZDQxeDE2Nzc0MjA1IiwiYWNjb3VudElkIjoiNTkwZTEzODQiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI2OTYzMjMyOTcwMDIxNTY5IiwiaW5kZXgiOjQsImNsaWVudFRpbWVzdGFtcCI6MTYxNjAxOTIzOS43MzcsIm5hbWUiOiJ2aWV3YWJsZTAwIiwiY3JpdGVyaW9uIjp7Im5hbWUiOiJDb3JlIiwicmF0aW8iOjAsInRpbWUiOjB9fSx7InNlc3Npb25JZCI6InMxNjE2MDE5MjM3eGU5NDMxYWQ5ODQ1ZDQxeDE2Nzc0MjA1IiwiYWNjb3VudElkIjoiNTkwZTEzODQiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI2OTYzMjMyOTcwMDIxNTY5IiwiaW5kZXgiOjUsImNsaWVudFRpbWVzdGFtcCI6MTYxNjAxOTIzOS43MzgsInVuaXROYW1lIjoibW9kYWwiLCJ1bml0VmFyaWFudExvY2FsSWQiOjYsInNjcmVlbkxvY2FsSWQiOm51bGwsInNjcmVlblRpdGxlIjpudWxsLCJzY3JlZW5Jc01hc3RlciI6bnVsbCwib2JqZWN0TG9jYWxJZCI6bnVsbCwib2JqZWN0TmFtZSI6bnVsbCwib2JqZWN0Q2xhenoiOm51bGwsImluaXRpYXRpb25UaW1lc3RhbXAiOjE2MTYwMTkyMzkuNzM4LCJuYW1lIjoidmlld1Nob3duIiwidmlld05hbWUiOiIxMDI0IHggNzY4IiwiY2xhenoiOiJDcmVhdGl2ZVVuaXRWYXJpYW50IiwiZGVzaWduU2l6ZSI6eyJ3aWR0aCI6MTAyNCwiaGVpZ2h0Ijo3Njh9LCJhdmFpbGFibGVTaXplIjp7IndpZHRoIjoxNjAwLCJoZWlnaHQiOjEyMDB9fSx7InNlc3Npb25JZCI6InMxNjE2MDE5MjM3eGU5NDMxYWQ5ODQ1ZDQxeDE2Nzc0MjA1IiwiYWNjb3VudElkIjoiNTkwZTEzODQiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI2OTYzMjMyOTcwMDIxNTY5IiwiaW5kZXgiOjYsImNsaWVudFRpbWVzdGFtcCI6MTYxNjAxOTIzOS43NCwidW5pdE5hbWUiOiJiYW5uZXIiLCJ1bml0VmFyaWFudExvY2FsSWQiOjkyMywic2NyZWVuTG9jYWxJZCI6bnVsbCwic2NyZWVuVGl0bGUiOm51bGwsInNjcmVlbklzTWFzdGVyIjpudWxsLCJvYmplY3RMb2NhbElkIjpudWxsLCJvYmplY3ROYW1lIjpudWxsLCJvYmplY3RDbGF6eiI6bnVsbCwiaW5pdGlhdGlvblRpbWVzdGFtcCI6MTYxNjAxOTIzOS43MzksIm5hbWUiOiJ2aWV3U2hvd24iLCJ2aWV3TmFtZSI6IjcwMCB4IDIxOCIsImNsYXp6IjoiQ3JlYXRpdmVVbml0VmFyaWFudCIsImRlc2lnblNpemUiOnsid2lkdGgiOjcwMCwiaGVpZ2h0IjoyMTh9LCJhdmFpbGFibGVTaXplIjp7IndpZHRoIjoxNjAwLCJoZWlnaHQiOjUwMH19XX0=?crc32c=477597183
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.207.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 22:13:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjE2MDE5MjM3eGU5NDMxYWQ5ODQ1ZDQxeDE2Nzc0MjA1IiwiYWNjb3VudElkIjoiNTkwZTEzODQiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI2OTYzMjMyOTcwMDIxNTY5IiwiaW5kZXgiO...
track.celtra.com/json/ 		35 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjE2MDE5MjM3eGU5NDMxYWQ5ODQ1ZDQxeDE2Nzc0MjA1IiwiYWNjb3VudElkIjoiNTkwZTEzODQiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI2OTYzMjMyOTcwMDIxNTY5IiwiaW5kZXgiOjcsImNsaWVudFRpbWVzdGFtcCI6MTYxNjAxOTIzOS43NTcsInVuaXROYW1lIjoibW9kYWwiLCJ1bml0VmFyaWFudExvY2FsSWQiOjYsInNjcmVlbkxvY2FsSWQiOjgsInNjcmVlblRpdGxlIjoiU3RhcnQiLCJzY3JlZW5Jc01hc3RlciI6ZmFsc2UsIm9iamVjdExvY2FsSWQiOm51bGwsIm9iamVjdE5hbWUiOm51bGwsIm9iamVjdENsYXp6IjpudWxsLCJpbml0aWF0aW9uVGltZXN0YW1wIjoxNjE2MDE5MjM5Ljc1NywibmFtZSI6InNjcmVlblNob3duIn0seyJzZXNzaW9uSWQiOiJzMTYxNjAxOTIzN3hlOTQzMWFkOTg0NWQ0MXgxNjc3NDIwNSIsImFjY291bnRJZCI6IjU5MGUxMzg0Iiwic3RyZWFtIjoiYWRFdmVudHMiLCJpbnN0YW50aWF0aW9uIjoiNjk2MzIzMjk3MDAyMTU2OSIsImluZGV4Ijo4LCJjbGllbnRUaW1lc3RhbXAiOjE2MTYwMTkyMzkuNzU3LCJuYW1lIjoiY3JlYXRpdmVSZW5kZXJlZCJ9LHsic2Vzc2lvbklkIjoiczE2MTYwMTkyMzd4ZTk0MzFhZDk4NDVkNDF4MTY3NzQyMDUiLCJhY2NvdW50SWQiOiI1OTBlMTM4NCIsInN0cmVhbSI6ImFkRXZlbnRzIiwiaW5zdGFudGlhdGlvbiI6IjY5NjMyMzI5NzAwMjE1NjkiLCJpbmRleCI6OSwiY2xpZW50VGltZXN0YW1wIjoxNjE2MDE5MjM5Ljc1NywidW5pdE5hbWUiOiJiYW5uZXIiLCJ1bml0VmFyaWFudExvY2FsSWQiOjkyMywic2NyZWVuTG9jYWxJZCI6OTI1LCJzY3JlZW5UaXRsZSI6IlN0YXJ0Iiwic2NyZWVuSXNNYXN0ZXIiOmZhbHNlLCJvYmplY3RMb2NhbElkIjpudWxsLCJvYmplY3ROYW1lIjpudWxsLCJvYmplY3RDbGF6eiI6bnVsbCwiaW5pdGlhdGlvblRpbWVzdGFtcCI6MTYxNjAxOTIzOS43NTcsIm5hbWUiOiJzY3JlZW5TaG93biJ9LHsic2Vzc2lvbklkIjoiczE2MTYwMTkyMzd4ZTk0MzFhZDk4NDVkNDF4MTY3NzQyMDUiLCJhY2NvdW50SWQiOiI1OTBlMTM4NCIsInN0cmVhbSI6ImFkRXZlbnRzIiwiaW5zdGFudGlhdGlvbiI6IjY5NjMyMzI5NzAwMjE1NjkiLCJpbmRleCI6MTAsImNsaWVudFRpbWVzdGFtcCI6MTYxNjAxOTIzOS43NTcsIm5hbWUiOiJ2aWV3YWJsZVRpbWUiLCJmcm9tIjoxNjE2MDE5MjM5Ljc0LCJ0byI6MTYxNjAxOTIzOS43NH1dfQ==?crc32c=2850925712
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.207.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 22:13:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
CLB_LIFEPOINT_HEALTH_RBBIP_210212_1920x600.jpg
cache-ssl.celtra.com/api/blobs/ef2fae2101af819b46d3cc814bccd00718ab661d0be616434c3e9b9d2a9e19d9/ Frame 997E 		162 KB
162 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cache-ssl.celtra.com/api/blobs/ef2fae2101af819b46d3cc814bccd00718ab661d0be616434c3e9b9d2a9e19d9/CLB_LIFEPOINT_HEALTH_RBBIP_210212_1920x600.jpg?transform=crush&quality=85
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-39.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
3b116330f21b3cba12b5af7ebaa8388613a6026a00267cc0a189b0bf410b1e27

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 18:28:23 GMT
via
1.1 varnish (Varnish/5.0), 1.1 0d4b487d54766de7560aa02de852bbf8.cloudfront.net (CloudFront)
age
2346335
x-cache
Hit from cloudfront
content-length
165448
server
Apache
etag
"3b116330f21b3cba12b5af7ebaa8388613a6026a00267cc0a189b0bf410b1e27"
x-varnish
3918461
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control
max-age=31556926
access-control-allow-credentials
false
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-type
image/jpeg
x-amz-cf-id
bmWfx52cfbG2oToo3yqcy7-Z34SJ9KVsab8geIljMzBaNaxupBLmxA==
eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjE2MDE5MjM3eGU5NDMxYWQ5ODQ1ZDQxeDE2Nzc0MjA1IiwiYWNjb3VudElkIjoiNTkwZTEzODQiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI2OTYzMjMyOTcwMDIxNTY5IiwiaW5kZXgiO...
track.celtra.com/json/ 		35 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjE2MDE5MjM3eGU5NDMxYWQ5ODQ1ZDQxeDE2Nzc0MjA1IiwiYWNjb3VudElkIjoiNTkwZTEzODQiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI2OTYzMjMyOTcwMDIxNTY5IiwiaW5kZXgiOjExLCJjbGllbnRUaW1lc3RhbXAiOjE2MTYwMTkyMzkuNzcxLCJ1bml0TmFtZSI6ImJhbm5lciIsInVuaXRWYXJpYW50TG9jYWxJZCI6MjQ0MSwic2NyZWVuTG9jYWxJZCI6bnVsbCwic2NyZWVuVGl0bGUiOm51bGwsInNjcmVlbklzTWFzdGVyIjpudWxsLCJvYmplY3RMb2NhbElkIjpudWxsLCJvYmplY3ROYW1lIjpudWxsLCJvYmplY3RDbGF6eiI6bnVsbCwiaW5pdGlhdGlvblRpbWVzdGFtcCI6MTYxNjAxOTIzOS43NzEsIm5hbWUiOiJ2aWV3U2hvd24iLCJ2aWV3TmFtZSI6IjE2MDAgeCA1MDAiLCJjbGF6eiI6IkNyZWF0aXZlVW5pdFZhcmlhbnQiLCJkZXNpZ25TaXplIjp7IndpZHRoIjoxNjAwLCJoZWlnaHQiOjUwMH0sImF2YWlsYWJsZVNpemUiOnsid2lkdGgiOjE2MDAsImhlaWdodCI6NTAwfX0seyJzZXNzaW9uSWQiOiJzMTYxNjAxOTIzN3hlOTQzMWFkOTg0NWQ0MXgxNjc3NDIwNSIsImFjY291bnRJZCI6IjU5MGUxMzg0Iiwic3RyZWFtIjoiYWRFdmVudHMiLCJpbnN0YW50aWF0aW9uIjoiNjk2MzIzMjk3MDAyMTU2OSIsImluZGV4IjoxMiwiY2xpZW50VGltZXN0YW1wIjoxNjE2MDE5MjM5Ljc3MiwidW5pdE5hbWUiOiJiYW5uZXIiLCJ1bml0VmFyaWFudExvY2FsSWQiOjI0NDEsInNjcmVlbkxvY2FsSWQiOjI0NDMsInNjcmVlblRpdGxlIjoiU3RhcnQiLCJzY3JlZW5Jc01hc3RlciI6ZmFsc2UsIm9iamVjdExvY2FsSWQiOm51bGwsIm9iamVjdE5hbWUiOm51bGwsIm9iamVjdENsYXp6IjpudWxsLCJpbml0aWF0aW9uVGltZXN0YW1wIjoxNjE2MDE5MjM5Ljc3MiwibmFtZSI6InNjcmVlblNob3duIn1dfQ==?crc32c=242968332
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.207.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 22:13:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
push.17a702935526c783409b.js
www.ledger-enquirer.com/static/yozons-lib/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ledger-enquirer.com/static/yozons-lib/push.17a702935526c783409b.js
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/static/yozons-lib/core.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
AkamaiGHost /
Resource Hash

