urlscan.io logo urlscan.io
SecurityTrails logo

www.leducrep.com Open in urlscan Pro
34.111.249.109  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://leducrep.com/
Effective URL: https://www.leducrep.com/
Submission: On January 07 via api from KR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 109 IPs in 9 countries across 73 domains to perform 403 HTTP transactions. The main IP is 34.111.249.109, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.leducrep.com.
TLS certificate: Issued by GTS CA 1D4 on December 22nd 2023. Valid for: 3 months.
This is the only time www.leducrep.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 34.111.67.160 396982 (GOOGLE-CL...)
2 34.111.249.109 396982 (GOOGLE-CL...)
42 34.149.157.221 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
3 108.138.1.25 16509 (AMAZON-02)
2 23.197.120.249 16625 (AKAMAI-AS)
1 13.32.27.33 16509 (AMAZON-02)
25 34.117.54.29 396982 (GOOGLE-CL...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 18.66.112.84 16509 (AMAZON-02)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
16 22 2600:9000:212... 16509 (AMAZON-02)
1 2606:4700:440... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
5 13.107.6.158 8068 (MICROSOFT...)
1 65.9.95.83 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 184.30.211.26 16625 (AKAMAI-AS)
23 2a04:4e42:600... 54113 (FASTLY)
1 5 18.245.60.72 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 35.241.9.51 15169 (GOOGLE)
2 6 185.89.210.153 29990 (ASN-APPNEX)
8 34.107.254.252 396982 (GOOGLE-CL...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 75.2.40.13 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 52.214.121.166 16509 (AMAZON-02)
11 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700:e2:... 13335 (CLOUDFLAR...)
1 65.9.93.173 16509 (AMAZON-02)
1 172.64.152.89 13335 (CLOUDFLAR...)
30 52.28.203.152 16509 (AMAZON-02)
14 3.65.234.7 16509 (AMAZON-02)
1 34.120.63.153 396982 (GOOGLE-CL...)
1 2 52.209.113.22 16509 (AMAZON-02)
2 2602:803:c003... 26667 (RUBICONPR...)
2 185.64.189.112 62713 (AS-PUBMATIC)
2 12 104.18.36.155 13335 (CLOUDFLAR...)
1 35.186.253.211 15169 (GOOGLE)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
2 35.244.193.51 396982 (GOOGLE-CL...)
2 44.237.26.143 16509 (AMAZON-02)
1 152.199.22.243 15133 (EDGECAST)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a04:4e42:400... 54113 (FASTLY)
1 69.173.144.137 26667 (RUBICONPR...)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:212... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:225... 16509 (AMAZON-02)
3 2600:9000:223... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
4 18.185.12.185 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2600:9000:212... 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
5 2a04:4e42:600... 54113 (FASTLY)
2 2606:4700:440... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 65.9.95.71 16509 (AMAZON-02)
1 65.9.97.61 16509 (AMAZON-02)
6 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2600:1f18:44f... 14618 (AMAZON-AES)
1 52.17.99.225 16509 (AMAZON-02)
3 2a04:4e42::645 54113 (FASTLY)
2 18.66.112.41 16509 (AMAZON-02)
1 143.204.98.68 16509 (AMAZON-02)
1 2a03:2880:f17... 32934 (FACEBOOK)
2 35.187.184.108 15169 (GOOGLE)
2 2600:9000:223... 16509 (AMAZON-02)
4 104.79.89.214 16625 (AKAMAI-AS)
3 2.18.96.187 16625 (AKAMAI-AS)
4 172.64.149.180 13335 (CLOUDFLAR...)
2 35.190.0.66 15169 (GOOGLE)
1 35.244.170.237 15169 (GOOGLE)
9 184.30.17.133 16625 (AKAMAI-AS)
3 2600:1f13:800... 16509 (AMAZON-02)
2 185.64.190.78 62713 (AS-PUBMATIC)
2 69.173.144.165 26667 (RUBICONPR...)
1 141.147.81.223 31898 (ORACLE-BM...)
2 3.33.220.150 16509 (AMAZON-02)
2 2 142.250.181.226 15169 (GOOGLE)
3 3 44.213.227.236 14618 (AMAZON-AES)
1 2 52.46.128.147 16509 (AMAZON-02)
1 18.159.21.114 16509 (AMAZON-02)
1 2a05:d018:d29... 16509 (AMAZON-02)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 98.98.134.243 21859 (ZEN-ECN)
6 23.36.225.114 16625 (AKAMAI-AS)
1 44.215.232.18 14618 (AMAZON-AES)
1 77.245.57.72 36057 (WEBAIR-IN...)
2 2a02:2638:3::3 44788 (ASN-CRITE...)
1 3 2a02:2638:3::c 44788 (ASN-CRITE...)
2 57.128.96.93 16276 (OVH)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 57.128.96.92 16276 (OVH)
1 34.98.64.218 396982 (GOOGLE-CL...)
1 2.19.104.211 16625 (AKAMAI-AS)
1 216.52.2.39 32475 (SINGLEHOP...)
2 2 65.9.95.44 ()
1 1 193.0.160.130 ()
1 35.244.174.68 ()
2 2 34.253.16.244 16509 (AMAZON-02)
1 81.17.55.171 60781 (LEASEWEB-...)
1 3.217.69.99 ()
1 2a05:d018:cc3... 16509 (AMAZON-02)
1 1 188.166.17.21 14061 (DIGITALOC...)
2 18.158.175.190 16509 (AMAZON-02)
403 109
2    34.111.67.160 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 160.67.111.34.bc.googleusercontent.com
leducrep.com
2    34.111.249.109 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 109.249.111.34.bc.googleusercontent.com
www.leducrep.com
42    34.149.157.221 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 221.157.149.34.bc.googleusercontent.com
smartcdn.gprod.postmedia.digital
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net
c.amazon-adsystem.com
2    23.197.120.249 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-120-249.deploy.static.akamaitechnologies.com
micro.rubiconproject.com
ads.rubiconproject.com
1    13.32.27.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-33.fra56.r.cloudfront.net
cdn.adsafeprotected.com
25    34.117.54.29 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 29.54.117.34.bc.googleusercontent.com
dcs-static.gprod.postmedia.digital
fem.gprod.postmedia.digital
1    2606:4700:3030::6815:4222 (United States)

ASN13335 (CLOUDFLARENET, US)
www.npttech.com
1    18.66.112.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-84.fra56.r.cloudfront.net
ak.sail-horizon.com
6    2606:4700:20::ac43:44eb (United States)

ASN13335 (CLOUDFLARENET, US)
tags.catapultx.com
22    2600:9000:2127:9c00:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.jwplayer.com
1    2606:4700:4400::ac40:9256 (United States)

ASN13335 (CLOUDFLARENET, US)
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
4    2606:4700::6812:5eb (United States)

ASN13335 (CLOUDFLARENET, US)
auth.lrcontent.com
config.lrcontent.com
5    13.107.6.158 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: bingforbusiness.com
edge-auth.microsoft.com
1    65.9.95.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-83.prg50.r.cloudfront.net
config.aps.amazon-adsystem.com
2    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    184.30.211.26 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-211-26.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
23    2a04:4e42:600::626 (United States)

ASN54113 (FASTLY, US)
ssl.p.jwpcdn.com
assets-jpcust.jwpsrv.com
5    18.245.60.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-72.fra60.r.cloudfront.net
sb.scorecardresearch.com
3    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co
6    185.89.210.153 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
8    34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
1    2606:4700::6811:7611 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
2    75.2.40.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com
api.sail-personalize.com
1    2a00:1450:4001:80b::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
4    52.214.121.166 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-121-166.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
11    2606:4700:20::681a:13e (United States)

ASN13335 (CLOUDFLARENET, US)
events.qortex.ai
demand.qortex.ai
2    2606:4700:e2::ac40:8714 (United States)

ASN13335 (CLOUDFLARENET, US)
api.fouanalytics.com
1    65.9.93.173 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-93-173.prg50.r.cloudfront.net
aax.amazon-adsystem.com
1    172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
30    52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
14    3.65.234.7 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-234-7.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
2    52.209.113.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-113-22.eu-west-1.compute.amazonaws.com
ap.lijit.com
2    2602:803:c003:200::61 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
12    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
2    35.244.193.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
2    44.237.26.143 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-26-143.us-west-2.compute.amazonaws.com
prod.tahoe-analytics.publishers.advertising.a2z.com
1    152.199.22.243 (United States)

ASN15133 (EDGECAST, US)
entitlements.jwplayer.com
2    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    2a04:4e42:400::626 (United States)

ASN54113 (FASTLY, US)
assets-jpcust.jwpsrv.com
1    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
1    2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
8    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2600:9000:2127:f400:2:cecb:23c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
videos-cloudfront-usp.jwpsrv.com
3    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2600:9000:2250:8e00:15:2b26:f200:93a1 (United States)

ASN16509 (AMAZON-02, US)
placement-prd.jwpltx.com
3    2600:9000:223e:ec00:1b:6b7c:c940:93a1 (United States)

ASN16509 (AMAZON-02, US)
prd.jwpltx.com
2    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com
4    18.185.12.185 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
postmedia.hub.loginradius.com
8    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    2600:9000:2127:8000:8:2ae1:d740:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.viafoura.net
8    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2a04:4e42:600::645 (United States)

ASN54113 (FASTLY, US)
jssdkcdns.mparticle.com
identity.mparticle.com
2    2606:4700:4400::ac40:91b1 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.ribn.com
2    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2606:4700:3033::6815:325a (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.mrf.io
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    65.9.95.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-71.prg50.r.cloudfront.net
get.s-onetag.com
1    65.9.97.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-97-61.prg50.r.cloudfront.net
cdn.parsely.com
6    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
3    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    2600:1f18:44f0:4847:e5f9:63eb:8cb4:6f23 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
api.viafoura.co
1    52.17.99.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com
p1.parsely.com
3    2a04:4e42::645 (United States)

ASN54113 (FASTLY, US)
jssdks.mparticle.com
2    18.66.112.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-41.fra56.r.cloudfront.net
onetag-geo.s-onetag.com
1    143.204.98.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-68.fra50.r.cloudfront.net
signal-beacon.s-onetag.com
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    35.187.184.108 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 108.184.187.35.bc.googleusercontent.com
rtb.ads.travelaudience.com
2    2600:9000:223f:9200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
4    104.79.89.214 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-89-214.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
3    2.18.96.187 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-96-187.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
2    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
1    35.244.170.237 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 237.170.244.35.bc.googleusercontent.com
static.travelaudience.com
9    184.30.17.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-133.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
3    2600:1f13:800:7781:d4b7:4b0a:dd42:a73b (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    141.147.81.223 (Slough, United Kingdom)

ASN31898 (ORACLE-BMC-31898, US)
mb.moatads.com
2    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
cm.g.doubleclick.net
3    44.213.227.236 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-213-227-236.compute-1.amazonaws.com
i.liadm.com
2    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    18.159.21.114 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-21-114.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    2a05:d018:d29:3601:8461:1fe4:b475:56d7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
6    23.36.225.114 (Glattbrugg, Switzerland)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-225-114.deploy.static.akamaitechnologies.com
travel198849194933.s.moatpixel.com
1    44.215.232.18 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-215-232-18.compute-1.amazonaws.com
i.viafoura.co
1    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
2    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
3    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
2    57.128.96.93 (Sartrouville, France)

ASN16276 (OVH, FR)
PTR: haproxy05.cl11.ovh.mrf.io
events.newsroom.bi
1    2606:4700:3033::ac43:9fa2 (United States)

ASN13335 (CLOUDFLARENET, US)
experiences.mrf.io
1    57.128.96.92 (Sartrouville, France)

ASN16276 (OVH, FR)
PTR: haproxy06.cl11.ovh.mrf.io
compassdata.mrf.io
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
postmedia-d.openx.net
1    2.19.104.211 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-104-211.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    216.52.2.39 (United States)

ASN32475 (SINGLEHOP-LLC, US)
eu-inap.vap.lijit.com
2    65.9.95.44 (None, )

ASN- ()
live.rezync.com
1    193.0.160.130 (None, )

ASN- ()
p.rfihub.com
1    35.244.174.68 (None, )

ASN- ()
idsync.rlcdn.com
2    34.253.16.244 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-16-244.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    81.17.55.171 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
ssbsync.smartadserver.com
1    3.217.69.99 (None, )

ASN- ()
rtb.adentifi.com
1    2a05:d018:cc3:fe04:c41a:5957:6088:70f7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
1    188.166.17.21 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    18.158.175.190 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-175-190.eu-central-1.compute.amazonaws.com
prebid-a.rubiconproject.com
Apex Domain
Subdomains		 Transfer
67 postmedia.digital
smartcdn.gprod.postmedia.digital — Cisco Umbrella Rank: 137760
dcs-static.gprod.postmedia.digital — Cisco Umbrella Rank: 179807
fem.gprod.postmedia.digital — Cisco Umbrella Rank: 231126
1 MB
31 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 2827
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 819
3 KB
23 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 3192
entitlements.jwplayer.com — Cisco Umbrella Rank: 4229
93 KB
18 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 140
53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 185
259 KB
18 jwpsrv.com
assets-jpcust.jwpsrv.com — Cisco Umbrella Rank: 4264
videos-cloudfront-usp.jwpsrv.com — Cisco Umbrella Rank: 6247
973 KB
14 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1894
2 KB
13 rubiconproject.com
micro.rubiconproject.com — Cisco Umbrella Rank: 4062
ads.rubiconproject.com — Cisco Umbrella Rank: 2896
fastlane.rubiconproject.com — Cisco Umbrella Rank: 791
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1222
eus.rubiconproject.com — Cisco Umbrella Rank: 951
token.rubiconproject.com — Cisco Umbrella Rank: 744
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 4039
333 KB
12 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 757
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 796
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1194
9 KB
11 qortex.ai
events.qortex.ai — Cisco Umbrella Rank: 34200
demand.qortex.ai — Cisco Umbrella Rank: 63400
6 KB
11 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
stats.g.doubleclick.net — Cisco Umbrella Rank: 184
cm.g.doubleclick.net — Cisco Umbrella Rank: 338
201 KB
10 moatads.com
z.moatads.com — Cisco Umbrella Rank: 986
mb.moatads.com — Cisco Umbrella Rank: 1087
px.moatads.com — Cisco Umbrella Rank: 799
116 KB
10 adsafeprotected.com
cdn.adsafeprotected.com — Cisco Umbrella Rank: 5466
pixel.adsafeprotected.com — Cisco Umbrella Rank: 1190
static.adsafeprotected.com — Cisco Umbrella Rank: 988
dt.adsafeprotected.com — Cisco Umbrella Rank: 933
113 KB
9 permutive.com
api.permutive.com — Cisco Umbrella Rank: 2986
cdn.permutive.com — Cisco Umbrella Rank: 3770
52 KB
9 jwpcdn.com
ssl.p.jwpcdn.com — Cisco Umbrella Rank: 3026
449 KB
8 mparticle.com
jssdkcdns.mparticle.com — Cisco Umbrella Rank: 8531
identity.mparticle.com — Cisco Umbrella Rank: 2904
jssdks.mparticle.com — Cisco Umbrella Rank: 7780
115 KB
8 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
630 KB
8 google.com
www.google.com — Cisco Umbrella Rank: 6
region1.analytics.google.com — Cisco Umbrella Rank: 2014
2 KB
7 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 766
ads.pubmatic.com — Cisco Umbrella Rank: 811
image6.pubmatic.com — Cisco Umbrella Rank: 1215
76 KB
7 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 356
acdn.adnxs.com — Cisco Umbrella Rank: 957
secure.adnxs.com — Cisco Umbrella Rank: 793
21 KB
7 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 359
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 925
aax.amazon-adsystem.com — Cisco Umbrella Rank: 464
s.amazon-adsystem.com — Cisco Umbrella Rank: 398
77 KB
6 moatpixel.com
travel198849194933.s.moatpixel.com — Cisco Umbrella Rank: 45377
1 KB
6 gstatic.com
fonts.gstatic.com
www.gstatic.com
82 KB
6 catapultx.com
tags.catapultx.com — Cisco Umbrella Rank: 71183
193 KB
5 travelaudience.com
rtb.ads.travelaudience.com — Cisco Umbrella Rank: 76176
ads.travelaudience.com — Cisco Umbrella Rank: 8834
static.travelaudience.com — Cisco Umbrella Rank: 97598
41 KB
5 viafoura.net
cdn.viafoura.net — Cisco Umbrella Rank: 16289
215 KB
5 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 274
6 KB
5 microsoft.com
edge-auth.microsoft.com — Cisco Umbrella Rank: 76668
307 KB
4 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 1067
cdn.indexww.com — Cisco Umbrella Rank: 2632
3 KB
4 viafoura.co
api.viafoura.co — Cisco Umbrella Rank: 16578
i.viafoura.co — Cisco Umbrella Rank: 18554
4 KB
4 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 5297
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 6989
signal-beacon.s-onetag.com — Cisco Umbrella Rank: 9346
20 KB
4 mrf.io
sdk.mrf.io — Cisco Umbrella Rank: 10258
experiences.mrf.io — Cisco Umbrella Rank: 12895
compassdata.mrf.io — Cisco Umbrella Rank: 70638
59 KB
4 loginradius.com
postmedia.hub.loginradius.com — Cisco Umbrella Rank: 236409
1 KB
4 jwpltx.com
placement-prd.jwpltx.com — Cisco Umbrella Rank: 255164
prd.jwpltx.com — Cisco Umbrella Rank: 3317
806 B
4 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 878
gum.criteo.com — Cisco Umbrella Rank: 597
mug.criteo.com — Cisco Umbrella Rank: 1867
7 KB
4 lrcontent.com
auth.lrcontent.com — Cisco Umbrella Rank: 114786
config.lrcontent.com — Cisco Umbrella Rank: 27252
100 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115
storage.googleapis.com — Cisco Umbrella Rank: 682
imasdk.googleapis.com — Cisco Umbrella Rank: 639
536 KB
4 leducrep.com
leducrep.com
www.leducrep.com
59 KB
3 liadm.com
i.liadm.com — Cisco Umbrella Rank: 979
2 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 4002
622 B
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 998
eu-inap.vap.lijit.com — Cisco Umbrella Rank: 129343
475 B
3 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1919
lexicon.33across.com — Cisco Umbrella Rank: 2501
5 KB
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 972
1 KB
2 rezync.com
live.rezync.com
1 KB
2 newsroom.bi
events.newsroom.bi — Cisco Umbrella Rank: 7834
852 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 894
62 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 809
1 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 594
297 B
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 4472
p1.parsely.com — Cisco Umbrella Rank: 3579
22 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 240
92 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
21 KB
2 ribn.com
assets.ribn.com — Cisco Umbrella Rank: 184729
8 KB
2 a2z.com
prod.tahoe-analytics.publishers.advertising.a2z.com — Cisco Umbrella Rank: 7225
374 B
2 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1007
postmedia-d.openx.net — Cisco Umbrella Rank: 408752
548 B
2 fouanalytics.com
api.fouanalytics.com — Cisco Umbrella Rank: 18395
789 B
2 sail-personalize.com
api.sail-personalize.com — Cisco Umbrella Rank: 5444
473 B
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 438
3 KB
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 3435
514 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 2450
181 B
1 adentifi.com
rtb.adentifi.com
35 B
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1167
45 B
1 rlcdn.com
idsync.rlcdn.com
98 B
1 rfihub.com
p.rfihub.com
1 KB
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 2504
134 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 1321
187 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 590
146 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
185 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 407
17 KB
1 media.net
prebid.media.net — Cisco Umbrella Rank: 1682
448 B
1 prmutv.co
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co — Cisco Umbrella Rank: 325855
218 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1623
17 KB
1 permutive.app
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app — Cisco Umbrella Rank: 254059
112 KB
1 sail-horizon.com
ak.sail-horizon.com — Cisco Umbrella Rank: 5474
33 KB
1 npttech.com
www.npttech.com — Cisco Umbrella Rank: 10326
3 KB
403 73
Domain Requested by
42 smartcdn.gprod.postmedia.digital www.leducrep.com
30 c2shb.pubgw.yahoo.com micro.rubiconproject.com
22 cdn.jwplayer.com 16 redirects www.leducrep.com
cdn.jwplayer.com
dcs-static.gprod.postmedia.digital
ssl.p.jwpcdn.com
21 dcs-static.gprod.postmedia.digital www.leducrep.com
dcs-static.gprod.postmedia.digital
16 assets-jpcust.jwpsrv.com www.leducrep.com
14 btlr.sharethrough.com micro.rubiconproject.com
10 events.qortex.ai tags.catapultx.com
9 ssl.p.jwpcdn.com cdn.jwplayer.com
8 px.moatads.com rtb.ads.travelaudience.com
8 www.googletagmanager.com fem.gprod.postmedia.digital
jssdkcdns.mparticle.com
www.googletagmanager.com
www.leducrep.com
8 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com
8 pagead2.googlesyndication.com imasdk.googleapis.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com
pagead2.googlesyndication.com
8 api.permutive.com 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
6 travel198849194933.s.moatpixel.com rtb.ads.travelaudience.com
6 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
6 region1.analytics.google.com www.googletagmanager.com
6 tags.catapultx.com www.leducrep.com
tags.catapultx.com
6 securepubads.g.doubleclick.net www.leducrep.com
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com
5 cdn.viafoura.net fem.gprod.postmedia.digital
cdn.viafoura.net
5 sb.scorecardresearch.com 1 redirects www.leducrep.com
fem.gprod.postmedia.digital
5 edge-auth.microsoft.com www.leducrep.com
edge-auth.microsoft.com
4 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
4 eus.rubiconproject.com ssl.p.jwpcdn.com
eus.rubiconproject.com
micro.rubiconproject.com
4 identity.mparticle.com jssdkcdns.mparticle.com
4 postmedia.hub.loginradius.com fem.gprod.postmedia.digital
auth.lrcontent.com
4 pixel.adsafeprotected.com cdn.adsafeprotected.com
www.leducrep.com
4 ib.adnxs.com 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
micro.rubiconproject.com
acdn.adnxs.com
4 fem.gprod.postmedia.digital www.leducrep.com
fem.gprod.postmedia.digital
3 i.liadm.com 3 redirects
3 dt.adsafeprotected.com
3 ads.pubmatic.com ssl.p.jwpcdn.com
tags.catapultx.com
micro.rubiconproject.com
3 jssdks.mparticle.com jssdkcdns.mparticle.com
3 api.viafoura.co cdn.viafoura.net
3 www.google.de
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 prd.jwpltx.com
3 www.gstatic.com cdn.jwplayer.com
www.gstatic.com
3 fonts.gstatic.com fonts.googleapis.com
3 c.amazon-adsystem.com www.leducrep.com
c.amazon-adsystem.com
2 prebid-a.rubiconproject.com micro.rubiconproject.com
2 match.prod.bidr.io 2 redirects
2 secure.adnxs.com 2 redirects
2 live.rezync.com 2 redirects
2 events.newsroom.bi sdk.mrf.io
2 gum.criteo.com 1 redirects static.criteo.net
2 static.criteo.net micro.rubiconproject.com
static.criteo.net
2 config.lrcontent.com auth.lrcontent.com
2 cdn.indexww.com ssum-sec.casalemedia.com
2 creativecdn.com 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 cm.g.doubleclick.net 2 redirects
2 match.adsrvr.org ssum-sec.casalemedia.com
2 token.rubiconproject.com eus.rubiconproject.com
2 image6.pubmatic.com ads.pubmatic.com
2 ads.travelaudience.com rtb.ads.travelaudience.com
2 js-sec.indexww.com ssl.p.jwpcdn.com
micro.rubiconproject.com
2 static.adsafeprotected.com pixel.adsafeprotected.com
www.leducrep.com
2 rtb.ads.travelaudience.com 53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com
rtb.ads.travelaudience.com
2 onetag-geo.s-onetag.com get.s-onetag.com
signal-beacon.s-onetag.com
2 connect.facebook.net www.leducrep.com
connect.facebook.net
2 sdk.mrf.io www.leducrep.com
sdk.mrf.io
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 assets.ribn.com www.googletagmanager.com
www.leducrep.com
2 www.google.com tpc.googlesyndication.com
2 53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 videos-cloudfront-usp.jwpsrv.com ssl.p.jwpcdn.com
2 imasdk.googleapis.com cdn.jwplayer.com
imasdk.googleapis.com
2 prod.tahoe-analytics.publishers.advertising.a2z.com c.amazon-adsystem.com
2 lexicon.33across.com cdn-ima.33across.com
micro.rubiconproject.com
2 htlb.casalemedia.com micro.rubiconproject.com
ssl.p.jwpcdn.com
2 hbopenbid.pubmatic.com micro.rubiconproject.com
ssl.p.jwpcdn.com
2 fastlane.rubiconproject.com micro.rubiconproject.com
2 ap.lijit.com 1 redirects micro.rubiconproject.com
2 api.fouanalytics.com tags.catapultx.com
www.leducrep.com
2 api.sail-personalize.com ak.sail-horizon.com
2 cdn.jsdelivr.net micro.rubiconproject.com
securepubads.g.doubleclick.net
2 auth.lrcontent.com www.leducrep.com
cdn.viafoura.net
2 www.leducrep.com dcs-static.gprod.postmedia.digital
2 leducrep.com 2 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 d.adroll.com ssum-sec.casalemedia.com
1 rtb.adentifi.com ssum-sec.casalemedia.com
1 ssbsync.smartadserver.com ssum-sec.casalemedia.com
1 idsync.rlcdn.com ssum-sec.casalemedia.com
1 p.rfihub.com 1 redirects
1 eu-inap.vap.lijit.com micro.rubiconproject.com
1 acdn.adnxs.com micro.rubiconproject.com
1 postmedia-d.openx.net micro.rubiconproject.com
1 compassdata.mrf.io sdk.mrf.io
1 experiences.mrf.io sdk.mrf.io
1 mug.criteo.com
1 sync.adkernel.com tags.catapultx.com
1 demand.qortex.ai tags.catapultx.com
1 i.viafoura.co cdn.viafoura.net
1 pixel-sync.sitescout.com ssum-sec.casalemedia.com
1 pr-bh.ybp.yahoo.com ssum-sec.casalemedia.com
1 x.bidswitch.net ssum-sec.casalemedia.com
1 mb.moatads.com z.moatads.com
1 z.moatads.com rtb.ads.travelaudience.com
1 static.travelaudience.com rtb.ads.travelaudience.com
1 www.facebook.com
1 signal-beacon.s-onetag.com get.s-onetag.com
1 p1.parsely.com
1 cdn.parsely.com www.googletagmanager.com
1 get.s-onetag.com www.googletagmanager.com
1 jssdkcdns.mparticle.com fem.gprod.postmedia.digital
1 placement-prd.jwpltx.com
1 s0.2mdn.net imasdk.googleapis.com
1 prebid-server.rubiconproject.com ssl.p.jwpcdn.com
1 entitlements.jwplayer.com cdn.jwplayer.com
1 bidder.criteo.com micro.rubiconproject.com
1 rtb.openx.net micro.rubiconproject.com
1 prebid.media.net micro.rubiconproject.com
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 storage.googleapis.com dcs-static.gprod.postmedia.digital
1 cdn.permutive.com 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1 23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1 secure.cdn.fastclick.net www.leducrep.com
1 ads.rubiconproject.com micro.rubiconproject.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app fem.gprod.postmedia.digital
1 ak.sail-horizon.com www.leducrep.com
1 www.npttech.com www.leducrep.com
1 cdn.adsafeprotected.com www.leducrep.com
1 micro.rubiconproject.com www.leducrep.com
1 fonts.googleapis.com www.leducrep.com
403 127
Subject Issuer Validity Valid
leducrep.com
GTS CA 1D4		 2023-12-22 -
2024-03-21		 3 months crt.sh
gprod.postmedia.digital
GTS CA 1D4		 2024-01-02 -
2024-04-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-22 -
2024-06-19		 a year crt.sh
npttech.com
GTS CA 1P5		 2023-12-28 -
2024-03-27		 3 months crt.sh
ak.sail-horizon.com
Amazon RSA 2048 M02		 2023-12-04 -
2024-12-30		 a year crt.sh
catapultx.com
GTS CA 1P5		 2023-12-14 -
2024-03-13		 3 months crt.sh
jwplayer.com
Amazon RSA 2048 M02		 2023-10-27 -
2024-11-23		 a year crt.sh
permutive.app
Cloudflare Inc ECC CA-3		 2024-01-05 -
2024-04-04		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-29 -
2024-04-28		 a year crt.sh
edge-auth.microsoft.com
Microsoft Azure RSA TLS Issuing CA 04		 2023-11-28 -
2024-11-22		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
*.jwplayer.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-30 -
2024-09-30		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2023-12-11 -
2024-12-10		 a year crt.sh
*.prmutv.co
R3		 2023-11-29 -
2024-02-27		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
api.permutive.com
R3		 2023-12-15 -
2024-03-14		 3 months crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2023-12-26 -
2024-12-25		 a year crt.sh
api.sail-personalize.com
Amazon RSA 2048 M01		 2023-04-25 -
2024-05-23		 a year crt.sh
storage.googleapis.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
qortex.ai
GTS CA 1P5		 2023-12-20 -
2024-03-19		 3 months crt.sh
fouanalytics.com
E1		 2024-01-05 -
2024-04-04		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-10-17 -
2024-04-10		 6 months crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-12-24 -
2024-03-23		 3 months crt.sh
*.lijit.com
Amazon RSA 2048 M02		 2023-11-21 -
2024-12-19		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
lexicon.33across.com
GTS CA 1D4		 2023-11-27 -
2024-02-25		 3 months crt.sh
prod.tahoe-analytics.publishers.advertising.a2z.com
Amazon RSA 2048 M01		 2023-02-21 -
2024-03-21		 a year crt.sh
entitlements.jwplayer.com
GeoTrust TLS RSA CA G1		 2023-04-11 -
2024-05-11		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
jwpsrv.com
Amazon RSA 2048 M02		 2023-03-20 -
2024-04-16		 a year crt.sh
jwpltx.com
Amazon RSA 2048 M03		 2023-10-12 -
2024-11-09		 a year crt.sh
*.loginradius.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-12 -
2024-11-11		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
viafoura.com
Amazon RSA 2048 M02		 2023-08-08 -
2024-09-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
jssdkcdns.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2023-05-02 -
2024-06-02		 a year crt.sh
identity.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2023-05-08 -
2024-06-08		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-10-16 -
2024-01-14		 3 months crt.sh
*.s-onetag.com
Amazon RSA 2048 M03		 2023-11-04 -
2024-12-01		 a year crt.sh
*.parsely.com
Amazon RSA 2048 M02		 2023-05-06 -
2024-06-03		 a year crt.sh
www.google.de
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
jssdks.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2023-09-16 -
2024-10-17		 a year crt.sh
rtb.ads.travelaudience.com
R3		 2023-12-29 -
2024-03-28		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
ads.travelaudience.com
R3		 2024-01-05 -
2024-04-04		 3 months crt.sh
static.travelaudience.com
R3		 2023-12-05 -
2024-03-04		 3 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-25 -
2024-10-24		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-09 -
2024-06-06		 a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-06-20 -
2024-07-20		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
ssl03.cert.cl11.k8s.mrf.io
R3		 2023-11-30 -
2024-02-28		 3 months crt.sh
ssl02.cert.cl11.k8s.mrf.io
R3		 2023-12-21 -
2024-03-20		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2023-10-09 -
2024-11-07		 a year crt.sh