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:59 GMT
server
AkamaiGHost
mime-version
1.0
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html
access-control-allow-origin
*
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
342
expires
Wed, 17 Mar 2021 22:13:59 GMT
/
api.ipify.org/ 		24 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/static/yozons-lib/core.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.76.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Cowboy /
Resource Hash
b6bd0e2ebcb4e0a35e3b4c07f647976dc8a37088de6887bb1ac47fb46452f4e4

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:14:00 GMT
Via
1.1 vegur
Server
Cowboy
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.ledger-enquirer.com
Connection
keep-alive
Content-Length
24
syncframe
gum.criteo.com/ Frame A08B 		0
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.ledger-enquirer.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=www.ledger-enquirer.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ledger-enquirer.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ledger-enquirer.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
2065
date
Wed, 17 Mar 2021 22:13:59 GMT
content-length
0
pdp.gif
www.ledger-enquirer.com/static/yozons-lib/ 		322 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ledger-enquirer.com/static/yozons-lib/pdp.gif?k=eyJpZCI6Im1pX2FzX2xlZF81ODQ0ODAyOTQ1MDc3NDU4NzQ3MDI3OTkyNzMzNzE0OTcyOTE3N18xNjE2MDE5MjM0NjgwIiwiZmlyc3RBZFJlcXVlc3QiOjQzNzksImxvYWRFdmVudFN0YXJ0Ijo3NzcxfQ==
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.183.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-44.deploy.static.akamaitechnologies.com
Software
AkamaiGHost /
Resource Hash
080c9c5e27ecee1e3fae3e4128e960d87922edf33c07dfa1e20fc5f900e04143

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:13:59 GMT
server
AkamaiGHost
mime-version
1.0
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html
access-control-allow-origin
*
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
322
expires
Wed, 17 Mar 2021 22:13:59 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021031501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031501.js?31060465
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
833d7090852ccc02615fa13d9eb05aeb8cac0bed960f46941b63a68395aaba28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 17 Mar 2021 22:14:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6566
x-xss-protection
0
fbevents.js
connect.facebook.net/en_US/ Frame 8220 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23762
x-fb-rlafr
0
pragma
public
x-fb-debug
b8dcUAw/PF4f3A2gYNCeGRGFxnQ0qibIPon+Fk8T05pJ3Th/8yMSdUqoN+3V/b5SV2P9m4B9nqLMI9ixQPwyeQ==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 17 Mar 2021 22:13:59 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
a-01dw.min.js
b-code.liadm.com/ Frame 76BD 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/a-01dw.min.js
Requested by
Host: www.ledger-enquirer.com
URL: https://www.ledger-enquirer.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c::5f64:c130 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
28c2e49b8b088e99e3ba0c84ca9bfc536a70c85558654e35b00f95040a70a02c

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:14:00 GMT
content-encoding
gzip
last-modified
Fri, 12 Feb 2021 14:30:39 GMT
etag
"d3c06e65b74ec89354287db4c73e82f9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
9831
b
ds-aksb-a.akamaihd.net/2/907134/ 		0
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ds-aksb-a.akamaihd.net/2/907134/b?dE=1&cS=1&cE=74&rqS=74&rsS=791&rsE=813&sS=20&dl=794&di=2104&fp=2243&dlS=2175&dlE=2192&dc=7405&leS=7406&leE=7462&to=&ol=0&cr=16&mt=&mb=&b=131329&u=https%3A//www.ledger-enquirer.com/&ua=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/89.0.4389.72%20Safari/537.36&pl=Linux%20x86_64&us=&gh=2.20.143.148&t=&rid=7412ddd&r=5311&akM=g&akN=ae&vc=14:17&bpcip=b99caf00&akTX=1&akTI=7412ddd&ai=425959&pmgn=&pmgi=&pmp=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba4b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 22:14:00 GMT
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store, private
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
0
Expires
Wed, 17 Mar 2021 22:14:00 GMT
1081709588515684
connect.facebook.net/signals/config/ Frame 8220 		241 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1081709588515684?v=2.9.33&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
08e433842483ceae94dd7fae5b381afdb913113d47ccf9f8918423982772783e
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
70971
x-fb-rlafr
0
pragma
public
x-fb-debug
ezYROc3orOOHrGHMt4Te8GemQCh3m5O4qiLI1VCN+FP2W7O/Fk4QWqsYIW1xLXE9BTSO5+g5nRTgJG79JLKK1w==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Wed, 17 Mar 2021 22:14:00 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031501.js?31060465
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:14:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Wed, 17 Mar 2021 22:14:00 GMT
/
www.facebook.com/tr/ Frame 8220 		44 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1081709588515684&ev=PageView&dl=https%3A%2F%2Fwww.ledger-enquirer.com%2F&rl=&if=true&ts=1616019240224&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1616019240220.372300132&it=1616019240167&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:14:00 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 17 Mar 2021 22:14:00 GMT
/
www.facebook.com/tr/ Frame 8220 		44 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1081709588515684&ev=ViewContent&dl=https%3A%2F%2Fwww.ledger-enquirer.com%2F&rl=&if=true&ts=1616019240229&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1616019240220.372300132&it=1616019240167&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:14:00 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 17 Mar 2021 22:14:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 7C40 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ledger-enquirer.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ledger-enquirer.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Wed, 17 Mar 2021 21:58:15 GMT
expires
Thu, 17 Mar 2022 21:58:15 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
945
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sync-container.js
b-code.liadm.com/ Frame 76BD 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/sync-container.js
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-01dw.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c::5f64:c130 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:14:00 GMT
content-encoding
gzip
last-modified
Tue, 17 Mar 2020 09:48:23 GMT
etag
"ae5e94de938b0387eda6df8f20da811a"
vary
Accept-Encoding
x-amz-meta-version
0.2.0
content-type
application/javascript
cache-control
max-age=3194
accept-ranges
bytes
content-length
2374
qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js
pagead2.googlesyndication.com/bg/ Frame 7C40 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9c59945c470e1fabdd79c4f07d0d22527869fb4eca62b78ad95b30e19ac9626
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 16:22:53 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 13:45:00 GMT
server
sffe
age
107467
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5666
x-xss-protection
0
expires
Wed, 16 Mar 2022 16:22:53 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=386,387,388,389&ntv_r1=4992&ntv_r2=4992&ntv_r3=6572&ntv_r4=6787&ntv_pl=744524&ntv_it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.183.218.81 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:14:00 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
j
rp4.liadm.com/ Frame 76BD
Redirect Chain
  • https://rp.liadm.com/j?tna=v2.0.1&aid=a-01dw&wpn=lc-bundle&us_privacy=1---&pu=https%3A%2F%2Fwww.ledger-enquirer.com%2F&duid=273ed2852f88--01f1141db72jxqfswq6d4pxjjs&se=e30&dtstmp=1616019240405
  • https://rp4.liadm.com/j?tna=v2.0.1&aid=a-01dw&wpn=lc-bundle&us_privacy=1---&pu=https%3A%2F%2Fwww.ledger-enquirer.com%2F&duid=273ed2852f88--01f1141db72jxqfswq6d4pxjjs&se=e30&dtstmp=1616019240405&i6=...
13 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?tna=v2.0.1&aid=a-01dw&wpn=lc-bundle&us_privacy=1---&pu=https%3A%2F%2Fwww.ledger-enquirer.com%2F&duid=273ed2852f88--01f1141db72jxqfswq6d4pxjjs&se=e30&dtstmp=1616019240405&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.196.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:14:01 GMT
x-pixel-event-id
dfc63161-33c3-436a-ba05-07fda84ebdc0
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
request-time
1
vary
Origin
content-length
13
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
server
nginx/1.18.0
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-origin
null
access-control-allow-credentials
true
trace-id
3465975dade7649e