This page contains 27 frames:

Primary Page: https://www.leducrep.com/
Frame ID: F2DB977DF6ED7855BB1B884EBCF142B5
Requests: 285 HTTP requests in this frame

Frame: https://fem.gprod.postmedia.digital/v93.0/xd.html
Frame ID: 088CF81ED69310ACF67EC82D77AA0984
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.609.1_en_ca.html
Frame ID: D64A3D06EDF8088159D963DB36C46A45
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: B446E91B72BE24484B1FE5B8CE917804
Requests: 1 HTTP requests in this frame

Frame: https://53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9547FAD0F53E48D12C91155B98D7D608
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0891041D15A65CAF32CBBAB544770385
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3375B15B9955461F16311349C0894DCA
Requests: 2 HTTP requests in this frame

Frame: https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=67a985be-4d7f-4074-844d-83c5c6c78e72&send_session_started=true&client_id=9e0f1475-e4d9-4f30-8a31-99ca6d85282f&locale=en-US&context=signin
Frame ID: 873D9D27305FB60E2A4B04B0CA3797C3
Requests: 4 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=928934&campId=300x250&pubId=4811995650&chanId=21729720023&placementId=6404573011&pubCreative=138455016631&pubOrder=3265484082&cb=1363016801&custom=index&custom2=2&adsafe_par&impId=a052f38c-ad25-11ee-b0c2-025c7d14b065
Frame ID: 6B964CF66C373DD1DEE0CC550FD48D82
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsueBMUiG9KVHOZf3tjg4iK2RU66igCs07ARe6sV2aAvLJGZ9Mth8RVlMkxSDK6j4CJdKVBI5DHe4vb0yxFlPsvowlMCdWw4a2BupC1O_QnigmI4FesAyKclUF7IkUrWGfiVok749AUh9dcxv-qzJl3D69n8tZ6FqoolojrcYK08wVe_2Mb4FVySdDP7R36FHca9S9561iNoZzRhgf1m7lusBD8edTQQdYxcpwPPvy75FXXbeEwrpb6cC-4ksyTQZy48kzdLu_4gcKpw7s6m6gyb9pUj7JC-4e1aTdN7iABWOXt84ZckAsE7AFI9PkpjIWudoerncEMHRLhugXe1dy3-EW7B4kfyTtEYS5eJ4Nk-EfnwgNhwqzkqaMbmJpWYDst43Xovu7L0&sai=AMfl-YRoIkI8QYWRSD4h18Yyc1_LUXRQvYIPTg-EOibAGC9ypCYxd4MRVOtMS_X4y419Q3zqEM7p_CUg86IOLtQiIpM5XgtIdb2OpWSEDhfc7hhCsdFC1q-xDnZ8nujm73CUO-WDj2klJnzaSRSZOMq5tBo&sig=Cg0ArKJSzB1bOumY8asBEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 081F991E76D8376AAD54A6C33E689280
Requests: 6 HTTP requests in this frame

Frame: https://53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 70076D7BA0778632D5DD8CFB130274DC
Requests: 8 HTTP requests in this frame

Frame: https://rtb.ads.travelaudience.com/rtb?ads=30000567.16.0.70017798.0.0..0.DE.-1..WCFkB71VQRro3ZpXl41jTw%3D%3D.60028487.OTk5JTJjMQ==...WCFkB71VQRro3ZpXl41jTw%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCopZk-UOaZa3MJIHRjuwP57yCoAvKkbX7ctPipc7RCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NjExMDUzNjYyNjEzMzkwyAEJqQITD9A53FuyPuACAKgDAcgDAqoEqwJP0PIoGbkdCkI9pJMSR_xlQIkcxdtJw2kBymI_Djr3PwMbIoJDAhz73ZEfMd4zpWSMs2X4iuKFR9svvs3HS8b7FUb-JOrX5IU8vBWBX7DCwnHF5C9rZTVd51tyNjXboh6XLCXu_GTn0MWNnsWuWcpRWYJr7F7_bCrgIrfbiSyxdXu8uL-lHLXTLqUZBb0Mys8HBBPIdMfvwW2IcG6MRkVAaE0ahJ756Fw1mw2HOll1F_1ylHOnmxyZsp1ATeaSw00N-Wz6QULwnKzZRg_0sl7X8KWCHY-YIgyRaO32uU19RiqvNiwiPQDA52KfiiUd12m7Ii7u4JzFiFTSHlYxVcnISIHk6OeS_Izm9R65vm3byF11MgLomAr2RaNV6Tz1PTxtAfOSN3HvES5eH-AEAYAGtZPZmrvjkP8eoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YBwEAEyAusCOgKAQEi9_cE6WMn92L3SyoMD-gsCCAGADAHiDRMIpfbZvdLKgwMVgaiDBx1nngC00BUBgBcB%26num%3D1%26sig%3DAOD64_3oYByg6fjw1ftF-R2xD0VWHJ05QA%26client%3Dca-pub-5611053662613390%26adurl%3D&googlewinningprice=ZZpD-QAJJi0Hg6iBAACeZ8jnld7qzJkeSTogRg&wpc=EUR&site=www.leducrep.com&slotvisibility=1&gcpm=4813594&gpos=1&bidder=bidder-rtb-production-7c77b89f8c-v8rnc&dv=1&uuid=&suid=&brq=1n5SGr3JJt09kJiAlYEB5Gqq8odzhGWkk_aGPA&ssp_id=0&l=en&ts=1704608761&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=rkQ7ieuZL_-epQ8J8f5p7BG8LiayuEilStTPELxmszA=
Frame ID: B31C17D82B1988FDA608434D112D1519
Requests: 21 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: A66298D2764F0943EFA857BF4CDBDE04
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Frame ID: E52FAD4ED96A5382A3AE7A53EA730562
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 6455945F674403FD9596B59B3AE0E801
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 802487BA74194D75B4D0C7568167C6A1
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.leducrep.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 6CB839C851808B7A7C3EDB0D5DF3D024
Requests: 10 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=202271&r=https%3A%2F%2Fdemand.qortex.ai%2Fsync%3Fakuid%3Dhttps%3A%2F%2Fwww.leducrep.com%7C%7BUID%7D
Frame ID: 79BE7DD3CECA2F6A0A30979DBB9DDA0C
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.leducrep.com
Frame ID: 6657A900C888F562EC2CB869D32AD21D
Requests: 2 HTTP requests in this frame

Frame: https://experiences.mrf.io/marfeelpass/statics/dw-check.html?v=5
Frame ID: BF67EAC663FEA9DD58626AEAE6D440D4
Requests: 1 HTTP requests in this frame

Frame: https://postmedia-d.openx.net/w/1.0/pd
Frame ID: DB48FDC0AE4B05BA8E2933B80830D0E8
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Frame ID: 8EE6617EB1CEAFCE9F73DA4E6732C50B
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: C3F27104FCD82898FAE3468271BB2A22
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A73C053A6979A0BAA28411083CD6FF7A
Requests: 3 HTTP requests in this frame

Frame: https://eu-inap.vap.lijit.com/beacon?informer=13402707
Frame ID: FBF1F03731B92D7CE528E377B0F6532E
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 71C6B8A2791F43746EA77BB48942A267
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.leducrep.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: D4678F9EF5861F1EC9E67EE98FF8FF3B
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home | Leduc RepresentativeLeduc RepresentativeUser

Page URL History Show full URLs

  1. http://leducrep.com/ HTTP 301
    https://leducrep.com/ HTTP 301
    https://www.leducrep.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

403
Requests

92 %
HTTPS

41 %
IPv6

73
Domains

127
Subdomains

109
IPs

9
Countries

6660 kB
Transfer

18987 kB
Size

59
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://leducrep.com/ HTTP 301
    https://leducrep.com/ HTTP 301
    https://www.leducrep.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33
  • https://sb.scorecardresearch.com/cs/10276888/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 105
  • https://cdn.jwplayer.com/v2/media/PLQkjmPj/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/FFz78aBF-320.jpg
Request Chain 106
  • https://cdn.jwplayer.com/v2/media/3P97Gxnf/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/bnNxloGy-320.jpg
Request Chain 107
  • https://cdn.jwplayer.com/v2/media/3qy56TsQ/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/BSVUi8pf-320.jpg
Request Chain 108
  • https://cdn.jwplayer.com/v2/media/tsudp1vD/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/xthNEYuk-320.jpg
Request Chain 109
  • https://cdn.jwplayer.com/v2/media/ZWikScTW/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/iMLWXmHL-320.jpg
Request Chain 110
  • https://cdn.jwplayer.com/v2/media/N7kEWSZt/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/mJXTy8aZ-320.jpg
Request Chain 111
  • https://cdn.jwplayer.com/v2/media/VCF8yUO3/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/1MvalMEH-320.jpg
Request Chain 112
  • https://cdn.jwplayer.com/v2/media/KGcPRU3z/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/fXivziBz-320.jpg
Request Chain 113
  • https://cdn.jwplayer.com/v2/media/vhTcEbKX/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/vKLhH4KN-320.jpg
Request Chain 114
  • https://cdn.jwplayer.com/v2/media/1UkcGRec/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/S9Ky5YHN-320.jpg
Request Chain 191
  • https://cdn.jwplayer.com/tracks/Dp6S8fYF.srt HTTP 301
  • https://assets-jpcust.jwpsrv.com/tracks/Dp6S8fYF.srt
Request Chain 193
  • https://cdn.jwplayer.com/strips/1UkcGRec-120.vtt HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/1UkcGRec-120.vtt
Request Chain 197
  • https://cdn.jwplayer.com/v2/media/1UkcGRec/poster.jpg?width=720 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/S9Ky5YHN-720.jpg
Request Chain 198
  • https://cdn.jwplayer.com/v2/media/1UkcGRec/poster.jpg?width=640 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/S9Ky5YHN-640.jpg
Request Chain 207
  • https://cdn.jwplayer.com/strips/1UkcGRec-120.jpg HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/1UkcGRec-120.jpg
Request Chain 247
  • https://cdn.jwplayer.com/v2/media/PLQkjmPj/poster.jpg?width=120 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/FFz78aBF-120.jpg
Request Chain 312
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.leducrep.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.leducrep.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 320
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZZpD.vmU1qINiwdd3mODlAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEII3pMyGh3kENEsgSKX2ETk&google_cver=1&google_hm=2
Request Chain 321
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZZpD.vmU1qINiwdd3mODlAAA%262182&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZZpD.vmU1qINiwdd3mODlAAA%262182&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=e798796f5cb548e08c7eb2a7863cc338 HTTP 303
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Request Chain 322
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZZpD-vmU1qINiwdd3mODlAAACIYAAAAB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZZpD-vmU1qINiwdd3mODlAAACIYAAAAB&gpp=&gpp_sid=&dcc=t
Request Chain 325
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZZpD.vmU1qINiwdd3mODlAAA%262182 HTTP 302
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZZpD.vmU1qINiwdd3mODlAAA%262182&tc=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=TGZheBHwfRbvc5gu-tem1BNUD6-Fu0nJgEaeoZEQA6c&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZZpD.vmU1qINiwdd3mODlAAA%262182&tc=1
Request Chain 364
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=leducrep.com&sn=ChromeSyncframe&so=0&topUrl=www.leducrep.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=qxHt_nxQdkt6TWNTN2xJQ2lWRHM0U3JHTHlXM1d5Ym0zVWlYTEVPV2VJTzJoSmNmVU5ZMmViSTZKTnJrUTh3ZEhiREs4Z3R2UUZsdG9zRm51U1phOEt2aTYwVUNST1Y2di9qQU9SS3htaWRJZ2E1NnJKWVVXSEJXK3FKL3RyRmc3WUNNa3lJbTR0UGdqYWQ2alZqZVdFc1pMbW1VNTl4cnVlUStHQVVkVkpPUzZoYVVteGg1ZlFOT21TcFdDTXZvT0pBd2dsRy9aWENRYkNhQUlKV1B2cCtoU0t5NWpla1pjSmdqL0NFWlIrZFdQRHVrS3k1NXRIWGxnWTQ3YUFNMTYzYjZXR3hvbjlVa1RRTThwUi9WVXB2WjlGT3VpQ1FwSFlSQ3VhU29FNDcrNWx3WT18&cppv=2
Request Chain 382
  • https://ap.lijit.com/beacon?informer=13402707 HTTP 302
  • https://eu-inap.vap.lijit.com/beacon?informer=13402707
Request Chain 388
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZZpD-vmU1qINiwdd3mODlAAACIYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGEz3Q8WyFLPhvPEecRNLw4&google_cver=1
Request Chain 389
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZZpD.vmU1qINiwdd3mODlAAA%262182&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=e798796f-5cb5-48e0-8c7e-b2a7863cc338 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=bb638564-b724-4ffe-9140-9811aba76a16%3A1704608766.7673628&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dbb638564-b724-4ffe-9140-9811aba76a16%253A1704608766.7673628%26_%3D1704608766.7704964&cb=1704608766.770535 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685631731839877&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dbb638564-b724-4ffe-9140-9811aba76a16%253A1704608766.7673628%26_%3D1704608766.7704964 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=bb638564-b724-4ffe-9140-9811aba76a16%3A1704608766.7673628&_=1704608766.7704964
Request Chain 390
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D46%26external_user_id%3D%24UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1123439579403283424
Request Chain 391
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACjbU7LNIgAABQYmeQyjQ&expiration=1705818366
Request Chain 395
  • https://match.adsby.bidtheatre.com/indexmatch?gpdr=&gdpr_consent=&us_privacy=&user_id=ZZpD.vmU1qINiwdd3mODlAAA%262182 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=fdd6797b-8bea-4a93-87d3-a5ea18b85065

403 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.leducrep.com/
Redirect Chain
  • http://leducrep.com/
  • https://leducrep.com/
  • https://www.leducrep.com/
342 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.leducrep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.249.109 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
109.249.111.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
c02ee41c89b1ce6d88c9550be457a739bc90c7fd9b320bfe68be551c41f9dd94
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=180
content-encoding
gzip
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
content-type
text/html; charset=utf-8
date
Sun, 07 Jan 2024 06:26:00 GMT
expires
Sun, 07 Jan 2024 06:28:03 GMT
last-modified
Sun, 07 Jan 2024 06:23:38 GMT
permissions-policy
autoplay=(*), camera=(*), display-capture=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), microphone=(*), payment=(*)
referrer-policy
strict-origin-when-cross-origin
server
istio-envoy
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-dcs-cache-page
HIT
x-envoy-decorator-operation
pmd-nginx-proxy.nginx-proxy.svc.cluster.local:80/*
x-envoy-upstream-service-time
4
x-frame-options
SAMEORIGIN
x-pmd-backend
pmd-nginx-proxy-6cbdf6d5bf-kmbl2
x-pmd-cache
HIT

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 07 Jan 2024 06:25:59 GMT
location
https://www.leducrep.com/
BobYoung_0_0-1.jpg
smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2022/02/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2022/02/BobYoung_0_0-1.jpg?quality=90&strip=all&w=466&type=webp&sig=dBed_BNHoUw65JYdKE2wRQ
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
14ba20da4270913a8f69587c89df25272dbfbc0e3f9d21b7bce299ec7564d102

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Sun, 07 Jan 2024 06:26:00 GMT
via
1.1 google
server
nginx/1.18.0
etag
"cac18dd2c71d3dc88a105151c2955e9590ea8968"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-hqfvf
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26150
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
24e2db472b47c82ae28a7dfeb21ee6133e43bdd4ff9adfc8f8e4d1096508ac6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 07 Jan 2024 06:26:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 07 Jan 2024 06:07:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 Jan 2024 06:26:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11c95da30f62422cc9bb2322252b27e3b2910e5e06de7b5493229209571f2556
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29060
x-xss-protection
0
server
cafe
etag
595 / 19729 / m202401020101 / config-hash: 2026918608723226553
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 07 Jan 2024 06:26:00 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 05:36:17 GMT
content-encoding
gzip
via
1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront), 1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 22:20:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
2983
etag
W/"d6937d02acbbf691a008906e9d0617e0"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
uqtoeKukkU0YaVyycTW2oR-xvh45u-7aQ1wUcxfgJqQcz37UClRPcw==
14648.js
micro.rubiconproject.com/prebid/dynamic/ 		2 MB
266 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://micro.rubiconproject.com/prebid/dynamic/14648.js
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.120.249 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-120-249.deploy.static.akamaitechnologies.com
Software
Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash
bd5ecc5e3d9b886015cc38519046b9f2768aa22929c6a573ec6aebea90392653

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:00 GMT
content-encoding
gzip
server
Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary
accept-encoding, referer
edge-cache-tag
prod-prebid-14648_postmedia_pbjs.js
content-type
text/javascript;charset=UTF-8
cache-control
public, must-revalidate, max-age=14400
content-length
271749
expires
Sun, 07 Jan 2024 09:36:17 GMT
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-33.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Mon, 01 Jan 2024 20:59:22 GMT
Content-Encoding
gzip
Via
1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-C2
Age
465999
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=604800
Connection
keep-alive
X-Amz-Cf-Id
nN89qW7g5-olTD6WyHuMhCvMpGcsvIGtY3lFgHys1S1WT1Y2Ydp-aA==
output.e13822da2ca5.css
dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/ 		29 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/output.e13822da2ca5.css
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e13822da2ca587d1d53b050cb267bbfea098e785e496dfb833bf4ae38555a087

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:56:14 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014123
age
1592986
x-guploader-uploadid
ABPtcPpaKkAPSwbXICXk0wHAxpIGScUff2-SQfc_6nBfT4wxYPeEIEn4KtesDiZtALBeftsjIET_uvuIo4jh4pw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2525
last-modified
Tue, 19 Dec 2023 19:46:05 GMT
server
UploadServer
etag
W/"e294df1b7807772797bf8455e49389d1"
vary
Accept-Encoding
x-goog-generation
1703015165240881
x-goog-hash
crc32c=7LFLRw==, md5=4pTfG3gHdyeXv4RV5JOJ0Q==
access-control-allow-origin
*
content-type
text/css
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
29809
accept-ranges
none
output.c9fe1e8e609f.css
dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/ 		90 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/output.c9fe1e8e609f.css
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
97d2d059b018df2d5e0dedab47f242e427c537c972c2bd3b013e44b6ec569f00

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:56:14 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014123
age
1592986
x-guploader-uploadid
ABPtcPoy1jgj9kAUP4lTun219yZt6CsfNRpvtSRjRuJYcmksZxt0E53dxV_L7Uess4IENQtcu9C4sywB8fJSnzg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14526
last-modified
Tue, 19 Dec 2023 19:46:04 GMT
server
UploadServer
etag
W/"df5eb9b3119bc5e8644c315cb923e553"
vary
Accept-Encoding
x-goog-generation
1703015164623657
x-goog-hash
crc32c=0YCwvg==, md5=3165sxGbxehkTDFcuSPlUw==
access-control-allow-origin
*
content-type
text/css
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
91724
accept-ranges
none
output.da2c731b0d2c.css
dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/ 		60 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/output.da2c731b0d2c.css
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
63680c6a3dd302c0eaa4d475e9b6f360e6d1eba0b23943f6b4eeead3eda8b270

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:56:14 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014123
age
1592986
x-guploader-uploadid
ABPtcPrVXgu64mIYbbCQM-EuPaNJXx-_fBWVbyOWIcfzzUWg0LhZNcexjLm1IhbLHg295WvF0oBt8BG40EE094M
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6937
last-modified
Tue, 19 Dec 2023 19:46:05 GMT
server
UploadServer
etag
W/"f0c78d66217c22bd4b2fa08c57b607ff"
vary
Accept-Encoding
x-goog-generation
1703015165050324
x-goog-hash
crc32c=RFPrqg==, md5=8MeNZiF8Ir1LL6CMV7YH/w==
access-control-allow-origin
*
content-type
text/css
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
61432
accept-ranges
none
advertising.js
www.npttech.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:4222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:00 GMT
x-amz-version-id
AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
A7NP5MDC4YT9PXDG
age
3658
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Q6R6xP7LJ9p3DYJhGOX48VV8WHvATfSUTrykCyVm4CO7HkWCSpZNV/lDT4F31ebzfV9JSTpdm4Y=
last-modified
Tue, 18 Oct 2022 13:20:01 GMT
server
cloudflare
etag
W/"df0e1827cd8f289a645f38d8fecaf6e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zj0iVpcNFdko58ob6kHkNmuC2gUepXobKH8M8gcl6%2FZXbwyXWgpRgpr%2FniwmKB00W%2FKMKTaVxmNczx57xqw%2F%2FO8Cdcfzj3kR4zwVT7NEvoZolxGuwvK1oMAc157wdVPnbENOazcuuPIK%2FOwzOqk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
cf-ray
841a20721e45b76c-AMS
output.cacec43b9284.css
dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/ 		28 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/output.cacec43b9284.css
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
394edd50c5623ba8fa694e243977128557aec9857b38a296658b5f0aba221d8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:59:31 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014123
age
1592789
x-guploader-uploadid
ABPtcPr9DDAoWqUBrwYMaKlNTYEyqo9rh8ha-NCHeoKNX11wEGOit5yuBw-s8b_9nETY9310oCk56Qrheg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4695
last-modified
Tue, 19 Dec 2023 19:46:04 GMT
server
UploadServer
etag
W/"c6e69dc0aab90602a79c27e3eed7fbae"
vary
Accept-Encoding
x-goog-generation
1703015164727508
x-goog-hash
crc32c=WOZEPg==, md5=xuadwKq5BgKnnCfj7tf7rg==
access-control-allow-origin
*
content-type
text/css
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
28886
accept-ranges
none
spm.v1.min.js
ak.sail-horizon.com/spm/ 		98 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-84.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ed1c626af66981552aac1e9cd693fb3bbf73411f1af5ad340723545258fab7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:23:45 GMT
content-encoding
gzip
via
1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
last-modified
Tue, 29 Aug 2023 21:44:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
136
x-amz-server-side-encryption
AES256
etag
W/"edee28fbd3a5c9f3c17e0333554b5646"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600; must-revalidate
x-amz-cf-id
rLtBw3D9n0e8eZCI3RcEZYL9qX5iuVR9wk5GuyTOXRNCGg6E10IzXA==
fem.js
fem.gprod.postmedia.digital/v93.0/ 		380 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v93.0/fem.js
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
cae693444d5c4b70988da3ee41b0c3809de3f7701f474183ed8a446be6c970a5