Redirect headers

date
Wed, 17 Mar 2021 22:14:00 GMT
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
server
nginx/1.18.0
vary
Origin
location
https://rp4.liadm.com/j?tna=v2.0.1&aid=a-01dw&wpn=lc-bundle&us_privacy=1---&pu=https%3A%2F%2Fwww.ledger-enquirer.com%2F&duid=273ed2852f88--01f1141db72jxqfswq6d4pxjjs&se=e30&dtstmp=1616019240405&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true
x-frame-options
DENY
access-control-allow-origin
https://www.ledger-enquirer.com
x-xss-protection
1; mode=block
x-permitted-cross-domain-policies
master-only
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
trace-id
6a026bc88966a421
request-time
0
content-length
0
x-content-type-options
nosniff
gen_204
pagead2.googlesyndication.com/pagead/ 		0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021031501&jk=2290853280485553&bg=!srGlsfXNAAbUo7L91KM7ACkAdvg8WlaXAzKIn4gITpL3KWaqRLV3muzMw5dW6c5yErLeKo3ltjQtGgIAAACeUgAAABBoAQcKAFBp8yGJtazLUbDwa44nmNCb1G9cskEEfwfs2dB-rweKbQVNlDz3ZO8JsT5njRkEOl7VDcDj0L94RNltuJha1m-KQsCKuCVsnhmhql7THZ_yL5kB1IfqMNWw2Sk_zEY9vNJaE5KnGyPUF10_lnQnLxJS82_xKzbQdYaGasC-9w5N9FHgbcdcD9cyQqJVRQyz5uCfYrPpiB8iN_WWHJHJL7qwH0OM2jC6bOFlKtTW2hCUxIWyuBhvFH-RYZZQizYoi7ho9hYGT8H6YQ26s1_tM9LvTmZU455ytPfw_AqvkynGUHKeAQHQTItT9wKN3-xw-TT0PUgpEo2Ty-nl_Ia7cFVa4ew7MTyxxmfqHOgYs5T0c6ke-kExumoA0Xegyy1-pSaphfMKH92YxDRn3jb81PHL77adfE3EGNUoKos_50hgaxTDUUXri82dwGd4TNzNoyNhSFafJZhgfNdzg6hKuDPIIXq159x9vgBq8B7aAKyh5LJSbm0WW4zUa5niKQQvqCzSAddrRoufFrOQCE41wD8_pkhz1m-yMw7usps_gB6VKV2i9ebOb1x4VpUpUEeWqC1WW0v8LEYdjlftw5M6QfPgZYRyzkzgvQ-urcdpya3Rnpqh43D1ccNMuODEqKJJoC2axpy_VUZxjy68iHqkDxb3fTyca6mpu3_V0mCHcnHo8Lx2HQ7CBRkleKzKQw2K7IHi2LrFciI3ka0_4-yQs6eozBDxoafbxA
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:14:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjE2MDE5MjM3eGU5NDMxYWQ5ODQ1ZDQxeDE2Nzc0MjA1IiwiYWNjb3VudElkIjoiNTkwZTEzODQiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI2OTYzMjMyOTcwMDIxNTY5IiwiaW5kZXgiO...
track.celtra.com/json/ 		35 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjE2MDE5MjM3eGU5NDMxYWQ5ODQ1ZDQxeDE2Nzc0MjA1IiwiYWNjb3VudElkIjoiNTkwZTEzODQiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI2OTYzMjMyOTcwMDIxNTY5IiwiaW5kZXgiOjEzLCJjbGllbnRUaW1lc3RhbXAiOjE2MTYwMTkyNDAuOTg4LCJuYW1lIjoidmlld2FibGU1MDEiLCJjcml0ZXJpb24iOnsibmFtZSI6IjMwLzEiLCJyYXRpbyI6MC4zLCJ0aW1lIjoxMDAwfX0seyJzZXNzaW9uSWQiOiJzMTYxNjAxOTIzN3hlOTQzMWFkOTg0NWQ0MXgxNjc3NDIwNSIsImFjY291bnRJZCI6IjU5MGUxMzg0Iiwic3RyZWFtIjoiYWRFdmVudHMiLCJpbnN0YW50aWF0aW9uIjoiNjk2MzIzMjk3MDAyMTU2OSIsImluZGV4IjoxNCwiY2xpZW50VGltZXN0YW1wIjoxNjE2MDE5MjQwLjk5LCJuYW1lIjoidmlld2FibGVUaW1lIiwiZnJvbSI6MTYxNjAxOTIzOS43NCwidG8iOjE2MTYwMTkyNDAuOTg4fV19?crc32c=2666054665
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.207.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 22:14:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
SPug
simage4.pubmatic.com/AdServer/ Frame 7AA8 		0
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156657&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:13:58 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
csi
csi.gstatic.com/ 		0
331 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kme04ol0&ctx=0&met.9=1.22o~2.2bj&met.3=195.33p~195.34p~195.38i~298.477~298.478~298.47d~155.46p_r~132.49i_2~143.4b3_2~132.4cq~132.4cq~132.4do~132.4dp~195.4ef~132.4ef~132.4em~195.4eo~132.4eo~132.4ep~143.4ep_2~132.4ev~132.4ew~132.4fb~132.4fc~132.4fd~132.4fd~132.4fe~132.4fe~129.4fe~132.4fs~132.4ft~132.4ft~132.4fu~132.4fv~132.4fw~195.4g3~132.4g3~132.4g4~132.4ge~132.4ge~132.4gf~132.4gf~132.4gg~132.4gg~132.4h6~132.4hg~143.4hj_2~132.4ix~132.4jy~132.4k8~143.4kd_2~132.4py~129.4qj~143.4qj_2~132.4qz~132.4r0~132.4r1~112.4r5_2~132.4ug~132.4uh~132.4ui~143.4xv_4~129.50m~132.50s~132.50t~132.50u~130.519~143.52a_2~132.52e~132.542~132.543~132.545~143.55y_3~132.567~132.56l~132.56m~132.56n~132.58l~129.595~143.59n_2~132.5bw~132.5bx~132.5by~143.5d6_2~132.5dz~132.5e0~132.5e1~143.5gv_2~129.5hc~132.5hs~132.5ht~132.5hz~143.5ks_2~132.5m1~132.5m2~132.5md~143.5pz_2~129.5qa~132.5qs~132.5qt~132.5qt~143.5uc_2~132.5vc~132.5vd~132.5vh~143.5xn_2~129.5xu~132.5xy~132.5xz~132.5xz~130.61f~154.61f~143.61n_2~132.61r~132.61s~132.622~132.622~132.623~153.648~143.64o_2~132.64s~132.64s~132.64t~129.64u~143.67i_2~132.67l~132.67m~132.67n~132.69y~132.69y~143.6al_2~132.6av~132.6aw~132.6ax~132.6b7~143.6el_2~132.6ew~132.6ew~132.6ex~143.6hi_2~132.6hl~132.6hm~132.6hm~143.6kc_2~132.6kf~132.6kf~132.6kg~143.6un_2~132.6v2~132.6v2~132.6v3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:818::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:14:01 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Cookie set a-01dw
i.liadm.com/s/c/ Frame 518F 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://i.liadm.com/s/c/a-01dw?s=&cim=&ps=true&ls=false&duid=273ed2852f88--01f1141db72jxqfswq6d4pxjjs&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/sync-container.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.174.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
871b43a3d656e3f601eafffd75e05f69d008c0d7e7c8034b9e96435d39fc3e72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
i.liadm.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.ledger-enquirer.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
lidid=c10fa3f3-4b0d-4d92-9f9a-7f2883e4a591
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ledger-enquirer.com/

Response headers

Cache-Control
private, no-cache, max-age=0
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 17 Mar 2021 22:14:01 GMT
ETag
1.61803398874
Set-Cookie
_li_ss=MgUIBhD9DjIFCAoQ_Q4yBQh6EPwOMgYIiwEQ_Q4yBQgLEP0OMgUICxD9DjIFCHkQ_A4; Max-Age=2592000; Expires=Fri, 16 Apr 2021 22:14:01 GMT; SameSite=None; Path=/s; Secure
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
Content-Length
645
Connection
keep-alive
78af01c349b74c0d86c00a72a491d517
i.liadm.com/s/e/a-01dw/0/ Frame 518F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https://i.liadm.com/s/e/a-01dw/0/78af01c349b74c0d86c00a72a491d517?mpid%3D7156%26muid%3D%5BMM_UUID%5D&c10fa3f3-4b0d-4d92-9f9a-7f2883e4a591&us_priva...
  • https://i.liadm.com/s/e/a-01dw/0/78af01c349b74c0d86c00a72a491d517?mpid=7156&muid=de246052-7f29-4300-a591-5353c59420d7
43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/e/a-01dw/0/78af01c349b74c0d86c00a72a491d517?mpid=7156&muid=de246052-7f29-4300-a591-5353c59420d7
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01dw?s=&cim=&ps=true&ls=false&duid=273ed2852f88--01f1141db72jxqfswq6d4pxjjs&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.174.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:14:01 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Date
Wed, 17 Mar 2021 22:14:01 GMT
Server
MT3 3611 f10363c master cdg-pixel-x24
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://i.liadm.com/s/e/a-01dw/0/78af01c349b74c0d86c00a72a491d517?mpid=7156&muid=de246052-7f29-4300-a591-5353c59420d7
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 17 Mar 2021 22:14:00 GMT
35759
i6.liadm.com/s/ Frame 518F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&us_privacy=1---
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=liveintent&ttd_tpi=1&us_privacy=1---
  • https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=f7229e78-4c27-4f13-b80c-b981cd731352
  • https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=f7229e78-4c27-4f13-b80c-b981cd731352
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=f7229e78-4c27-4f13-b80c-b981cd731352
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01dw?s=&cim=&ps=true&ls=false&duid=273ed2852f88--01f1141db72jxqfswq6d4pxjjs&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:444a:4680:252d:a0d8:b19f:2c13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:14:02 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=f7229e78-4c27-4f13-b80c-b981cd731352
Date
Wed, 17 Mar 2021 22:14:02 GMT
Connection
keep-alive
Content-Length
0
Strict-Transport-Security
max-age=31536000; includeSubDomains
78af01c349b74c0d86c00a72a491d517
i.liadm.com/s/e/a-01dw/0/ Frame 518F
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=127444&dpuuid=c10fa3f3-4b0d-4d92-9f9a-7f2883e4a591&redir=https://i.liadm.com/s/e/a-01dw/0/78af01c349b74c0d86c00a72a491d517%3Fmpid=82775&muid=$%7BDD_UUID%7D?us_privac...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=c10fa3f3-4b0d-4d92-9f9a-7f2883e4a591&redir=https://i.liadm.com/s/e/a-01dw/0/78af01c349b74c0d86c00a72a491d517%3Fmpid=82775&muid=$%...
  • https://i.liadm.com/s/e/a-01dw/0/78af01c349b74c0d86c00a72a491d517?mpid=82775
43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/e/a-01dw/0/78af01c349b74c0d86c00a72a491d517?mpid=82775
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01dw?s=&cim=&ps=true&ls=false&duid=273ed2852f88--01f1141db72jxqfswq6d4pxjjs&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.174.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:14:02 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
14HHqrc/R98=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://i.liadm.com/s/e/a-01dw/0/78af01c349b74c0d86c00a72a491d517?mpid=82775
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
live_intent_sync
x.dlx.addthis.com/e/ Frame 518F
Redirect Chain
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=c10fa3f3-4b0d-4d92-9f9a-7f2883e4a591&us_privacy=1---
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=c10fa3f3-4b0d-4d92-9f9a-7f2883e4a591&us_privacy=1---&rd=Y
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=c10fa3f3-4b0d-4d92-9f9a-7f2883e4a591&us_privacy=1---&rd=Y
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01dw?s=&cim=&ps=true&ls=false&duid=273ed2852f88--01f1141db72jxqfswq6d4pxjjs&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.150.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-150-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 22:14:02 GMT
cache-control
max-age=0, no-cache, no-store
expires
Wed, 17 Mar 2021 22:14:02 GMT
content-length
43
strict-transport-security
max-age=2628000
content-type
image/gif

Redirect headers

location
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=c10fa3f3-4b0d-4d92-9f9a-7f2883e4a591&us_privacy=1---&rd=Y
pragma
no-cache
date
Wed, 17 Mar 2021 22:14:02 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Wed, 17 Mar 2021 22:14:02 GMT
52176
i6.liadm.com/s/ Frame 518F
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=c10fa3f3-4b0d-4d92-9f9a-7f2883e4a591&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=c10fa3f3-4b0d-4d92-9f9a-7f2883e4a591&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D&us_privacy=1---
  • https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=2d276907-8a1d-4c24-b805-35065ce15f37
  • https://i6.liadm.com/s/52176?bidder_id=5298&bidder_uuid=2d276907-8a1d-4c24-b805-35065ce15f37
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/52176?bidder_id=5298&bidder_uuid=2d276907-8a1d-4c24-b805-35065ce15f37
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01dw?s=&cim=&ps=true&ls=false&duid=273ed2852f88--01f1141db72jxqfswq6d4pxjjs&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:444a:4680:252d:a0d8:b19f:2c13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:14:02 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/52176?bidder_id=5298&bidder_uuid=2d276907-8a1d-4c24-b805-35065ce15f37
Date
Wed, 17 Mar 2021 22:14:02 GMT
Connection
keep-alive
Content-Length
0
Strict-Transport-Security
max-age=31536000; includeSubDomains
52164
i6.liadm.com/s/ Frame 518F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=c10fa3f3-4b0d-4d92-9f9a-7f2883e4a591&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/sync?ssp=liveintent&user_id=c10fa3f3-4b0d-4d92-9f9a-7f2883e4a591&us_privacy=1---
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=liveintent&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=LbSAKIMagOSEcIUOqbTtWfRW&ssp=liveintent
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=2d276907-8a1d-4c24-b805-35065ce15f37
  • https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=2d276907-8a1d-4c24-b805-35065ce15f37
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=2d276907-8a1d-4c24-b805-35065ce15f37
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01dw?s=&cim=&ps=true&ls=false&duid=273ed2852f88--01f1141db72jxqfswq6d4pxjjs&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:444a:4680:252d:a0d8:b19f:2c13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:14:02 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=2d276907-8a1d-4c24-b805-35065ce15f37
Date
Wed, 17 Mar 2021 22:14:02 GMT
Connection
keep-alive
Content-Length
0
Strict-Transport-Security
max-age=31536000; includeSubDomains
/
trc.taboola.com/sg/liveintent/1/cm/ Frame 518F 		43 B
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/liveintent/1/cm/?us_privacy=1---
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01dw?s=&cim=&ps=true&ls=false&duid=273ed2852f88--01f1141db72jxqfswq6d4pxjjs&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
69
pragma
no-cache
date
Wed, 17 Mar 2021 22:14:01 GMT
via
1.1 varnish
server
nginx
x-timer
S1616019242.830879,VS0,VE69
x-served-by
cache-fra19156-FRA
x-cache
MISS
cache-control
no-cache, no-store
accept-ranges
bytes
x-cache-hits
0
/
www.facebook.com/tr/ Frame 8220 		44 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1081709588515684&ev=Microdata&dl=https%3A%2F%2Fwww.ledger-enquirer.com%2F&rl=&if=true&ts=1616019241994&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Facebook%20Pixel%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=2&o=30&fbp=fb.1.1616019241993.1457931396&it=1616019240167&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:14:01 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 17 Mar 2021 22:14:01 GMT
eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjE2MDE5MjM3eGU5NDMxYWQ5ODQ1ZDQxeDE2Nzc0MjA1IiwiYWNjb3VudElkIjoiNTkwZTEzODQiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI2OTYzMjMyOTcwMDIxNTY5IiwiaW5kZXgiO...
track.celtra.com/json/ 		35 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjE2MDE5MjM3eGU5NDMxYWQ5ODQ1ZDQxeDE2Nzc0MjA1IiwiYWNjb3VudElkIjoiNTkwZTEzODQiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI2OTYzMjMyOTcwMDIxNTY5IiwiaW5kZXgiOjE1LCJjbGllbnRUaW1lc3RhbXAiOjE2MTYwMTkyNDEuOTk5LCJuYW1lIjoidmlld2FibGVUaW1lIiwiZnJvbSI6MTYxNjAxOTI0MC45ODgsInRvIjoxNjE2MDE5MjQxLjk5MX1dfQ==?crc32c=538513740
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.207.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 22:14:02 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjE2MDE5MjM3eGU5NDMxYWQ5ODQ1ZDQxeDE2Nzc0MjA1IiwiYWNjb3VudElkIjoiNTkwZTEzODQiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI2OTYzMjMyOTcwMDIxNTY5IiwiaW5kZXgiO...
track.celtra.com/json/ 		35 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjE2MDE5MjM3eGU5NDMxYWQ5ODQ1ZDQxeDE2Nzc0MjA1IiwiYWNjb3VudElkIjoiNTkwZTEzODQiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI2OTYzMjMyOTcwMDIxNTY5IiwiaW5kZXgiOjE2LCJjbGllbnRUaW1lc3RhbXAiOjE2MTYwMTkyNDMsIm5hbWUiOiJ2aWV3YWJsZVRpbWUiLCJmcm9tIjoxNjE2MDE5MjQxLjk5MSwidG8iOjE2MTYwMTkyNDIuOTk5fV19?crc32c=1524412435
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.207.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 22:14:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjE2MDE5MjM3eGU5NDMxYWQ5ODQ1ZDQxeDE2Nzc0MjA1IiwiYWNjb3VudElkIjoiNTkwZTEzODQiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI2OTYzMjMyOTcwMDIxNTY5IiwiaW5kZXgiO...
track.celtra.com/json/ 		35 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjE2MDE5MjM3eGU5NDMxYWQ5ODQ1ZDQxeDE2Nzc0MjA1IiwiYWNjb3VudElkIjoiNTkwZTEzODQiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI2OTYzMjMyOTcwMDIxNTY5IiwiaW5kZXgiOjE3LCJjbGllbnRUaW1lc3RhbXAiOjE2MTYwMTkyNDUuMDE2LCJuYW1lIjoidmlld2FibGVUaW1lIiwiZnJvbSI6MTYxNjAxOTI0Mi45OTksInRvIjoxNjE2MDE5MjQ1fV19?crc32c=780787795
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.207.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 22:14:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pe&tv=js-2.2.18-e&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&f_privb=n%2Fa&tid=b914a1f0-0065-48d0-a8a5-44940a39564e&pid=7693fcfc-23cf-4979-a1b9-78e8504363c3&dtm=1616019245023&qnm=_matherq&vp=1600x1200&ds=1600x6776&tofa=1616019245&vid=1&duid=4a42aede9243b52f&fp=99543720&cid=ma12095&mrk=74930901&url=https%3A%2F%2Fwww.ledger-enquirer.com%2F&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTYxNjAxOTIzMjA5OSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIyMy4xbWIiLCJoZWFwVCI6IjI0LjVtYiIsImZldGNoUyI6IjM2NCIsImRvbWFpblMiOiIzNjUiLCJkb21haW5FIjoiMzY2IiwiY29ublMiOiIzNjYiLCJjb25uRSI6IjQzOSIsInNzbFMiOiIzODUiLCJyZXF1UyI6IjQzOSIsInJlc3BTIjoiMTE1NiIsInJlc3BFIjoiMTE3OCIsImRvbUxvYWQiOiIxMTU5IiwiZG9tSW50ZXIiOiIyNDY5IiwiZG9tTG9hZFMiOiIyNTQwIiwiZG9tTG9hZEUiOiIyNTU3IiwiZG9tQ21wbHQiOiI3NzcwIiwibG9hZFMiOiI3NzcxIiwibG9hZEUiOiI3ODI3In19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.168.95.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 22:14:05 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjE2MDE5MjM3eGU5NDMxYWQ5ODQ1ZDQxeDE2Nzc0MjA1IiwiYWNjb3VudElkIjoiNTkwZTEzODQiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI2OTYzMjMyOTcwMDIxNTY5IiwiaW5kZXgiO...
track.celtra.com/json/ 		35 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjE2MDE5MjM3eGU5NDMxYWQ5ODQ1ZDQxeDE2Nzc0MjA1IiwiYWNjb3VudElkIjoiNTkwZTEzODQiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI2OTYzMjMyOTcwMDIxNTY5IiwiaW5kZXgiOjE4LCJjbGllbnRUaW1lc3RhbXAiOjE2MTYwMTkyNDcuMDMyLCJuYW1lIjoidmlld2FibGVUaW1lIiwiZnJvbSI6MTYxNjAxOTI0NSwidG8iOjE2MTYwMTkyNDcuMDE2fV19?crc32c=4231849985
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.207.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 22:14:07 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjE2MDE5MjM3eGU5NDMxYWQ5ODQ1ZDQxeDE2Nzc0MjA1IiwiYWNjb3VudElkIjoiNTkwZTEzODQiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI2OTYzMjMyOTcwMDIxNTY5IiwiaW5kZXgiO...
track.celtra.com/json/ 		35 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjE2MDE5MjM3eGU5NDMxYWQ5ODQ1ZDQxeDE2Nzc0MjA1IiwiYWNjb3VudElkIjoiNTkwZTEzODQiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI2OTYzMjMyOTcwMDIxNTY5IiwiaW5kZXgiOjE5LCJjbGllbnRUaW1lc3RhbXAiOjE2MTYwMTkyNDkuMDMzLCJuYW1lIjoidmlld2FibGVUaW1lIiwiZnJvbSI6MTYxNjAxOTI0Ny4wMTYsInRvIjoxNjE2MDE5MjQ5LjAzMn1dfQ==?crc32c=2837085885
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.207.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 22:14:09 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjE2MDE5MjM3eGU5NDMxYWQ5ODQ1ZDQxeDE2Nzc0MjA1IiwiYWNjb3VudElkIjoiNTkwZTEzODQiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI2OTYzMjMyOTcwMDIxNTY5IiwiaW5kZXgiO...
track.celtra.com/json/ 		35 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjE2MDE5MjM3eGU5NDMxYWQ5ODQ1ZDQxeDE2Nzc0MjA1IiwiYWNjb3VudElkIjoiNTkwZTEzODQiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI2OTYzMjMyOTcwMDIxNTY5IiwiaW5kZXgiOjIwLCJjbGllbnRUaW1lc3RhbXAiOjE2MTYwMTkyNTEuMDQ5LCJuYW1lIjoidmlld2FibGVUaW1lIiwiZnJvbSI6MTYxNjAxOTI0OS4wMzIsInRvIjoxNjE2MDE5MjUxLjAzM31dfQ==?crc32c=126513132
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.207.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.ledger-enquirer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Mar 2021 22:14:11 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.ledger-enquirer.com
URL
https://www.ledger-enquirer.com/static/yozons-lib/pdp.gif?z=eyJpZCI6Im1pX2FzX2xlZF81ODQ0ODAyOTQ1MDc3NDU4NzQ3MDI3OTkyNzMzNzE0OTcyOTE3N18xNjE2MDE5MjM0NjgwIiwiem9uZSI6MjAsInRlbXBsYXRlIjoibmV3c2xldHRlci1kYXJrIn0=