Request headers

Referer
Origin
https://www.leducrep.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 20:01:00 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1702321262
age
1592700
x-guploader-uploadid
ABPtcPqer7OqeUx4_gfa2h3ELEdn-ZjwBbfEHbw1FgadwJ_Nv8gzrNFL5xr-stLlqnAZ0V3_d7L3V23apg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
109102
last-modified
Mon, 11 Dec 2023 19:02:01 GMT
server
UploadServer
etag
W/"614b2d032ff8e38b1fff2badbf038f1a"
vary
Accept-Encoding
x-goog-generation
1702321321950203
x-goog-hash
crc32c=K4lC0Q==, md5=YUstAy/444sf/yutvwOPGg==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
389565
accept-ranges
none
content-type
application/javascript
bootstrapper
tags.catapultx.com/ 		24 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.catapultx.com/bootstrapper?group-id=cRWq0mHGUUajm2dPzPy6IA&video-container=.jw-wrapper
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
eaa1fe6daa6d6efa271e07a942dd6cd521cf367b0f2a1470512f43dc315ad50c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:00 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 13 Dec 2023 15:55:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"121"
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YjRl1VrMdvlpFvAe4dV66Bqedpp92c0O3TBkIpZzRwArMaP4ETfVCmJA70Q2OrEMuQuAj3sJxpGa1gj2uaY6K%2BYJo%2Bsucrfqas4DvDo1xgCsZK5AaWONK5QBGonaCLjny22U0Mm%2BWT8Q50fb4%2Fha%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=180
cf-ray
841a2071ed4018d4-FRA
embed.js
cdn.jwplayer.com/v2/sites/ReDAXyY4/placements/ 		58 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/sites/ReDAXyY4/placements/embed.js
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9c00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
a075f92744836d04b6d6baea13c646a1376afa236c13827f37e52420050b3a64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:23:18 GMT
content-encoding
gzip
via
1.1 df0aa1ee2f3a5b8f1aa2a31aa4b7db86.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
PRG50-C1
age
162
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
x-robots-tag
noindex, indexifembedded
content-length
22525
x-amz-cf-id
kvS964C-ISODW6Ef12wk0sOetniNGAeL9yeOsAExaV56hLz3GQOoug==
lr-0105-lr-artist-month.jpg
smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2024/01/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2024/01/lr-0105-lr-artist-month.jpg?quality=90&strip=all&w=150&type=webp&sig=AnWgXQ0FMhdQhetMNz6ILA
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
44215842e9738ff6ad6a932740d630db3c29d7d5095468e1371eac7468b9dbf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Sun, 07 Jan 2024 06:26:00 GMT
via
1.1 google
server
nginx/1.18.0
etag
"fe80ef6b3fc9e69d547abd9d6c1bab96bb365db5"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-gsq48
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6730
lr-1006-lr-old-blades-3.jpg
smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2023/10/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2023/10/lr-1006-lr-old-blades-3.jpg?quality=90&strip=all&w=150&type=webp&sig=FkitG2myqgFkVSw1Xggn8Q
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
dfb64257053c860722e7afea50469492b5435d315a4f9078fde8250156083950

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Sun, 07 Jan 2024 06:26:00 GMT
via
1.1 google
server
nginx/1.18.0
etag
"d0a830d51e32d649d21a83865fb1838f99e61211"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-gsq48
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6024
lr.0708-lr-andrew-tait.jpg
smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2022/07/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2022/07/lr.0708-lr-andrew-tait.jpg?quality=90&strip=all&w=150&type=webp&sig=g96KtT_DW1ZSu7Tek-qH4g
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
ca373666561fb77808a1a3bd5be791db20bb8c79c3f06dc3329fe607111a8b05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Sun, 07 Jan 2024 06:26:00 GMT
via
1.1 google
server
nginx/1.18.0
etag
"a23f3b2c41a94eedd458df62cafb73ff312dd8fa"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-lmdvm
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6494
lr-1222-lr-author-book-release.jpeg
smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2023/12/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2023/12/lr-1222-lr-author-book-release.jpeg?quality=90&strip=all&w=150&type=webp&sig=gQeNvLrPF1ejza0bbSGyKw
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
e7ae2c8996df7f30c9b79818a3b6e73826c8f84c4866cfc6a033eddf5f46e50c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Sun, 07 Jan 2024 06:26:00 GMT
via
1.1 google
server
nginx/1.18.0
etag
"9730df968dead47d9d2cc2b310d913b2807adcb0"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-gsq48
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6052
23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/ 		452 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30f25e81c256d0985a5bf21776bfae5456e07f49c400790a58b51cc29bc559e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:00 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
23dc09d6-b664-425a-a76e-0eed6a6cc102
age
0
x-guploader-uploadid
ABPtcPpJxj82VbUTH3dboyRQWoLEevIac3Qy-z_RxNrjHqSxJqNc94yOP4yauTrpI6U5ojn7iV-hjNqNRg
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
content-length
114398
last-modified
Thu, 04 Jan 2024 17:07:06 GMT
server
cloudflare
etag
"ace30f4e21ce4b590eb964836c2bc18a"
vary
Accept-Encoding
x-goog-generation
1704388026061867
content-type
application/javascript
x-goog-hash
crc32c=p3rB7g==, md5=rOMPTiHOS1kOuWSDbCvBig==
cache-control
public, max-age=900
x-goog-stored-content-length
114398
accept-ranges
bytes
timing-allow-origin
*
cf-ray
841a2071ebd15c1a-FRA
expires
Sun, 07 Jan 2024 06:41:00 GMT
LoginRadiusV2.js
auth.lrcontent.com/v2/js/ 		211 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.lrcontent.com/v2/js/LoginRadiusV2.js
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdd5eb5886d055428379d1938f01e5a186f7f8dbf3efc851ad9e04914302eb59
Security Headers
Name Value
Strict-Transport-Security max-age= 63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:00 GMT
strict-transport-security
max-age= 63072000; includeSubdomains; preload
via
1.1 77774663cd471a2b20da2890eff7e1a0.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
gzip
age
5246
x-amz-cf-pop
AMS58-P4
cf-polished
origSize=1336927
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cf-bgj
minify
last-modified
Mon, 04 Dec 2023 07:20:23 GMT
server
cloudflare
etag
W/"34dedade3a8f1aa4aa0db4d3bf475de7"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
841a2071eff35d61-FRA
x-amz-cf-id
PxjSnWfx6SLkurg3ElhnF63EyZXQL7UBoJvQsrwU9-xOywZX8eJZag==
expires
Sun, 07 Jan 2024 10:26:00 GMT
ms_auth_client.min.js
edge-auth.microsoft.com/js/ 		279 KB
280 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge-auth.microsoft.com/js/ms_auth_client.min.js
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.158 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
bingforbusiness.com
Software
/
Resource Hash
feb2160dccd8b0345096a272f9753c529fa2f32b843400805851dc714372d9d5
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'nonce-nMioEATDvWUXEIouNaYSH/Fj/HufS76VExjaof5+8dPQdYSHIwq8cog76V+pgqn9ANVfJrfxAolBBI22hmQ+yga+DlUP8Z1XLU63eLEZYExzs+t0Bvmcfh0zOlPWcEAmPPqYL9fbC1zwk95px08W/Jowr31XpwP1uC/YtAVObig=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
script-src 'strict-dynamic' 'nonce-nMioEATDvWUXEIouNaYSH/Fj/HufS76VExjaof5+8dPQdYSHIwq8cog76V+pgqn9ANVfJrfxAolBBI22hmQ+yga+DlUP8Z1XLU63eLEZYExzs+t0Bvmcfh0zOlPWcEAmPPqYL9fbC1zwk95px08W/Jowr31XpwP1uC/YtAVObig=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';
date
Sun, 07 Jan 2024 06:26:00 GMT
last-modified
Mon, 01 Jan 1601 00:57:17 GMT
x-msedge-ref
Ref A: 7F4DB0C5BBCB4809A0A181075CBD4BB2 Ref B: AMS231032605027 Ref C: 2024-01-07T06:26:00Z
etag
"80098cf88"
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
285448
shared.883fef4c2994.js
dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
185113239a6613ca82207e73bb41dcc84ce2274da2732f6ece828c207f2f060c

Request headers

Referer
https://www.leducrep.com/
Origin
https://www.leducrep.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:55:19 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014123
age
1593041
x-guploader-uploadid
ABPtcPoMz2UnmlKQLZY6Hl8AIagOjKfXHg-NfjyCDwszAFY60VJMJRpodibfjJ5Gz6l8eDfZ_co
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7515
last-modified
Tue, 19 Dec 2023 19:46:06 GMT
server
UploadServer
etag
W/"9821e7f2a511b6c16c288d392dd2c55d"
vary
Accept-Encoding
x-goog-generation
1703015166560299
x-goog-hash
crc32c=nd/6aQ==, md5=mCHn8qURtsFsKI05LdLFXQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
20870
accept-ranges
none
content-type
application/javascript
main.de60ce74dc51.js
dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/ 		134 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/main.de60ce74dc51.js
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
de60ce74dc51181fe850f249ae75cc015cbf18c96b9e44f5a40e9cc56b0ba85b

Request headers

Referer
https://www.leducrep.com/
Origin
https://www.leducrep.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:55:19 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014123
age
1593041
x-guploader-uploadid
ABPtcPo5bSDRwfW4q_NuYQ5J-UQFFDH-8HBbZp5zdn4sN05pqUytI__F51o7sJ3cYZoUi9XAKSw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46391
last-modified
Tue, 19 Dec 2023 19:46:06 GMT
server
UploadServer
etag
W/"0482cd44a5474059f0144f00e198305f"
vary
Accept-Encoding
x-goog-generation
1703015166460645
x-goog-hash
crc32c=6y/t+g==, md5=BILNRKVHQFnwFE8A4ZgwXw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
136827
accept-ranges
none
content-type
application/javascript
3528
config.aps.amazon-adsystem.com/configs/ 		532 B
808 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/3528
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-83.prg50.r.cloudfront.net
Software
CloudFront /
Resource Hash
79dee0042597950493e8956e9090ddc47c3decbfd1df6331349296d96ea51c0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:23:34 GMT
via
1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
PRG50-C1
age
146
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
532
x-amz-cf-id
9BVkT0pDlf23du6Qc5YhgI_LE6x2SwjMU8yLySpritZo7nIiqr1CIw==
config
c.amazon-adsystem.com/cdn/prod/ 		353 B
712 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3528&u=https%3A%2F%2Fwww.leducrep.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d00b4c8953cdf25f549728ad667759e6f7650b5bf6146ecd3ec7c087bd3265b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 03:20:24 GMT
via
1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
age
11136
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.leducrep.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
353
x-amz-cf-id
3ZlW5ECflx7_BqCOq-PkV7texZ2-WG0HAEsZmGJG2zHFS9cvlKeSNA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront)
date
Sun, 07 Jan 2024 06:26:00 GMT
x-amz-cf-pop
FRA56-P6
age
2208
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
XsECTDqc0lhNmW9eLW-4NI4NTks5Vy6SdxBHl9GYVQyEHkXs4hAI7g==
14648-pbjs-floors.json
ads.rubiconproject.com/floors/ 		65 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/floors/14648-pbjs-floors.json
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.120.249 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-120-249.deploy.static.akamaitechnologies.com
Software
Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash
34ed8105edbfc97fbadb9a12c489607da5bb361fde365244752626ea59e3f297

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
last-modified
Sun, 07 Jan 2024 05:40:37 GMT
server
Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1500
access-control-allow-credentials
true
accept-ranges
bytes
content-length
5354
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240107
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c1cfb7c6e2365e418e97e060ba0fa6fb277fadda1b54d156010a7edf60b1064
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 07 Jan 2024 06:26:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
8706
x-jsd-version
1.0.1927
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-lga21948-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"633-4uXSHVk5yCknsIHl51fG8nuVO8Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zggGyZziMTvA1cyT%2FqzBX6dcIGZZmUqYAL%2F0GO35z9IDqZCgMsGKYDcM7rJTEvwEVD9zqUfpRfjkYryCZuQolCNugqNe%2Fs15DY4irxkE1zc3DbP9BF1kvHmcgpBiHVrmji0s8oS6QiiU90DThWs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
841a2071ab331ac7-FRA
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:00 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Sun, 07 Jan 2024 06:41:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/ 		436 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 23:01:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
26657
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140253
x-xss-protection
0
server
cafe
etag
11435206252018266965
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 05 Jan 2025 23:01:43 GMT
geo.json
cdn.jwplayer.com/v2/ 		40 B
280 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/geo.json
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/v2/sites/ReDAXyY4/placements/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9c00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c7b6358e3195ae355f2d6c00a89f23dec3d277919266ed815e06c592a4c49b8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 07 Jan 2024 06:24:14 GMT
via
1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
106
x-amz-cf-id
yJDqqSaG7rMgWDBU3rhxR6T5VqpbjMGlq6rCyWLkgZQn7RJqzVw1Xg==
x-cache
Hit from cloudfront
index.js
ssl.p.jwpcdn.com/player/services/jwpsrv/v/4/ 		68 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/services/jwpsrv/v/4/index.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/v2/sites/ReDAXyY4/placements/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f733263ba0d482063be46904102884233d3e14ebc2818968db52579a7bdaf83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:00 GMT
content-encoding
gzip
via
1.1 varnish
age
1080
x-cache
HIT
content-length
20535
x-served-by
cache-fra-eddf8230131-FRA
last-modified
Wed, 13 Dec 2023 06:00:18 GMT
server
AmazonS3
x-timer
S1704608761.624692,VS0,VE0
etag
"1d1853b5560baf12b94fc6c5f4860bd2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
5
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/10276888/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H2
Server
18.245.60.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-72.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 06:36:19 GMT
content-encoding
gzip
via
1.1 2b92d172bc628dd9c34a8c262218ac02.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:02:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
85789
x-amz-server-side-encryption
AES256
etag
W/"77ff4ede4693897337a38594321529a3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
cukZZJqKnQNrOxy2-mjozFoY02S_3rYHdoQagD21VCyW8z1dPjzCPQ==

Redirect headers

date
Sun, 07 Jan 2024 06:26:00 GMT
via
1.1 2b92d172bc628dd9c34a8c262218ac02.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P5
x-cache
Miss from cloudfront
location
/internal-cs/default/beacon.js
content-length
0
x-amz-cf-id
j6JjRmGhfZ60z4BCaSbNksFGiHS0FRDz2nfvoEA4BEfE56BhoGrP9A==
truncated
/ 		256 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3fde76cacc186420d0405496f66f9cd00a7c14a38a9ffa4b626a09affe83cc2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.leducrep.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 17:28:03 GMT
x-content-type-options
nosniff
age
478677
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Dec 2024 17:28:03 GMT
icon-generic-play.svg
dcs-static.gprod.postmedia.digital/15.1.1/websites/images/common-icon/ 		1 KB
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/images/common-icon/icon-generic-play.svg
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/output.cacec43b9284.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2f28c008f0ce667d697ccc95a07377e8562c0c28dd910f864724a265f75671e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/css/output.cacec43b9284.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 20:00:07 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014127
age
1592753
x-guploader-uploadid
ABPtcPq4g4N8OVvKab0y8vfCd1J8AAnGwMST4zdnsAA6ABuJXRd4L64tUFpwOHcxcvpxBY8AW20
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
501
last-modified
Tue, 19 Dec 2023 19:46:52 GMT
server
UploadServer
etag
W/"34ef0f992f9fa3f5a172353b887ba82c"
vary
Accept-Encoding
x-goog-generation
1703015212812511
x-goog-hash
crc32c=+OS2xg==, md5=NO8PmS+fo/WhcjU7iHuoLA==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
1091
accept-ranges
none
ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyVVpcBO5Xw.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v27/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyVVpcBO5Xw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9514372ab8ac313ea8019966fdcfe91b201c3aa69f92de8346ab34af461bbad2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.leducrep.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 17:34:08 GMT
x-content-type-options
nosniff
age
478312
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21140
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 17:53:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Dec 2024 17:34:08 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.leducrep.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 01:42:27 GMT
x-content-type-options
nosniff
age
189813
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 04 Jan 2025 01:42:27 GMT
truncated
/ 		2 B
2 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
text/plain;charset=US-ASCII
postmedia-image-fallback.webp
dcs-static.gprod.postmedia.digital/15.1.1/websites/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/images/postmedia-image-fallback.webp
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
179c493864283938999b1e6cfb14839f78f9b25d1ec30faabbf9ea18216b23e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:56:15 GMT
x-goog-meta-goog-reserved-file-mtime
1703014127
age
1592985
x-guploader-uploadid
ABPtcPqpyW-kxvh3_quJmFkutMkiAUvKqG-B-ld5tITMh56KVDOttqDIJqZ_accKthUVLzpPCpWZ0vrU6IynEPg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2934
last-modified
Tue, 19 Dec 2023 19:47:10 GMT
server
UploadServer
etag
"496f3aa3adffbf2280dd5f74fb6eef8f"
x-goog-generation
1703015230909151
x-goog-hash
crc32c=Qpf2ww==, md5=SW86o63/vyKA3V90+27vjw==
access-control-allow-origin
*
content-type
application/octet-stream
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
2934
accept-ranges
bytes
b
sb.scorecardresearch.com/ 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=10276888&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1704608760685&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.leducrep.com%2F&c8=Home%20%7C%20Leduc%20Representative&c9=
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-72.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:00 GMT
via
1.1 2b92d172bc628dd9c34a8c262218ac02.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P5
x-amz-cf-id
cXooSb0kug_byXcNqSva6LepgTtDHat-ZPKbqZJJ-ni9KsFNjXueLQ==
x-cache
Miss from cloudfront
pxid
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/ 		12 B
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/pxid?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
481d77f5d1a9c24f102bb6af246ecbff595011e0d73e70b652c39d702565d47d

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 07 Jan 2024 06:26:00 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.leducrep.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
getuidj
ib.adnxs.com/ 		11 B
574 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:00 GMT
an-x-request-uuid
9dbd319c-640c-48c3-8abb-f59dcc0b3253
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.leducrep.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.77; 45.141.152.77; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
11
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
leduc.jpeg
smartcdn.gprod.postmedia.digital/ocanada/wp-content/uploads/2020/12/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/ocanada/wp-content/uploads/2020/12/leduc.jpeg?quality=90&strip=all&w=150&type=webp&sig=6LdTGk3UuGxjWvtCdfFh5A
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
d1072cddda29a2b99664822e61c1fb74dcfbacc2f49f9bc738c38e645c24b65a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
ocanada
date
Sun, 07 Jan 2024 06:26:00 GMT
via
1.1 google
server
nginx/1.18.0
etag
"ea0865f99b4908d0cb5d6bc3941d5d37cd895c83"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-vj775
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7226
ezgif.com-webp-to-jpg.jpg
smartcdn.gprod.postmedia.digital/ocanada/wp-content/uploads/2021/07/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/ocanada/wp-content/uploads/2021/07/ezgif.com-webp-to-jpg.jpg?quality=90&strip=all&w=150&type=webp&sig=VXDILJUc7KchFE5uwWAnXg
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
d45c479463aa40d8cc04e503992d5d3a869671c96712570822417bc00405a17e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
ocanada
date
Fri, 05 Jan 2024 23:18:06 GMT
via
1.1 google
server
nginx/1.18.0
age
112074
etag
"3c9c7397f8d7ad6561d4701f8d0197e35cb68500"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-gsq48
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6644
browse-marketplace-ads.jpg
smartcdn.gprod.postmedia.digital/ocanada/wp-content/uploads/2021/07/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/ocanada/wp-content/uploads/2021/07/browse-marketplace-ads.jpg?quality=90&strip=all&w=150&type=webp&sig=Zc85wD6x0blzKfhXY0J3AA
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
06f8b14586f865f6d1520c73a05b3ef0d0517c1aed3f35280933766402567570

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
ocanada
date
Fri, 05 Jan 2024 18:23:01 GMT
via
1.1 google
server
nginx/1.18.0
age
129779
etag
"3e7a222dc629c0647c877060be9d94255c0a5a0b"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-hqpqq
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10424
REMEMBERING_LILY2.png
smartcdn.gprod.postmedia.digital/ocanada/wp-content/uploads/2020/12/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/ocanada/wp-content/uploads/2020/12/REMEMBERING_LILY2.png?quality=90&strip=all&w=150&type=webp&sig=rYKwf_NcyMZVPlwhsSLPwg
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
b8387cd3ed06725f227e8db35e6655cfaf05e9fad5bd74c7117ecda7accaba2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
ocanada
date
Fri, 05 Jan 2024 18:23:01 GMT
via
1.1 google
server
nginx/1.18.0
age
129779
etag
"9a18bf53b4721203651a3785e6aa5c24ca59b061"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-hqfvf
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5160
wk-1227-wk-tyler.jpg
smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2023/12/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2023/12/wk-1227-wk-tyler.jpg?quality=90&strip=all&w=466&type=webp&sig=TPynC41XBJ2LtPJbxrZjnQ
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
4304f4b3bcc93f16c6e21fd0f404aeb4c65f4b607ac935f63bf12f4d0606aee1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Fri, 05 Jan 2024 22:37:55 GMT
via
1.1 google
server
nginx/1.18.0
age
114485
etag
"80b7bdb81edda2d8c354e382e8b25ebe484ca7f7"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-vj775
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18524
wk-1227-wk-wrps-consultation.jpg
smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2023/12/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2023/12/wk-1227-wk-wrps-consultation.jpg?quality=90&strip=all&w=344&type=webp&sig=31On66GRgPPoBpQ6RNrFhg
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
73f89d0eb1274b78dc025849b01db92e71c7f991a754206374a8e2fc1263c732

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Fri, 05 Jan 2024 23:18:06 GMT
via
1.1 google
server
nginx/1.18.0
age
112074
etag
"51e845ec1f2390fd325404e9127c2c103c22e5f2"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-8cwvh
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24626
wk-1227-wk-doug.jpg
smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2023/12/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2023/12/wk-1227-wk-doug.jpg?quality=90&strip=all&w=344&type=webp&sig=8hhBlBzcFi1XdFUpvi5LHg
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
54c5609d7a5f1ebb4c8a7358f34b94708e5c0394fb5f0053b945a83908295ad4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Fri, 05 Jan 2024 23:18:06 GMT
via
1.1 google
server
nginx/1.18.0
age
112074
etag
"80a2e8520cad0ad0e19b4fbf0dc23023ab558940"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-c2xl6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37404
wk-1227-wk-josh.jpg
smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2023/12/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2023/12/wk-1227-wk-josh.jpg?quality=90&strip=all&w=344&type=webp&sig=kDlLWXY6_ZKJVV51wRZwjw
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
eabb948157a870d9dff26a18614f365c3ba89560e0c4e8461287266c362261ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Fri, 05 Jan 2024 23:18:06 GMT
via
1.1 google
server
nginx/1.18.0
age
112074
etag
"08c4ab42038bf7e6ef999152a474c11f3cc3b115"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-c2xl6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13102
wk-1227-wk-mike.jpg
smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2023/12/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2023/12/wk-1227-wk-mike.jpg?quality=90&strip=all&w=344&type=webp&sig=lctnhJipwf9FuzMaBbP69A
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
f2654743f0b7bf1156b194d4042782592bd9bd1aee295dc69c13ba121de253d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Fri, 05 Jan 2024 23:03:34 GMT
via
1.1 google
server
nginx/1.18.0
age
112946
etag
"1cf2186dcdb2a1f02fc94af06f694351feaa9e15"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-8x5fd
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17164
wk-1227-wk-rick.jpg
smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2023/12/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2023/12/wk-1227-wk-rick.jpg?quality=90&strip=all&w=344&type=webp&sig=cnEvPLWBXRAUfq2NPGzOYA
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
83b364da532114e22d7892132d887574762b0c4da2397fec8da79b208ca0abd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Fri, 05 Jan 2024 23:18:08 GMT
via
1.1 google
server
nginx/1.18.0
age
112072
etag
"02a9bb0815ad25ff3d2ec6df0c07d94340cac096"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-lmdvm
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12748
wk-1227-wk-bike-theft.jpg
smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2023/12/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2023/12/wk-1227-wk-bike-theft.jpg?quality=90&strip=all&w=344&type=webp&sig=pjBHMaEuwtPZLeCB3J1gwg
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
585985fe93261331d637a0012035ceaaccabb8e56bf8d9ffcb72115df267ef0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Fri, 05 Jan 2024 23:03:34 GMT
via
1.1 google
server
nginx/1.18.0
age
112946
etag
"1910bc5e587cb78806e01b40dec7182c2f1b4d85"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-8x5fd
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44484
wk-1227-wk-wrestler.jpg
smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2023/12/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2023/12/wk-1227-wk-wrestler.jpg?quality=90&strip=all&w=344&type=webp&sig=64Sssi3JWvYeK7q4oO3aig
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
27be1de049dc19e26b79f1c38d57b2c6aab6c8a22e22a0d482cf4069daa7d15e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Fri, 05 Jan 2024 23:18:08 GMT
via
1.1 google
server
nginx/1.18.0
age
112072
etag
"93d5e7dc5d4aaefecb5236baba49c1404f8c927d"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-8x5fd
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23328
wk-1227-wk-wrestling.jpg
smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2023/12/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2023/12/wk-1227-wk-wrestling.jpg?quality=90&strip=all&w=344&type=webp&sig=VzFA3sPFQakGHpQSAdVXFg
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
4f35e77e01d46b80ad2a4181e62ed592745ad4e1c8df5665104ad7fba4c57ff0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Fri, 05 Jan 2024 23:03:34 GMT
via
1.1 google
server
nginx/1.18.0
age
112946
etag
"e17ac9ccff140e67d9049e1ebe50520d12ff4ed7"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-8x5fd
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22174
0104-sp-cru-1-scaled-e1704396153651.jpg
smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2024/01/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2024/01/0104-sp-cru-1-scaled-e1704396153651.jpg?quality=90&strip=all&w=344&type=webp&sig=sGsz0yZU-j3f1ADLqfeqgQ
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
0f9945a9cc4ac9d713c6d5df5bdb9ffe7594df079b8bc61158f15c8eaef1ab15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Fri, 05 Jan 2024 23:18:06 GMT
via
1.1 google
server
nginx/1.18.0
age
112074
etag
"418e989de9498cf75186ed0e6bd4b8b5ae1782b8"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-8x5fd
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18550
1221-sp-whl-scaled-e1703187987165.jpg
smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2023/12/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2023/12/1221-sp-whl-scaled-e1703187987165.jpg?quality=90&strip=all&w=344&type=webp&sig=rZ2R0bkyvYNToMQ_uIKD_A
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
84b13e4d71773ee8ab573e2ac4567892ca8a76aa65c69fae8d5a83cb66a31ed4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Fri, 05 Jan 2024 23:18:06 GMT
via
1.1 google
server
nginx/1.18.0
age
112074
etag
"e266ed965fffa1766b491378da4422a0bda18877"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-c2xl6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19234
wk-0823-wk-megan.jpg
smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2023/08/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2023/08/wk-0823-wk-megan.jpg?quality=90&strip=all&w=344&type=webp&sig=G2r3eI2x5H95uM8PKNrY7Q
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
23914ae0bc48f7f54ddfc03cf737a6bb5414afdd129c73cdf16e3af0833ab679