Verdicts & Comments Add Verdict or Comment

496 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| pageInfo object| webpackJsonp function| targetPageParamsAll object| adobe object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate object| mistats object| regeneratorRuntime object| googletag object| zeusKeyvalues string| zeusAdUnitPath object| googlefc function| Visitor object| s_c_il number| s_c_in object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer function| addUspapiFrame function| optOutMsgHandler function| __uspapi object| usPrivacyCookie object| gamoo object| otCcpaOptOut function| dnsfeed function| OptanonWrapper object| jsonp function| geofeed object| Util function| $ function| jQuery function| miAppControler function| getUrlVars function| checkUserSubscribed function| renewSession boolean| getSubscribedFlag boolean| dfpOnPageWrapEnabled object| _prx boolean| untv function| generateGuid function| getGuid function| callbackCaptcha object| w object| d object| AKSB string| bazadebezolkohpepadr object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client string| userIconSignedOut string| userIconSignedIn string| popoutContainer string| label undefined| userName function| jsonFeed function| $1 function| on function| parcelRequire object| __otccpaooLocation object| zeus string| s_account object| s function| s_doPlugins function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_AudienceManagement function| AppMeasurement function| s_gi function| s_pgicq function| DIL number| s_objectID number| s_giq function| AdCloudEvent boolean| mistats_messageHandler object| _matherq string| GoogleAnalyticsObject function| mistats_ga object| _qoptions object| WFClientTypeDef object| imageSizes function| processBackUpName function| updateProgress function| disableNewDownload function| downloadFile function| setUpNewDownload function| downloadPagesUrl object| UD boolean| scriptMomentLoaded object| momentScript function| nativoFn object| subnavSection object| masthead object| $articles number| artToShow function| changePage number| relatedSeriesLength object| mia11y boolean| relatedRailGlobal boolean| sideRailGlobal function| initializeIrisPlugin function| setImmediate function| clearImmediate function| IrisContextAPI object| wpJsonpWPS object| vttjs function| WebVTT object| scrollMonitor function| videojs object| mediaGallery object| mediaGalleryActions string| urhehlevkedkilrobacf object| oDv object| oVa object| confiant object| otStubData object| recaptcha object| closure_lm_551671 object| lotame_7464 object| default_ContributorTargetingClientJs function| __906a641ff040__ function| __475an521in8a__ object| ggeac boolean| google_plmetrics object| google_js_reporting_queue function| quantserve function| __qc object| _qevents object| ezt function| qtrack function| moment object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| PubMaticSync object| criteo_pubtag object| criteo_pubtag_105 object| Criteo object| Criteo_105 object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| PARSELY string| p418327610 number| p418327611 function| oUtilClickListener_ function| p418327612 function| p418327608 function| p418327606 function| p418327589 function| p418327594 function| p418327580 function| p418327579 function| p418327577 function| p418327570 function| p418327597 function| p418327572 function| p418327561 function| oPageUnload function| p418327490 function| p418327495 number| p418327480 string| p418327481 object| p418327482 object| p418327483 boolean| p418327484 number| p418327486 number| p418327487 object| p418327508 string| p418327550 number| p418327491 object| p418327558 string| p418327526 string| p418327527 string| p418327535 object| p418327564 number| p418327565 boolean| p418327569 number| p418327571 boolean| p418327573 boolean| p418327599 boolean| p418327598 boolean| oAudienceListenerEnabled_ object| p418327575 string| oDevice string| oParentHostname_ string| oParentPathname_ boolean| p418327576 boolean| p418327578 number| p418327593 boolean| p418327595 number| p418327596 object| p418327585 object| oAdSlots_ object| otkjs function| p418327488 string| p418327489 boolean| p418327557 boolean| p418327537 object| p418327536 string| p418327555 number| p418327539 object| opbjs object| oaudLibjs number| p418327538 undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvArticleTracker function| ntvGetElementViewability function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus function| addLinkToSelection boolean| mitagsent string| imsOrgId string| rsid object| adCloudCookieData object| cookieInstance object| _snaq object| _mather object| Snowplow object| tid string| h number| p418327492 string| oUrl_ object| core object| ats function| lotameIsCompatible function| lt7464_ba function| lt7464_b undefined| lt7464_c undefined| lt7464_ca undefined| lt7464_d function| lt7464_e function| lt7464_da function| lt7464_ea object| lt7464_fa object| lt7464_ object| lt7464_4 function| lt7464_aa function| lt7464_a function| lt7464_f function| lt7464_g function| lt7464_h function| lt7464_i function| lt7464_j function| lt7464_l function| lt7464_ga function| lt7464_k function| lt7464_m function| lt7464_n function| lt7464_o function| lt7464_p function| lt7464_q function| lt7464_r function| lt7464_s function| lt7464_t function| lt7464_u function| lt7464_ha function| lt7464_ia function| lt7464_w function| lt7464_ja function| lt7464_x function| lt7464_y function| lt7464_v function| lt7464_z function| lt7464_A function| lt7464_B function| lt7464_C function| lt7464_D function| lt7464_E function| lt7464_F function| lt7464_G function| lt7464_H function| lt7464_I function| lt7464_J function| lt7464_L function| lt7464_M function| lt7464_N function| lt7464_K function| lt7464_ka function| lt7464_la function| lt7464_P function| lt7464_O function| lt7464_Q function| lt7464_R function| lt7464_S function| lt7464_T function| lt7464_ma function| lt7464_na function| lt7464_oa function| lt7464_pa function| lt7464_U function| lt7464_V function| lt7464_W function| lt7464_qa function| lt7464_sa function| lt7464_ra function| lt7464_X function| lt7464_ta function| lt7464_ua function| lt7464_Y function| lt7464_Z function| lt7464__ function| lt7464_va function| lt7464_wa function| lt7464_xa function| lt7464_ya function| lt7464_0 function| lt7464_za function| lt7464_Aa function| lt7464_Ba function| lt7464_1 function| lt7464_Da function| lt7464_Ca function| lt7464_Ea function| lt7464_Fa function| lt7464_Ga function| lt7464_Ha function| lt7464_2 function| lt7464_3 function| lt7464_Ia function| lt7464_Ja function| lt7464_Ka function| lt7464_La function| lt7464_Ma function| lt7464_Na function| lt7464_Oa function| lt7464_Pa function| lt7464_Qa function| lt7464_5 function| lt7464_6 function| lt7464_Ta function| lt7464_Ua function| lt7464_Sa function| lt7464_Ra function| lt7464_Wa function| lt7464_Va function| lt7464_Ya function| lt7464_Xa function| lt7464_7 function| lt7464_Za function| lt7464__a function| lt7464_0a function| lt7464_1a function| lt7464_2a function| lt7464_4a function| lt7464_7a function| lt7464_6a function| lt7464_3a function| lt7464_9a function| lt7464_5a function| lt7464_8a function| lt7464_ab function| lt7464_$a function| lt7464_bb function| lt7464_8 function| lt7464_cb function| lt7464_db function| lt7464_eb function| lt7464_fb function| lt7464_gb function| lt7464_hb function| lt7464_ib function| lt7464_kb function| lt7464_$ function| lt7464_jb function| lt7464_lb function| lt7464_9 function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing boolean| apstagLOADED object| default_ContributorServingLoaderClientJs function| __Y9uNstf385Zx__ object| __fcInternalApiManager string| N2RmNzZhMTZhYmZjYWIxOGxvYWRlcl9qcw== string| N2RmNzZhMTZhYmZjYWIxOGNhY2hlZF9qcw== string| __fcInvoked boolean| __fcInternalApiPostMessageReady object| s_i_mccltallmcclatchy object| Optanon object| OneTrust number| oIndex4_ number| p418327507 function| _typeof object| IrisContextGlobal object| headertag function| headertag_render object| default_ContributorServingDetectionClientJs function| __45zy51t9ik3m__ object| irisInstances object| irisPlayer object| GlobalIrisPlayers object| closure_lm_952174 function| processGoogleToken object| googleToken object| googleIMState number| __google_ad_urls_id number| google_unique_id object| closure_lm_542842 function| confiantDfpWrap object| ids object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| pxSrc undefined| px object| Moat#G23 object| MoatSuperV23 boolean| _lastFocusState string| a object| Moat#PML#23#1.2 boolean| Moat#EVA undefined| MoatOCR function| moatOcrSample object| MoatContent function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb boolean| mistats_hypeTracker boolean| msgData boolean| 8f57b050-fb31-4c88-82ed-f08c76ea46c8 object| __CELTRA object| default_ContributorServingCookieRefreshClientJs function| __8v31i8woen1z__ undefined| google_rum_values object| RT object| GoogleGcLKhOms object| google_image_requests

89 Cookies

Domain/Path Name / Value
.adform.net/ Name: uid
Value: 2041863045849423668
.adform.net/ Name: C
Value: 1
.rubiconproject.com/ Name: ses2
Value:
.rubiconproject.com/ Name: vis2
Value: 80306^1
.rubiconproject.com/ Name: rsid
Value: 1|AIfsdBUH+v3fWCPuzNowDE/csJlhKa2tlCBRUZWfPw9zp4X5PWrjQqqTCqCKieGkTxzCtT3GWjvGSkTNWjmsGgfE/2wGlVwK8BMqZcvhERo6p23GCL9aNcX4JPKBYjCRbro=
.rubiconproject.com/ Name: khaos
Value: KME04MBK-C-A1JL
.tapad.com/ Name: TapAd_DID
Value: 128301e5-876e-11eb-8b15-9e9b130d4f06
.casalemedia.com/ Name: CMST
Value: YFJ-JWBSfyYA
.rubiconproject.com/ Name: vis15
Value: 80306^1
.casalemedia.com/ Name: CMPRO
Value: 1187
.casalemedia.com/ Name: CMPS
Value: 3202
.casalemedia.com/ Name: CMID
Value: YFJ-JEQm5rKawX1neXn8BgAA
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AADdb07ApP4AAA_Yc7WdLw
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-12c42a1a-876e-11eb-b8c7-cd417d5d858f&KRTB&23011-12c42a1a-876e-11eb-b8c7-cd417d5d858f
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-47a8e636-30ec-4fad-a1ca-cb90e10d14fe-60527f27-4348
.pubmatic.com/ Name: SPugT
Value: 1616019238
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-62Bl2lozPbzrMxqeVmo9WfRV&KRTB&23212-62Bl2lozPbzrMxqeVmo9WfRV
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-6940749781214230679
eus.rubiconproject.com/ Name: pux
Value: 1512%3D98255%262249%3D98255%262307%3D98255%262974%3D98255%26idl%3D98255%262249-DV360-Hosted%3D98255%26goog%3D98255%26brx%3D98255%26
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-YYkQomDfF6N6iUeiZdsIo2HfEqd6iRPyNo1fdhQ_&KRTB&19420-YYkQomDfF6N6iUeiZdsIo2HfEqd6iRPyNo1fdhQ_&KRTB&22979-YYkQomDfF6N6iUeiZdsIo2HfEqd6iRPyNo1fdhQ_
.pubmatic.com/ Name: KRTBCOOKIE_1074
Value: 22956-e_dbcbf815-085c-4167-b533-29f537535061
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:8EUGhizF1LmEqq5
.pubmatic.com/ Name: SyncRTB3
Value: 1617235200%3A35%7C1617148800%3A54_8_22_56_81_88_78_165_176_189_7_204_161_13_71_166_5_55_220_21_222_104_3%7C1616544000%3A67_15_2_223%7C1616803200%3A63%7C1618531200%3A203
.taboola.com/ Name: t_gid
Value: 7b95bb3c-e43d-4f0a-94c6-ec33cc34fb4c-tuct74c04a7
.pubmatic.com/ Name: DPSync3
Value: 1616025600%3A174%7C1617148800%3A221_201_227_226_219_197
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 22978-YFJ-IgAAAJgHLxNg&KRTB&23194-YFJ-IgAAAJgHLxNg&KRTB&23209-YFJ-IgAAAJgHLxNg&KRTB&23244-YFJ-IgAAAJgHLxNg
.rubiconproject.com/ Name: ses15
Value:
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:6d9f6052-7f24-4e00-b8f6-6a5f28858dc1&KRTB&16736-uid:6d9f6052-7f24-4e00-b8f6-6a5f28858dc1&KRTB&23019-uid:6d9f6052-7f24-4e00-b8f6-6a5f28858dc1&KRTB&23114-uid:6d9f6052-7f24-4e00-b8f6-6a5f28858dc1
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-bff16d09-675f-4d13-9410-60a283c92efa&KRTB&22918-bff16d09-675f-4d13-9410-60a283c92efa&KRTB&23031-bff16d09-675f-4d13-9410-60a283c92efa
.pubmatic.com/ Name: PUBMDCID
Value: 3
.ledger-enquirer.com/ Name: _sp_ses.83f4
Value: *
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-5253690073884644860
.ledger-enquirer.com/ Name: _gat_mistats_ga_UA-48280669-1
Value: 1
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 689FC59C-276B-4C0B-B3E6-90C744AEB308
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.google.com/ Name: NID
Value: 211=Vf1nABZTAOHYKFytawM0vp4hYbn3VBed1pjttWqfXY4u2_imK0bpsy4tIapZcMtmlLvsz2WyfPiyvKUaE18u_qTHyjw8R2DiXcJvmuieOg7hUv3iZdZ35bGlYqmwTD_Di88-idAjIkuA6lGubAF7zQYQ5Djyz6fSGuaikE4q6uI
.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AOfuzD0Muo7OhknaSesXrYLrKzgxr0klvzwzNVgIP7j0a3OwL9iU1H-LTjmgG0mXDl6W9Jzq1nyJUBo8k5N16r8
.demdex.net/ Name: demdex
Value: 58913308628517029240233165826265906734
.ledger-enquirer.com/ Name: _fbp
Value: fb.1.1616019240220.372300132
www.ledger-enquirer.com/ Name: _ntv_uid
Value: 2aaed3ed-32da-4260-bfa4-48df1d56653e
.ledger-enquirer.com/ Name: _sp_id.83f4
Value: b9da8df487cd7fed.1616019235.1.1616019237.1616019235
.www.ledger-enquirer.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Wed+Mar+17+2021+23%3A13%3A56+GMT%2B0100+(Central+European+Standard+Time)&version=6.5.0&hosts=&landingPath=https%3A%2F%2Fwww.ledger-enquirer.com%2F&groups=C0002%3A0%2CC0001%3A1%2CC0004%3A0%2CC0003%3A0
.ledger-enquirer.com/ Name: AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg
Value: 1585540135%7CMCIDTS%7C18704%7CMCMID%7C58448029450774587470279927337149729177%7CMCAAMLH-1616624035%7C6%7CMCAAMB-1616624035%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1616026435s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18711%7CMCCIDH%7C-269517113%7CvVersion%7C4.4.0
.ledger-enquirer.com/ Name: __gads
Value: ID=d7d58d9061fcd721:T=1616019236:S=ALNI_Mb1ioW9LhVCpasolIIoxGwRtuCHTw
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3470211263641356968
.pubmatic.com/ Name: pi
Value: 156657:3
www.ledger-enquirer.com/ Name: _lr_geo_location
Value: DE
.ledger-enquirer.com/ Name: __qca
Value: P0-7859657-1616019235038
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-3228286691239197805
.ledger-enquirer.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.ledger-enquirer.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1616019235554%2C%22slts%22:0}
.ledger-enquirer.com/ Name: ak_bmsc
Value: 5047FFBF589FCE6C584CF203811FDD1502148F94A0320000217F5260842FA208~plgzqGbVN7HvDk9DIBBLM6AEhOJNBMABB5PPkDNEXCadRh/cMvxY4VzyCzTkSrXj8dWRhic9ADEF7+92cSNsU8AYHKfjuDun3v+BuJRtUn2NjS4YH8ycTD1rSWZ6UUT67kVcBraQ/z+w+NI5YwXprbEvpIqc2M3/xa6E/k8z0ZMzzrSOS/8ULW8cWQzf+CYpHbgLn1P9DaYmpVseCPbTyCzupuDCTknZbuebOOTThzdDdzBsy+86uamBdAWEH1Y+1PEnPtQZGV1OUobZKZgf/PKJGKyvhqscf3JwOTrdObP20bJlYAWUESnWLoFOYx/ofU
.ledger-enquirer.com/ Name: at_check
Value: true
.ledger-enquirer.com/ Name: mi_gps
Value: 9
.ledger-enquirer.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=f58d7ef65af8bb3421ec75c920d62024%22%2C%22session_count%22:1%2C%22last_session_ts%22:1616019235554}
.tapad.com/ Name: TapAd_TS
Value: 1616019239166
.ledger-enquirer.com/ Name: mi_s_vnmn
Value: 1618611235247%26vn%3D1
.ledger-enquirer.com/ Name: mi_ppn
Value: Home%3A%20Homepage
.ledger-enquirer.com/ Name: mi_nr
Value: 1616019235245-New
.ledger-enquirer.com/ Name: adcloud
Value: {%22_les_v%22:%22y%2Cledger-enquirer.com%2C1616021035%22}
www.ledger-enquirer.com/ Name: ntvSession
Value: {}
.ledger-enquirer.com/ Name: mi_iv
Value: true
.ledger-enquirer.com/ Name: _gid
Value: GA1.2.45953719.1616019235
.ledger-enquirer.com/ Name: lotame_domain_check
Value: ledger-enquirer.com
.amazon-adsystem.com/ Name: ad-id
Value: A19Y1WEbMEAKjkVPDu4kOrU
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-28abe8fd-f470-49bd-8bb1-830bf588812b
.ledger-enquirer.com/ Name: aam_uuid
Value: 58913308628517029240233165826265906734
.rubiconproject.com/ Name: audit
Value: 1|0o8zzNO5o4a445/ph/Ovo3p4/TMPY9XwpmlTqaQWWgCzdv3tz8WebASq4Drh4WjJZ9qhNrrrOvYAPa3Tu7xkzOBxGCOXoSK1ueUQ+xkeWjL9W23uEog5JA==
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-2041863045849423668&KRTB&23263-2041863045849423668
.ledger-enquirer.com/ Name: mbox
Value: session#193f1edda12e4d7f8086707ac30c2e62#1616021094|PC#193f1edda12e4d7f8086707ac30c2e62.37_0#1679264035
.ledger-enquirer.com/ Name: mi_ppv
Value: Oth%3A%206000px%20%3A%205sc%20%3A%2020%25
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
www.ledger-enquirer.com/ Name: usprivacy
Value: 1---
.ledger-enquirer.com/ Name: AMCVS_3B6E35F15A82BBB00A495D91%40AdobeOrg
Value: 1
.ledger-enquirer.com/ Name: CUID
Value: N,1616019234849:ALHGLuQAAAAPTiwxNjE2MDE5MjM0ODQ5RkYM2++bY3xwJJR7sAJoMjcSrkLyWnuyP4FylOBrmP5qz66SgSPh7HdYmXFFbdGQXsuYk1mNiEjx6wF8WBEQaqWralqBJ35MsIcE3EiaJGv9acM5Sv1RlvtnTgvZoWZIbQ0JwBbC+Jj8vG4ZGkbmhTkwo8OYHBLAyJN6fjty0siLyxQTXae7X/ZQaaoQNKcZe0jZuZXaqDf5n4joS2NXyntKJgGwqIehA0bwCOUv1gaSkTNCrQjCCsYJBu7sVQmryVhFP6udk9z+jC/RW/Sr7MutOybN1I6ci4zoEOHIX9lOZ+Pqdi3lMADUMLvfro34kweOAQwAppjoMYOpKUbKWg==
.demdex.net/ Name: dextp
Value: 771-1-1616019235714|144230-1-1616019235932|144231-1-1616019236238|144232-1-1616019236506|144233-1-1616019236987|144234-1-1616019237244|144235-1-1616019237454|144236-1-1616019237622|144237-1-1616019237763
.casalemedia.com/ Name: CMRUM3
Value: 5860527f252760YFJ-IgAAAJgHLxNg&5a60527f26276023881033384C414C9BC58217D5C674DC&2d60527f2605a0&4160527f2605a0&3960527f2605a0&f160527f2605a00&e660527f2627600&2760527f260b40&2f60527f2627608EUGhizF1LmEqq5
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.ledger-enquirer.com/ Name: mboxEdgeCluster
Value: 37
www.ledger-enquirer.com/ Name: liveramp_id_env_sampling_rate
Value: 10
.ledger-enquirer.com/ Name: _gat_mistats_ga_UA-48280268-1
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESENmsecBKMN-CdG_6wzzCVnA&KRTB&22987-CAESENmsecBKMN-CdG_6wzzCVnA&KRTB&23025-CAESENmsecBKMN-CdG_6wzzCVnA
.ledger-enquirer.com/ Name: FCCDCF
Value: [["AKsRol_HgXV74vBIlChjKRPpPpgzYYq7h1NH_3RKaKwh6NRr0s7x1RLVgUCRcwrQEHXnMY0tMPUF0teqR4F1A8_u6Z5PGKDvHXVUo9mni0sDH2IqSsnR8vZmSwQcsUzUTiLa1bv9PbDYdzHzZbFIKkRgCf1yEjWA-A=="],null,["[[],[],[],[],null,null,true]",1616019238704]]
.ledger-enquirer.com/ Name: mi_ptid
Value: bWlfYXNfbGVkXzU4NDQ4MDI5NDUwNzc0NTg3NDcwMjc5OTI3MzM3MTQ5NzI5MTc3XzE2MTYwMTkyMzQ2ODA%3D
.tribalfusion.com/ Name: ANON_ID
Value: aAnseFqO2c9U2OqnverKsyFEfI4Zdar8B4hxFq8acCyLQuZbPmQbZcSCPsZdLhlMiLTplBocQjSZajk0RBVCTSbm8
.ledger-enquirer.com/ Name: s_cc
Value: true
.pubmatic.com/ Name: PugT
Value: 1616019239
www.ledger-enquirer.com/ Name: ntv_as_us_privacy
Value: 1---
.ledger-enquirer.com/ Name: _ga
Value: GA1.2.1905019986.1616019235