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Sun, 07 Jan 2024 06:21:13 GMT
via
1.1 google
server
nginx/1.18.0
age
287
etag
"450a9b873f23c7d86e30d63468259d616150dfc2"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-lmdvm
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16734
DCC-scaled.jpg
smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2023/08/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2023/08/DCC-scaled.jpg?quality=90&strip=all&w=344&type=webp&sig=9tH45uF5IIWjqW3pBmu9cw
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
c7f79e643d59639711688423d683edebda3de58bde0ad1b6750ab2d137844790

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Sun, 07 Jan 2024 06:21:13 GMT
via
1.1 google
server
nginx/1.18.0
age
287
etag
"0c93a736f76db42ced76c09b7f9925cc2a6164fa"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-fzfc8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12686
party-3-scaled.jpeg
smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2023/08/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2023/08/party-3-scaled.jpeg?quality=90&strip=all&w=344&type=webp&sig=ymRBXu7DkGqTz0CpoDmFtA
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
96de2ed282bea0459c138b9b6b71e3a9ea63c06240582f58c7c5962f218e0b8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Sun, 07 Jan 2024 06:21:13 GMT
via
1.1 google
server
nginx/1.18.0
age
287
etag
"60305c8a3b6d17c884e45f85a824179de0c9f673"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-fzfc8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31448
lr-0616-lr-leduc-singer.jpg
smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2023/06/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2023/06/lr-0616-lr-leduc-singer.jpg?quality=90&strip=all&w=344&type=webp&sig=wtIWibYLNfg3BngYAw1EAw
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
57833e1361b15142f6ead5d7841d896101fe394eda2786f89ff24331ed7ad69b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Sun, 07 Jan 2024 06:21:13 GMT
via
1.1 google
server
nginx/1.18.0
age
287
etag
"4a56e6da6a74aeac750a0b094a27941e809ac97a"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-8x5fd
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14820
lr-0623-lr-on-the-river.jpg
smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2023/06/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2023/06/lr-0623-lr-on-the-river.jpg?quality=90&strip=all&w=344&type=webp&sig=FZkCuddYQhzYlOTlPsfUGA
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
9e6c302aec8ad80630935c7fef57d6e6a6094a2ce0fbc884c13b25edc2feb3a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Sun, 07 Jan 2024 06:21:13 GMT
via
1.1 google
server
nginx/1.18.0
age
287
etag
"8670791483ef168e37f09b3ebec1f8ffe9a4d1b4"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-hqpqq
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27554
su-0106-su-a3-amberwood.jpeg
smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2024/01/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2024/01/su-0106-su-a3-amberwood.jpeg?quality=90&strip=all&w=344&type=webp&sig=Pt_eHTVr3R3Tl9tsFOQbAw
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
ef4fdf290e2eb8d9f89d83c6d45733b8c152cd936bc7fed996e5221bff246002

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Sat, 06 Jan 2024 16:40:17 GMT
via
1.1 google
server
nginx/1.18.0
age
49543
etag
"d42cfef4c9e5eeb69d67403e5807d70211c72e95"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-c2xl6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29140
bloom-foodshoot046.jpg
smartcdn.gprod.postmedia.digital/calgaryherald/wp-content/uploads/2023/12/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/calgaryherald/wp-content/uploads/2023/12/bloom-foodshoot046.jpg?quality=90&strip=all&w=344&type=webp&sig=ChHWYN6fMPKIDwrseTcikA
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
708f03b8f94e179099cc45c3df7b1ceb3ba1da9275c882c8b06f9afad04eca9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
calgaryherald
date
Sun, 07 Jan 2024 06:17:03 GMT
via
1.1 google
server
nginx/1.18.0
age
537
etag
"4cf933507a2065b26c853b8d5f560ee3556c27da"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-8cwvh
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26674
490361148-e1703269004854.jpg
smartcdn.gprod.postmedia.digital/calgaryherald/wp-content/uploads/2023/12/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/calgaryherald/wp-content/uploads/2023/12/490361148-e1703269004854.jpg?quality=90&strip=all&w=344&type=webp&sig=GWqw1C_hDeFOVW8jVGTulQ
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
baf101a8ee08c36ef8f7f95fab473b51076c36e249efb634971809594ad39343

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
calgaryherald
date
Sat, 06 Jan 2024 16:12:22 GMT
via
1.1 google
server
nginx/1.18.0
age
51218
etag
"f457776a0f476677cb4f3a0d80073b9e124983a9"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-c2xl6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12542
plaza-theatre-heritage-121323-gyd-7-e1703782232573.jpg
smartcdn.gprod.postmedia.digital/calgaryherald/wp-content/uploads/2023/12/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/calgaryherald/wp-content/uploads/2023/12/plaza-theatre-heritage-121323-gyd-7-e1703782232573.jpg?quality=90&strip=all&w=344&type=webp&sig=x6M7fGioCPiIOG92cqhO4A
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
5a856b73c57935552e18e95b896eaedd77342acfa6087ea0d393c5d46c6786ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
calgaryherald
date
Sat, 06 Jan 2024 16:51:24 GMT
via
1.1 google
server
nginx/1.18.0
age
48876
etag
"42ac2f20f0515a40e5c313083857f797ae563c44"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-8cwvh
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29678
1104-city-col-juhl-sex-ed.jpg
smartcdn.gprod.postmedia.digital/montrealgazette/wp-content/uploads/2023/12/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/montrealgazette/wp-content/uploads/2023/12/1104-city-col-juhl-sex-ed.jpg?quality=90&strip=all&w=344&type=webp&sig=FKayd3uboU-f0yrA7B5Tmg
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
cb1a06802fe82d8bd24aeecf58f0cf8e09be5a5ee1c29e3e65e78205de26ab89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
montrealgazette
date
Sat, 06 Jan 2024 16:51:24 GMT
via
1.1 google
server
nginx/1.18.0
age
48876
etag
"4273b04bb0e2b8a5ab55034ac7ffc085ef5fff96"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-8cwvh
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30118
Christina-website-scaled-2560.jpg
smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2020/02/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2020/02/Christina-website-scaled-2560.jpg?quality=90&strip=all&w=344&type=webp&sig=VUQwQBb8SVRO7i3DWWrDaA
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
5f0ebbcfa8e8f6e51ed27788c59d0e7cb59f37e96c5c07624fd510e49182e690

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Fri, 05 Jan 2024 23:03:34 GMT
via
1.1 google
server
nginx/1.18.0
age
112946
etag
"ddf82f18c55dea4d7c157c36e71dd6f400f13ade"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-8x5fd
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15736
wk-1227-wk-ashoro.jpg
smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2023/12/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nexus/wp-content/uploads/2023/12/wk-1227-wk-ashoro.jpg?quality=90&strip=all&w=344&type=webp&sig=WKzqAXLQ2hKY27qSOLW_xA
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
235dae23f3a7ff07cfdec67e039fcf9ac87130f7c0b9f539eb143c83b506327f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nexus
date
Fri, 05 Jan 2024 23:18:06 GMT
via
1.1 google
server
nginx/1.18.0
age
112074
etag
"07a4220901c2aa8e2fd4240f46593d73948f74f3"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-c2xl6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39914
2024-Toyota-GR86-10.jpg
smartcdn.gprod.postmedia.digital/driving/wp-content/uploads/2024/01/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/driving/wp-content/uploads/2024/01/2024-Toyota-GR86-10.jpg?quality=90&strip=all&w=344&type=webp&sig=vUnm2IQAfm7-iff4KccoMQ
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
2264a47c142662847172ff157d15c920fd0896e2fbd7b9b10b341f3641d2afb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
driving
date
Fri, 05 Jan 2024 19:41:49 GMT
via
1.1 google
server
nginx/1.18.0
age
125051
etag
"9b909480305d9d0f378f35afc9d599c420db2eed"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-gsq48
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9938
2586_2011_Sorento.jpg
smartcdn.gprod.postmedia.digital/driving/wp-content/uploads/2024/01/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/driving/wp-content/uploads/2024/01/2586_2011_Sorento.jpg?quality=90&strip=all&w=344&type=webp&sig=TsB23Heq-pIn_6fq2fWmSg
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
385a051b07e00b731b5ee93df0ada3f76eec9420130d044174fd47f8a7541110

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
driving
date
Fri, 05 Jan 2024 16:33:18 GMT
via
1.1 google
server
nginx/1.18.0
age
136362
etag
"349e9a2563264a5e71d15acd99c15aadb5006b29"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-lmdvm
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20358
GR-Sienna-1-e1704471174312.png
smartcdn.gprod.postmedia.digital/driving/wp-content/uploads/2024/01/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/driving/wp-content/uploads/2024/01/GR-Sienna-1-e1704471174312.png?quality=90&strip=all&w=344&type=webp&sig=z5d5faXl2JDyoeTbcuvdNg
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
b57052b064a6778aa693bda164f8fe253440d6dc9fe6a513218ab5ef3774e051

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
driving
date
Fri, 05 Jan 2024 16:16:50 GMT
via
1.1 google
server
nginx/1.18.0
age
137350
etag
"efa4ed657239a51b8ac423de5175a2e641ec1be8"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-hqpqq
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12264
2022-Ford-F-150-Tremor-Justin-Pritchard-6.jpeg
smartcdn.gprod.postmedia.digital/driving/wp-content/uploads/2022/07/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/driving/wp-content/uploads/2022/07/2022-Ford-F-150-Tremor-Justin-Pritchard-6.jpeg?quality=90&strip=all&w=344&type=webp&sig=k-zd64VKi-98xzSzeiC2pg
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
70bf3d5b5f237c256e6b83d5f3dd5937c270ed5350f428daf753c704a7691af9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
driving
date
Fri, 05 Jan 2024 11:22:46 GMT
via
1.1 google
server
nginx/1.18.0
age
154994
etag
"632952de99ed2bf2357842849e64ff99a7d092aa"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-c2xl6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18088
029A0223-copy.jpg
smartcdn.gprod.postmedia.digital/driving/wp-content/uploads/2023/07/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/driving/wp-content/uploads/2023/07/029A0223-copy.jpg?quality=90&strip=all&w=344&type=webp&sig=uVUDh22LErOg5ND1vlA-oQ
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
10bab8fa8b44619c030dfc898a90c7fecd3cfff62ae2a38088f8251fa2d8ae00