44 Console Messages

Source Level URL
Text
console-api log URL: https://media.ledger-enquirer.com/mistats/micb.js(Line 240)
Message:
mistats_subdata ready
console-api log URL: https://media.ledger-enquirer.com/mistats/micb.js(Line 1637)
Message:
mistats bx_inactive
console-api log URL: https://www.ledger-enquirer.com/wps/build/webpack/vendor.bundle-ce1a13c0119f26716569.js(Line 11340)
Message:
JQMIGRATE: Migrate is installed with logging active, version 3.1.0
console-api log URL: https://media.ledger-enquirer.com/mistats/micb.js(Line 129)
Message:
mistats_gpscore: 9
console-api log URL: https://media.ledger-enquirer.com/mistats/finalizestats.js(Line 1806)
Message:
waiting for mistats_target
console-api warning URL: https://www.ledger-enquirer.com/wps/build/webpack/vendor.bundle-ce1a13c0119f26716569.js(Line 11355)
Message:
JQMIGRATE: 'ready' event is deprecated
console-api log URL: https://www.ledger-enquirer.com/wps/build/webpack/vendor.bundle-ce1a13c0119f26716569.js(Line 11355)
Message:
console.trace
console-api warning URL: https://www.ledger-enquirer.com/wps/build/webpack/vendor.bundle-ce1a13c0119f26716569.js(Line 11355)
Message:
JQMIGRATE: jQuery.fn.scroll() event shorthand is deprecated
console-api log URL: https://www.ledger-enquirer.com/wps/build/webpack/vendor.bundle-ce1a13c0119f26716569.js(Line 11355)
Message:
console.trace
console-api warning URL: https://www.ledger-enquirer.com/wps/build/webpack/vendor.bundle-ce1a13c0119f26716569.js(Line 11355)
Message:
JQMIGRATE: jQuery.fn.resize() event shorthand is deprecated
console-api log URL: https://www.ledger-enquirer.com/wps/build/webpack/vendor.bundle-ce1a13c0119f26716569.js(Line 11355)
Message:
console.trace
console-api warning URL: https://www.ledger-enquirer.com/wps/build/webpack/vendor.bundle-ce1a13c0119f26716569.js(Line 11355)
Message:
JQMIGRATE: jQuery.fn.click() event shorthand is deprecated
console-api log URL: https://www.ledger-enquirer.com/wps/build/webpack/vendor.bundle-ce1a13c0119f26716569.js(Line 11355)
Message:
console.trace
console-api warning URL: https://www.ledger-enquirer.com/wps/build/webpack/vendor.bundle-ce1a13c0119f26716569.js(Line 11355)
Message:
JQMIGRATE: jQuery.fn.mouseleave() event shorthand is deprecated
console-api log URL: https://www.ledger-enquirer.com/wps/build/webpack/vendor.bundle-ce1a13c0119f26716569.js(Line 11355)
Message:
console.trace
console-api warning URL: https://www.ledger-enquirer.com/wps/build/webpack/vendor.bundle-ce1a13c0119f26716569.js(Line 11355)
Message:
JQMIGRATE: jQuery.fn.hover() is deprecated
console-api log URL: https://www.ledger-enquirer.com/wps/build/webpack/vendor.bundle-ce1a13c0119f26716569.js(Line 11355)
Message:
console.trace
console-api log URL: https://ovp.iris.tv/libs/context/iris-context.min.js(Line 1)
Message:
[Iris Context API] v1.0.5
console-api debug URL: https://mcclatchy-ledger-enquirer.zeustechnology.com/main.js(Line 2)
Message:
[customSSP] Registering custom bidder [object Object]
console-api log URL: https://media.ledger-enquirer.com/mistats/finalizestats.js(Line 1806)
Message:
waiting for mistats_target
console-api log URL: https://media.ledger-enquirer.com/mistats/finalizestats.js(Line 1808)
Message:
mistats_target ready
console-api log URL: https://media.ledger-enquirer.com/mistats/finalizestats.js(Line 1808)
Message:
mistats_propensity ready
console-api log URL: https://media.ledger-enquirer.com/mistats/finalizestats.js(Line 1808)
Message:
mistats_cta_widget ready
console-api log URL: https://media.ledger-enquirer.com/mistats/finalizestats.js(Line 1808)
Message:
mistats_subdata ready
console-api log URL: https://media.ledger-enquirer.com/mistats/finalizestats.js(Line 1822)
Message:
mistats request queued
console-api error URL: https://tags.crwdcntrl.net/lt/c/7464/lt.min.js(Line 1)
Message:
LT.JS: Client 7464 cannot run lt.min.js because it has no domains whitelisted.
console-api debug URL: https://mcclatchy-ledger-enquirer.zeustechnology.com/main.js(Line 2)
Message:
[Zeus] CCPA string set to 1---
console-api log URL: https://media.ledger-enquirer.com/mistats/products/escenic_s_code.js(Line 190)
Message:
mistats request sent
console-api log URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96)
Message:
received a request for uspapi
console-api log URL: https://www.ledger-enquirer.com/wps/build/webpack/videoStory.bundle-667b380d20e928f31b53.js(Line 5)
Message:
getIrisContext - Response acting
console-api log URL: https://www.ledger-enquirer.com/wps/build/webpack/videoStory.bundle-667b380d20e928f31b53.js(Line 5)
Message:
getIrisContext - Response acting
console-api log URL: https://www.ledger-enquirer.com/wps/build/webpack/videoStory.bundle-667b380d20e928f31b53.js(Line 5)
Message:
getIrisContext - Response acting
console-api log URL: https://media.ledger-enquirer.com/mistats/products/escenic_s_code.js(Line 137)
Message:
mistats request postback present
console-api log URL: https://media.ledger-enquirer.com/mistats/products/escenic_s_code.js(Line 138)
Message:
mistats request succeeded
console-api log URL: https://ovp.iris.tv/libs/adaptive/v2/iris.adaptive.js(Line 1)
Message:
[IRIS.TV][Info]: *** Iris Adaptive Plugin version 2.0.16 ***
console-api log URL: https://ovp.iris.tv/libs/adaptive/v2/iris.adaptive.js(Line 1)
Message:
[IRIS.TV][Info]: *** Iris Adaptive Plugin version 2.0.16 ***
console-api log URL: https://ovp.iris.tv/libs/adaptive/v2/iris.adaptive.js(Line 1)
Message:
[IRIS.TV][Info]: *** Iris Adaptive Plugin version 2.0.16 ***
console-api log URL: https://media.ledger-enquirer.com/mistats/micb.js(Line 1073)
Message:
mistats_as send
console-api log URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96)
Message:
received a request for uspapi
console-api log URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=11(Line 72)
Message:
Impression for slot zeus_mn-gpt-2 became viewable.
console-api log URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96)
Message:
received a request for uspapi
console-api log URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96)
Message:
received a request for uspapi
console-api log URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96)
Message:
received a request for uspapi
console-api log (Line 3)
Message:
Skipping WebGL fingerprinting because it is not supported in this browser

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
aax-eu.amazon-adsystem.com
ad.crwdcntrl.net
ad.turn.com
ads.celtra.com
ads.playground.xyz
ads.pubmatic.com
ads.yahoo.com
adservice.google.com
amazon-tam-match.dotomi.com
analytics-check.publishersite.xyz
api.ipify.org
api.rlcdn.com
ats.rlcdn.com
aud.pubmatic.com
b-code.liadm.com
bh.contextweb.com
bidder.criteo.com
c.amazon-adsystem.com
c1.adform.net
c1f31c4f12c0eaaad54eb18038e2b798.safeframe.googlesyndication.com
cache-ssl.celtra.com
casale-match.dotomi.com
cdn.cookielaw.org
cdn.parsely.com
cf-images.us-east-1.prod.boltdns.net
cm.adgrx.com
cm.everesttech.net
cm.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
connect.facebook.net
context.iris.tv
contributor.google.com
csi.gstatic.com
d15kdpgjg3unno.cloudfront.net
d5p.de17a.com
dis.criteo.com
dpm.demdex.net
ds-aksb-a.akamaihd.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dyv1bugovvq1g.cloudfront.net
edge.api.brightcove.com
edge.quantserve.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
geo.rlcdn.com
geolocation.onetrust.com
green.erne.co
gum.criteo.com
hbopenbid.pubmatic.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
id.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
jadserve.postrelease.com
js-sec.indexww.com
js.matheranalytics.com
lasteventf-tm.everesttech.net
ledger-enquirer.com
manifest.prod.boltdns.net
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.taboola.com
mboxedge37.tt.omtrdc.net
mcclatchy-d.openx.net
mcclatchy-ledger-enquirer.zeustechnology.com
mcclatchy.demdex.net
mcclatchy.sc.omtrdc.net
mcclatchy.tt.omtrdc.net
media.ledger-enquirer.com
media.mcclatchy.com
mwzeom.zeotap.com
ntvcld-a.akamaihd.net
ovp.iris.tv
p.rfihub.com
p1.parsely.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
rp.liadm.com
rp4.liadm.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.mfadsrvr.com
rules.quantcount.com
s-jsonp.moatads.com
s.ad.smaato.net
s.amazon-adsystem.com
s.ntv.io
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
secure-us.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
sqs.us-east-1.amazonaws.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.ipredictive.com
sync.mathtag.com
sync.search.spotxchange.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
track.celtra.com
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
visitor.fiftyt.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
www.i.matheranalytics.com
www.ledger-enquirer.com
www.macon.com
www.mcclatchy-wires.com
www.sacbee.com
x.bidswitch.net
x.dlx.addthis.com
z.moatads.com
www.ledger-enquirer.com
104.108.144.214
104.108.145.172
104.108.145.8
104.79.89.24
107.178.250.234
108.128.151.98
13.226.157.31
13.226.158.204
13.226.159.106
13.226.159.129
13.226.159.79
13.32.21.39
13.32.25.48
142.250.185.162
143.204.202.80
143.204.206.118
143.204.90.45
146.59.148.16
151.101.113.194
151.101.13.44
151.101.14.49
159.65.197.210
166.108.36.245
169.50.137.190
172.217.23.98
178.250.2.131
178.250.2.151
18.185.192.106
18.185.197.81
18.193.207.151
18.195.22.17
185.29.135.190
185.64.189.110
185.64.189.112
185.64.189.114
185.64.189.115
185.64.189.249
185.64.190.80
185.86.138.142
185.94.180.125
193.0.160.129
198.148.27.139
2.16.107.122
2.17.183.44
2001:678:cb4:bbbb::11
213.155.156.182
213.19.162.51
23.21.76.253
23.37.42.132
23.37.53.17
2600:1f18:444a:4680:252d:a0d8:b19f:2c13
2600:1f18:730:b140:28d8:9783:2a08:4b54
2600:9000:214f:1a00:15:d134:4e40:93a1
2600:9000:2182:5600:6:44e3:f8c0:93a1
2600:9000:2182:7000:5:82fd:2500:21
2600:9000:21f3:4600:11:b309:9100:21
2606:4700:10::6814:b844
2606:4700:10::6816:1957
2606:4700::6810:9440
2606:4700::6812:c05
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1288:110:c305::8000
2a00:1288:80:800::7001
2a00:1450:4001:801::200e
2a00:1450:4001:802::200e
2a00:1450:4001:803::2002
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::2003
2a00:1450:4001:812::2013
2a00:1450:4001:813::2004
2a00:1450:4001:813::2006
2a00:1450:4001:827::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82a::200e
2a00:1450:4007:818::2003
2a00:1450:400c:c09::9b
2a02:2638::1c
2a02:2638::3
2a02:26f0:10c::5f64:c130
2a02:26f0:6c00::210:ba4b
2a02:fa8:8806:16::1400
2a02:fa8:8806:20::2010
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1b::539
3.126.56.137
3.236.169.51
34.120.133.55
34.194.161.83
34.235.235.184
34.249.66.13
34.98.107.212
34.98.64.218
35.158.172.137
35.168.95.93
35.181.18.61
35.201.96.126
35.227.248.159
35.244.174.68
35.244.220.155
37.157.6.247
37.252.172.36
37.252.173.22
52.19.133.54
52.51.245.167
52.86.196.188
52.95.118.60
54.183.218.81
54.220.99.191
54.228.21.183
54.237.174.15
54.239.17.112
54.76.58.94
63.251.232.170
66.155.71.149
69.173.144.138
69.173.144.139
77.243.60.138
85.114.159.118
87.98.128.108
92.123.150.214
99.80.128.92
99.81.11.244
00bac33744984c0b33ac4f0a657ee07fb37aff996779a9bbc2368ddbad45d4d9
020a6d03b445acdaf72388b7098ba8bb3a9f16cbde88c76443c22836691ce6c5
03647f4a36d224389ce3e9f21ad61db1e23f3a54984771270212692eb23049a8
0464b6125d6f9f3dc1dbe6ef7f1203ea4d60d28141fd98fef1e15004f265ec2e
04a74928965ed27c791351d7e70bc0bb40194158a56fd949b19c66f28d4835c1
0521da9cc69f21b9fd110191b17217e2dfcf5461f95ef66c344d92d15ab1a0e5
054f67d705b48b8aed8020fb0845f55dc65c7d7c83e1e1ff194938544fb93893
064c30793ed82df22ca484729935248a99d0ad3cefd8bcf46f23de8d0c0016d0
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
080c9c5e27ecee1e3fae3e4128e960d87922edf33c07dfa1e20fc5f900e04143
08e433842483ceae94dd7fae5b381afdb913113d47ccf9f8918423982772783e
0aab48ed8b79ef2e79778ea45c72d459315de3c8fa1b62fd88cbb11a2fb04da3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0ccfc34943306e0600808d2398ce6da10e4af009e81cb688cdf01a04d371dcf0
0d6aa0d1df9cfdddb4ba1c2e84627fbae84624b959ac448e02057a26df5c89ad
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
1082d15945df430bc0a0e2b334fca25e58f244cbe8f87d3453994fbe6fe0b6b5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1271db7f32627d2a52e219cb353efd3a0df94d777429936c225f81abd469a5ef
128a429bcdea21cf0c6b5e6bb6695eefa441f50999cfb49e399cf2e3fe74e282
16d7d7227f6d8251224d32cd45c81633a3a9d63bf35cd84b1d99d389becb5030
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1b5173389eacc0574e4d0814ffd99f5bfffcd41a38a88cdb74b770a08ac9dc5b
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
225f9ccee193cb3024bdb686f3f0de7dd0aede97b3a772e321f86d5e1836361d
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
277c533808a5f17a6c0fbdb71b7bfe1b9c6f112ed281beac7bcf4bad7378a9ad
28c2e49b8b088e99e3ba0c84ca9bfc536a70c85558654e35b00f95040a70a02c
2969aa16b763893fa2f600de842a23475f8c0f1d58ebbed3c4f7f1a63edbc0b5
2add500dc7fba2077fcfe52fd4c081fe5f3e2a66212e9810eb5c490fa2985568
2c11ad549ca17b21451b1958493f11a98717bc86e2cf3bf2273022f55146d551
2c3d296de1bb7bb908659aedfa489c63e9c0cb0b57887e74932dd5f60de15578
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f5bf5edcefe950e16d287cdcb9c28690952439098ee0639f4a960fe268ae231
3087344cdbe0d4e17728e5b32e8db6a26624a87807b9fb23496ba8db04d3f2b0
318fd391dc5361f08bff2ae57af7e4eb1261f436d8a44b1ef0e0553cf3298297
322d684cc42c48a357096fd026e2d8fb670961457699f2d3a87c1d97187af2f2
3476c08cec250146dcdfd0cfbab2e721a7ca1fd5ba590e9075658a79b3b99524
3477e8fe3b7becd59943c9497c9a6cdcb7768f59f5c0bba0bcf981c923b25c6b
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
388305e6232d397497a35ba97ba5e2e6ea85d349041645c4de2c28a6e08f9044
3b116330f21b3cba12b5af7ebaa8388613a6026a00267cc0a189b0bf410b1e27
3c169b27444d1d2b841d9172028c50666195313159b66bd2e18927f30ea61576
3c18d84e2c6c9879edfb05e7c5cf762b0a1860b3ba4edf68becf5c86fecc35bf
3d0d96becd8907f01322e1a38c1e01b95380244119c1d53df9940959e62f44bb
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ee93068cc2e2f003f919830e1514eebfea447b9e72bec348e7d612ff09c2f57
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41315b08c2b332c2a675a817bac8ca1cc648c33109b699c6609feffc0ac79254
4159ff41a12a38b034dc0de405dd8718265b291912ff07634c8f8b11abc9ad9c
41dd3e48dbef1ddbc59957d4e99ef7662c1702dd8b55d0900b02150f87af354a
42049e40c6a31f850b7dff36ee43ef3f75c20ecb2ab0ddd6ffaa7d18dadf7296
4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3
43822d4b76a516bdd2996de8f3b6d441be74b7808c4213e977cb1939c074eba5
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
463bbb39c01920e907f91fc29d179be88a63eb8611d73c0741ccc8f1dd665bbc
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
496170da5f23440057139b0326f4f740f4d84f536f8969b0fc6e4fa14ba55811
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
4ab8d4672e4e6dddaffe2961db019619fddee5fdad48793107e3ef3065239f68
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c7da10da9130919243c1d08faa0c6ee6dbf302b023718b5171232040c6b84f8
4d3b150a6ceec46b8a06fa45b56028375f46b384bf5bb2db2199d522bdd23387
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e70c351866197d421404027969954c92eaa0bb5198706650087eafd4775a09f
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
53c41806a5233c77b3878acd59c261a04e44a0210e23653f0331b8f0580c127f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
559004a545a13667b7f7b0abdec7892df86ae2d2b36536c76ca37cbbf1b5bccc
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
563c2011610b4867040d34d8493d127ecea5de6c150b09228114281c88d7cc52
586f876503ed4dc63c6ff8567b67dfeb1c84723ef5c7cf218a8ed74ccba6e1ab
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4
59e03ac4334547f1ced56595fd3acc42750e9cbf691542396effd3e8f549a60a
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b3ea6fc86781848dea65272e7c5e308910d89d0a6152cc73a4b37a48e01f8e7
5b6da6699e22347ded40584215d759d21842a07be029c95c4886efa3c1385454
5cb4514e117d67aa8609b1e40d3d465f8344810761949a3807a442cf26b5cced
5ceacdc5e7ad12890d0a04b1ecb54cef0d2588f8cf5d335a08ba9b1b7bc53bb9
5d43a901ac6c9d8df7d2268b6cb189f225ad9875c7c596dc3b06988cf6acf2c3
5e750872034fd046688fe77c3d9b4c4d7f49b80922f066acc84196137c7500df
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5fd8bc8f1abe2eca0f650c16cd0f04bea980adbc2f228e4bc7bb6357923a9c36
6021d076be6cab534c58d762b310389d3a8eaf20e26075f564f971970e860884
68ec0453e1ea9d060200872881a65d6773b10505642f42e387f3abb2f2a0aecc
68f223f9012a4dd8a6f66843682558f528ccb7c7d49df114df05bbabe4ae9855
69e31d53d95f965695db3712f85925810e90cc839a793c87adfcb21eb637673e
6aed601026ce137551492130480a42825a85a9d43ac808cc533dc93fbdfaeeff
6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939
6cc64cc7fbad9db59f8f8575dc1ba336d8757e7ef4c7c22bc503df6c4eef1a2c
70a94b61dc64f4e84e55928b6bd57db766cb84a51eab3e9638036fec136347ba
710367e61dfdc0ae141e184d86cc5749199da663162d5aa6d093a7e3361ca592
74471d2c1b4f67e7d2d598b4941cc968ee248bf36c10921c25e5bcea805af6e8
75bb5aa2e14d429ba49e8785c3876f2c8b8e14165c17420c07228b00c4e2e729
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
789f3d61d9cafb5e3ed133ac8ee0c14c55c63647294fc8105040ad6fbc911dcb
7924eb15632c1b7c6c0d3a867db277188ca3497fdf217a2d91b13858d4a832f1
797b5c32f492bb21f2256f97f1015f4768e20892122ef8c909a9ac013219b48f
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7d10a7504a79b23cbf299d54e8a88d621d59d21f08e89011894db6661d2184d7
7da22511eaa997140ea43f7c0e5f732df19e1910c5cf8bdfc3e3b2782cd7b782
7f06def529e0076b37f65c60085a6b1c65f1bbab0b1f87c72c188018b5094966
80a1c5f9713281f4575985039a9a484e7fe04235143cbc592e634b418ff0c3ae
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833d7090852ccc02615fa13d9eb05aeb8cac0bed960f46941b63a68395aaba28
835c8e3cbcc1e237777ccd12220046e701b7036b993a3d27f7d683c6bec5e137
83f02c3275bb158b325645dedbb029eaf6bcb3916e652fbfdc603b5cbf92fe3f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85fa47de6b71bbce922b3d89b645018063f5d4b1c7ac1383ada0da3729de6702
86cef609c85d2c2ce6a507af54e77a9c150e2fa408043e1454082614c4b0ce2b
871b43a3d656e3f601eafffd75e05f69d008c0d7e7c8034b9e96435d39fc3e72
8776920a540d05bb179f110ce1c253cc3b269541f0dfa0d0e5255b522c2cd8b2
899090d9abbe42bf8e5503ac6f145a4cf9346250a3171a3bca8f6ad20f27e6d9
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
8c92061ecd87ac83d34922deec523bdd40d8c72651485d18a7f711bcb4889c78
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e26c82b3a05d2306015e1d1414cffced4a6ab6e012e8aadfcb0db6798314a79
8e79e41b43dfffe5d1cc409d0ab4269d92c26a2e8a947a455cb384d93aea55df
8f11f2d65d3a1594a57625e5a9457a1beb87c6a0399172cab062d50263ae388b
8fe14fba4b350b94412bdee5915a3711f88aede515d05c24c425b3e3bb564ed0
9038dc56cd08392efb2e6058d48f3adbc453d5fa4e4aae17f4ad11ecb9722bc5
9064c98a963ceb9bb6ca03f6ed6894096dc846991b6c52bc7f7c776013cedd8e
90a19c38629ebfeab116a63ea65265ad34deb9707577cf2865e64d8a6f972862
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
9472429b7873ba26beae367a22a569cca0b56228943c1db06730396fde73a360
9710dab6bb3447842cba847209148bd89fb928f55865b045105fa3aefa4fb51f
9723f30a4b9ba27e695abb88fff9c15da7c135dccad252baee3b3cd6f54c9451
98c6e0838ef56e75a3d90be996ca6e47d87483fb9d7b4148cdd56acb7b133cb8
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c2464add3c699d2be6d7ec889eed8d56ff71327ce4fc9e43955cea79b117fce
9c9748ec7fadb426998e9b48ef25acb759a97528ba42bc0bf5078c995ac66891
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a051ea6c562895209e399e227b7cfd47e8aff908a79fe0e68c8160f8c10c4e9a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a635edb59bf760273dcbb4d04e091987e2496addfde69f2c095bf32a3c9606a6
a7a51949d343df29964d86649fe40db47517d23beb564e02ba6bd093f920010a
a8c0554545df5557bfbae4b60e272d4c68b10876874942ae276e8a3f927f5dd0
a955e87bf916fcf94a65c34601443c7c4e3a79280f15b3846729eb3999e97bb3
a9c59945c470e1fabdd79c4f07d0d22527869fb4eca62b78ad95b30e19ac9626
aa3b3812b3a449981a288944e972a03d1c918c237cca3d2a58018a4ad0c2acfb
ac53400c04ca28a29467c3b6cf8f0be2f9d4333a518574fba32cc239195117db
ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0730feeaa8693523b2f4181a13b66162dd372dc98410718a8300a43c230b6b9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b525214335ddd50139b8cead123523306144018a47e3d4a35f6e5b35f295a8fd
b608403667d76fc4dcb6aaf9eb0dff5b924ea30185a5271e98ce90077e89d4ea
b6a39ee870f3d3e0df25798083cbc711eebd0a56013bb4cd7c513e69d846378d
b6bd0e2ebcb4e0a35e3b4c07f647976dc8a37088de6887bb1ac47fb46452f4e4
b6fcdd11c229160158b2399cfc0524bd1712b0b24e86e9d3432e5eec78d9e518
ba8bbfe110629e3df60cffbcd75d2ea7627f5f6e13ef3ba0354221cab7b8e097
bc4e9d1236b76a6d90148779846505fc3eb58176b1d1b6e50a25e9ab18e9aa15
bcd3a2f2007b15a4b3c4d4352057a1e74f73418aeb7e80fff99d3400350b6ad1
bdd36b3dd514b2b58700994682bb706fb76fd1190fe2bd6e6e6f1e6cd295fad1
bf98b9a7dbf18e105886293f7063c3adfd1318ac90db9ae4a3b02f9e8eecf4ea
c023c54d87c984b154b34ee12dc19cc028d472bdd6c48fe9fb3c8ca18800840b
c0f1a0e47f7e68ec0549eba6eb3fcd3523a2c3e68bcd9b2463ef084df041fd34
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c254b30973cc66b03005876c003d80c437f628356310ab23879fdc5825d0817e
c567fcbe7577902d1281888aedf0ab76c50565cdae655d1285aa0f7c586cc0f3
c8664b05df583216c75205b0413ba547e4968b4c94cf023fd91e91583ec3a2d2
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cce3e63f916aacd3c749356e9dbb14639dcd368764185cc6803e66c31ad0c190
cdeb2d8d66421813fc60686d765bb8da830d38f0377c87bc3f75679489d2194e
ce7c00b6a5c6bf81240646aaa03a788764b3ff0c70262591319ce5aca1c91c77
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf5e946c1508e9a17e9fa87a2e65eb15ee2f72721d207d64c11ce5d702738378
cf88af8885e4d95b827f2cecd828d109bebc6e53470b252d9ae812fec67f3a6c
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d139c3756ba4ea4e4672c12645de4977faa9ba7e0d550931d2086338fd72dfe9
d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2
d2f3f811446b19e2665236f2a508ee60ce2b36b85c97cc0f19c48e8d6aa169b0
d408f7701491cd7a57dd70a39be787ea166ceeb4437fb23ae2037941c03c152a
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d7f8caccc1ee6725f2e5e893f332c7e688fe74d4603303148be129cc2c658808
d98430b79bd481c608eb50058778fc3a919b996494f209c1546d11280d7bc14f
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dedc6e38afe9332230dc2358a7e20b17bdbeefed31623bad93ece68270e83544
df2d4c7249d3cd8c72c62a2a5a0ebcbac038929d94e78fee17ce47a65753d9c3
dfeb7783a538aaf85df056bf149c808937dccdb3e3af5714d6fba017054e2f94
e01b2c94a979c7f73e27503991c0087ddd4e3dc9b6920cae31ba9308db24bb9e
e0669ecee925b20d4d67f0666dbf4479ee266e23388f5582ddb8c00710c4917d
e1f216e60c7a2abfdaac8937b538cc9def82819dc461bba9a61ff343402d9492
e2aed6b8c0cd9df8de5c813f021c2ed4489f4f39bad38be06f4a290d22301547
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ef3539e23b78a4c30c5e7d1093f9534e3750332515e7f2c18b8cbe981a6f47
e454f6f9e79ecf329c1a37dee75042168bb0a7b84aea3df6292a39b6651eb146
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e
ea068bc08ab847733b3dd8f9a6a110134f56808cda3cbe619947f1d0da3a0579
ea2939a6c5a87eb95c20b8942a09f646e501dd53d05da49ece8471d6cb0f2fbf
ebc6da23752a7ca423fc24f860eeffcd71f7491bf11471c5aa1a29815976d173
ec2cc99b7d1be6fb64d9ce3622e5584e39002529d87a71ffad76435b800de309
eced2a68da9eed95cc9c956e26607f9a6176500fd01cc1e41410b562b290e3ba
ee8125fa978bcd4c05392936007cf0d2c983f4767e527a7dcdc41f67c549dc8f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f2f93fd85c2f5e6c07c80c6487a804ec6bede5bed8fe755280d87d4dfde986d0
f36ddb47c8fa8f345ff29672f24c62f790b237ec29e4d8a96ca2ccde24751985
f443917aa87484950ec35d141b745aaa872c25618e55f77975bee4bb54954cf3
f447eadf79748cdc576dbc1d13edfad9373e5cb42624792dbb875549bdaed337
f57ec0b8202cdfafe3c6faacb99a35cd20dbfb5cbe0554d542e0b10bd0b96c8d
f6f4b4586d702093c9cc07e981206978d58633f46da7c721f46513d4dcc71b11
fc3442f9b25c4d3e4f1a5e370459cfc4afdf730e94a68be11e084d1d3682c7f8
fe8b11787e4947df6fc29d4a6952bbf5ab2efc5cc8057c4a2d66d2cbb39ed801
feaad76415c6eb7fb707e31a7f0bd3da9f47a60a5c6d34cd00e2ebf0bbb6766c
ff6c4a41b73d0c86e3c2776882ec86086c773bd91e732e56d24bd58045358e13