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
driving
date
Thu, 04 Jan 2024 21:02:41 GMT
via
1.1 google
server
nginx/1.18.0
age
206599
etag
"66a27b0c15cae780d84d009ed09d0193a685bfa4"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-c2xl6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30142
lamb-womb.png
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2024/01/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2024/01/lamb-womb.png?quality=90&strip=all&w=344&type=webp&sig=fIz-SxHVae3EtIVjHZGTOQ
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
3a71fb1dfb93ed408b42996e23db255f4170ad23fb4a3b9cc6265c14681a3dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Tue, 02 Jan 2024 16:50:01 GMT
via
1.1 google
server
nginx/1.18.0
age
394559
etag
"15b4aa81df856bc485feb878f98d5e3a35064082"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-pzlh2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33046
HPV-test-1.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/12/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/12/HPV-test-1.jpg?quality=90&strip=all&w=344&type=webp&sig=GN1948plXDcW9r__t7hHAA
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
2befc1bd045716da14e16df592a9887948de7a99bafca66af09be7feee0a4e17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Sat, 06 Jan 2024 16:51:24 GMT
via
1.1 google
server
nginx/1.18.0
age
48876
etag
"82eaa2dc90ac974adcaba567a457f96a8e05c4a6"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-8cwvh
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18382
1222-cancer-3.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/12/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/12/1222-cancer-3.jpg?quality=90&strip=all&w=344&type=webp&sig=KS_uJodA9Liyr6fY0N5LTA
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
d44a48532023bfe105b175fb6392a3bb0a36c35ea113b75f1c77d418f32cf72d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Sat, 06 Jan 2024 16:51:24 GMT
via
1.1 google
server
nginx/1.18.0
age
48876
etag
"c01e3ac2464ceca9684c7d81bcf77fb3763285d8"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-c2xl6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42196
GettyImages-624084050.jpeg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/12/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/12/GettyImages-624084050.jpeg?quality=90&strip=all&w=344&type=webp&sig=bKruBxQiASEQgmThSiS3PA
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
b9d563addef16ac42c163e80f3e0dbcac7cd2bbddfdaaae55a764060a9be8e89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Sat, 23 Dec 2023 15:49:05 GMT
via
1.1 google
server
nginx/1.18.0
age
1262215
etag
"0b930d8c045487253ca0f9bd3a3582764f6c1edb"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-vj775
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28028
fullsizerender.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/12/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/12/fullsizerender.jpg?quality=90&strip=all&w=344&type=webp&sig=bI8Sg0-M7jq5BBWVXjLwYg
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
7a52b6338179ab8d85a30457700b3cb5bab64097f82780fedd1c3aab42aede7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Thu, 28 Dec 2023 09:50:40 GMT
via
1.1 google
server
nginx/1.18.0
age
851720
etag
"63a485fcdfceae6f997d87fba5baf8e9022710da"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-567dbd58cf-fzfc8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39322
688c080cafcfa4457b823.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/688c080cafcfa4457b823.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f8859622b014c35916f294efc76fdb684a5681149809636416851b765d4eaf39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:55:20 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014125
age
1593040
x-guploader-uploadid
ABPtcPo2iOj4WpPOnP4PjLZANMIFmCwxJsVL7Miw1PXAK1g5zLsfhrwhWvzW4_6dt3oIu7LicX5K4W-oOQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3749
last-modified
Tue, 19 Dec 2023 19:47:18 GMT
server
UploadServer
etag
W/"732fda2c30c3393b58bf994c348513e9"
vary
Accept-Encoding
x-goog-generation
1703015238971652
x-goog-hash
crc32c=Vq7U3Q==, md5=cy/aLDDDOTtYv5lMNIUT6Q==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
11752
accept-ranges
none
f8ea7554630384877a2617.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/f8ea7554630384877a2617.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1185218883cb5ec765c3292aaaccf15869b99c089b1c938266134666608a6ba1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:55:20 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014124
age
1593040
x-guploader-uploadid
ABPtcPqg2XaeZq1io9MhusC0L03UKWdjOL-qyNyGI0QasJq-7JtDZn7tSdeo1a5cdcUaOlEQyzo9goxWxg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4454
last-modified
Tue, 19 Dec 2023 19:47:20 GMT
server
UploadServer
etag
W/"63ac658e3632ca1e5a0f6645b4912a38"
vary
Accept-Encoding
x-goog-generation
1703015240772266
x-goog-hash
crc32c=Q2a+sw==, md5=Y6xljjYyyh5aD2ZFtJEqOA==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
14083
accept-ranges
none
7380f428297495c9787e0.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/7380f428297495c9787e0.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8d3d191d44b6a042adb3ac86d403f8eaa0f7d28056ce74fb3ec3bc65aff5178f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:55:20 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014125
age
1593040
x-guploader-uploadid
ABPtcPpd3ab4EkBPPJIGU3NRkPh2rUaJKvtql21bNswPltQHsUX7guErqiN8dmxCsyc2OTDQ4yvISmRvHQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2829
last-modified
Tue, 19 Dec 2023 19:47:19 GMT
server
UploadServer
etag
W/"16a345a6eb36c4391df09d45582d99e7"
vary
Accept-Encoding
x-goog-generation
1703015239108648
x-goog-hash
crc32c=eCv7Ug==, md5=FqNFpus2xDkd8J1FWC2Z5w==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
6981
accept-ranges
none
836d4e0fd22a7dc68a052.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/836d4e0fd22a7dc68a052.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
102879bcdf1bb8d7079cbf09cd33581139013f7a0b109c64fd2a8f9511f3cbf7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:57:33 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014124
age
1592907
x-guploader-uploadid
ABPtcPrfCIKBmi__OnzD8myBXUGlKROk9y3-FffnSw-kLzbDI6wNVWSWXAX6jF1iYR890JkTtgZNiFwR0g
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11016
last-modified
Tue, 19 Dec 2023 19:47:19 GMT
server
UploadServer
etag
W/"40601ecfe330a5efc9af7222edd73d39"
vary
Accept-Encoding
x-goog-generation
1703015239470643
x-goog-hash
crc32c=1HdvsQ==, md5=QGAez+Mwpe/Jr3Ii7dc9OQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
35648
accept-ranges
none
6a86c658a5e7c0d0e7db5.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/6a86c658a5e7c0d0e7db5.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6be53e044a8e84e3c66d8eb5d2f359feba5b32c072ef3456830f32acedb163a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 20:04:17 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014125
age
1592503
x-guploader-uploadid
ABPtcPqsKNd5UFvtW2sj9eeIY6rEoYfQMsufk_FMq4iXVT-BARGMARBMeU9KDM6SYHIGmDucD18MpBTLDw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3497
last-modified
Tue, 19 Dec 2023 19:47:19 GMT
server
UploadServer
etag
W/"58c394221ccae33c2c42f73f3470f6f5"
vary
Accept-Encoding
x-goog-generation
1703015239045531
x-goog-hash
crc32c=hNkDkQ==, md5=WMOUIhzK4zwsQvc/NHD29Q==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
10705
accept-ranges
none
990b9e18d9293f53494350.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		224 B
253 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/990b9e18d9293f53494350.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3f16a99683ec813507fab742f11167db01a3c2ced3fdaa6f1ea859d2f9f4fe2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 20:04:17 GMT
x-goog-meta-goog-reserved-file-mtime
1703014124
age
1592503
x-guploader-uploadid
ABPtcPoXM7ADVBTJ2bsXHgapBOM94DhQ9dRzIl1FMpuDUz-oS7iMeQlY2xlaaFPCgPjk1Dy6mmvgyr6jMA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
224
last-modified
Tue, 19 Dec 2023 19:47:19 GMT
server
UploadServer
etag
"f2717194027d340cf5c65feefc7ab9b0"
x-goog-generation
1703015239620849
x-goog-hash
crc32c=YHGd/A==, md5=8nFxlAJ9NAz1xl/u/Hq5sA==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
224
accept-ranges
bytes
1ef368c136434f274a3128.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/1ef368c136434f274a3128.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c2a7c80301032f20f90d00a75cef91a4af5a7fa04651eaac3281f66466c8e8dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 20:04:17 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014125
age
1592503
x-guploader-uploadid
ABPtcPrlElsr86cxRe4Vqr-o2agz5tzlu3xd4IwEMWNBnGPpQbvy5Lctol553brkHhcM4VkJX86-ztNQ_A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3672
last-modified
Tue, 19 Dec 2023 19:47:15 GMT
server
UploadServer
etag
W/"811b1520f4ab50634eefe75c81fe95b2"
vary
Accept-Encoding
x-goog-generation
1703015235676437
x-goog-hash
crc32c=+Tp0ug==, md5=gRsVIPSrUGNO7+dcgf6Vsg==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
11527
accept-ranges
none
cf5d329b7f5a70d26c0a18.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		750 B
785 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/cf5d329b7f5a70d26c0a18.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
0bc0805d442ae7ead864b82381c168035e8d70535e6f6acea31f4f1caf65ae58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 20:04:17 GMT
x-goog-meta-goog-reserved-file-mtime
1703014125
age
1592503
x-guploader-uploadid
ABPtcPo2T82ffhfL_BcHP-jzGDFKH3CpK_SFbm37uzeQEIjMGYQvP5sc5yQ2QaO_eOokP5bq6UrJEmNNzw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
750
last-modified
Tue, 19 Dec 2023 19:47:20 GMT
server
UploadServer
etag
"95321bd12efb680204d12be98f3d7ba4"
x-goog-generation
1703015240256252
x-goog-hash
crc32c=WLxsPQ==, md5=lTIb0S77aAIE0Svpjz17pA==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
750
accept-ranges
bytes
286b462e1048adda4f6f36.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/286b462e1048adda4f6f36.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
77f014b24f1d51b9e8feb12df701a957c14c0be286d6c914975afd019d15a79a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:55:29 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014125
age
1593031
x-guploader-uploadid
ABPtcPo93MG_niYGf5VV9TRx9Lbyc5-q4n61CnMOXqOF8bqewWudbdJguZvfmktSEzP5e6ABwF6xP987xQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1072
last-modified
Tue, 19 Dec 2023 19:47:16 GMT
server
UploadServer
etag
W/"3d636269883d1e0a8bcb405d83e6136d"
vary
Accept-Encoding
x-goog-generation
1703015236440261
x-goog-hash
crc32c=MY5NLg==, md5=PWNiaYg9HgqLy0Bdg+YTbQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
2461
accept-ranges
none
cb72fc449da58641945238.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/cb72fc449da58641945238.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
5d410b4aea9f38a035bdc4323315891f9e798d297e3e3db8d000f6e63f54cb51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 20:04:18 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014124
age
1592502
x-guploader-uploadid
ABPtcPoyuSWsRBW2x817t9e6xHBvWHXBvU-47TV4gEQLbYuteHyJfoij1vmTWkgSQziprvqK_qmOTfuKvA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2981
last-modified
Tue, 19 Dec 2023 19:47:20 GMT
server
UploadServer
etag
W/"48956c4b87ff7d0af1cbae347e1d78eb"
vary
Accept-Encoding
x-goog-generation
1703015240228053
x-goog-hash
crc32c=zWYpSg==, md5=SJVsS4f/fQrxy640fh146w==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
10050
accept-ranges
none
29937f2d-3f9c-4c53-9dc8-a5308ad350d0
https://www.leducrep.com/ 		159 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.leducrep.com/29937f2d-3f9c-4c53-9dc8-a5308ad350d0
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d09cb7ee7ca0b5197e35281a401882b36f2be6a08dc219adcad051d3111b1fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
163076
Content-Type
034ef356-5223-4d22-acbc-5283517c7495
https://www.leducrep.com/ 		159 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.leducrep.com/034ef356-5223-4d22-acbc-5283517c7495
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d09cb7ee7ca0b5197e35281a401882b36f2be6a08dc219adcad051d3111b1fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
163076
Content-Type
geoip
api.permutive.com/v2.0/ 		246 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
f0a83b6becd906b85b94429b38e4a2211ee929a9b51cbb262328cb7b89c926c3

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 07 Jan 2024 06:26:00 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.leducrep.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
168
watson
api.permutive.com/v2.0/ 		343 B
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/watson?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
3cba60887300fdac6e03d9b0a464c9d5534b43c83d0309c010e8fb1ac07c8eb3

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 07 Jan 2024 06:26:00 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.leducrep.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
237
4f4d1628a8065ccff16624.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/4f4d1628a8065ccff16624.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
43a42702c59bc37d11cb776ffd904de25fe945c6028ef290dabfd0e977a88366

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:55:20 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014125
age
1593040
x-guploader-uploadid
ABPtcPqda23I98f5cofe0nSda56RcL7AGJ-y9G6VshCW2CCxa3uLDu8OH5MyZ-bDdjLGf-by63eGCVigsg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2093
last-modified
Tue, 19 Dec 2023 19:47:18 GMT
server
UploadServer
etag
W/"c6326d88acc6beb06cf9db5fffaee6c6"
vary
Accept-Encoding
x-goog-generation
1703015238307588
x-goog-hash
crc32c=hqW8ug==, md5=xjJtiKzGvrBs+dtf/67mxg==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
6047
accept-ranges
none
4c053bd7593db896d5bd4.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/4c053bd7593db896d5bd4.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
87b85c256b170188318d0d8c695f43153651f18ee7a4788101b65da65ae0b85d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:55:20 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1703014124
age
1593040
x-guploader-uploadid
ABPtcPrhR49xG5AQP-I787WR1kL3SOnQ-WxCai1kDI8pXw8ugotIOMcj_Yl7S6_lvCcuyacK6E5Fyje3Uw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4388
last-modified
Tue, 19 Dec 2023 19:47:18 GMT
server
UploadServer
etag
W/"7483c234c6571a1ccf1dad53c7ccc622"
vary
Accept-Encoding
x-goog-generation
1703015238079242
x-goog-hash
crc32c=cT/cag==, md5=dIPCNMZXGhzPHa1Tx8zGIg==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
15526
accept-ranges
none
a22185a71907d8927c8537.js
dcs-static.gprod.postmedia.digital/15.1.1/websites/js/ 		224 B
264 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/a22185a71907d8927c8537.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/CACHE/js/shared.883fef4c2994.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e6214b2559f67192d41d07d928357497936f068d2953d63646bbfe104b1d68c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 19:55:20 GMT
x-goog-meta-goog-reserved-file-mtime
1703014125
age
1593040
x-guploader-uploadid
ABPtcPqz8XqEb8MaDqnZKQPGaKoDm8tcIRTASYjC3q4CR3RUJbxKekshvGpEcB93U3L-0e-9P6_16lauPQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
224
last-modified
Tue, 19 Dec 2023 19:47:19 GMT
server
UploadServer
etag
"4ee0e989a064cf6630bf9ebee4879191"
x-goog-generation
1703015239741862
x-goog-hash
crc32c=jUJANA==, md5=TuDpiaBkz2Ywv56+5IeRkQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
224
accept-ranges
bytes
23dc09d6-b664-425a-a76e-0eed6a6cc102-models.bin
cdn.permutive.com/models/v2/ 		74 KB
51 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/models/v2/23dc09d6-b664-425a-a76e-0eed6a6cc102-models.bin
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:7611 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22f2060365e34c12dd716fcfb19b771866ad57259178c974deebb5fa30f31095

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 07 Jan 2024 06:26:00 GMT
content-encoding
gzip
cf-cache-status
MISS
x-goog-meta-oid
23dc09d6-b664-425a-a76e-0eed6a6cc102
age
0
x-guploader-uploadid
ABPtcPp7lVjeuMJscTPCpeT-M6ak6UHK_WaWPGSRJxi3RMPpXAWsxIkFQGf70eKQdYOwh8MrC_hzK9CU
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
51175
last-modified
Sun, 07 Jan 2024 06:02:13 GMT
server
cloudflare
etag
"34d7dc9b02850c791207b649897da122"
vary
Accept-Encoding
x-goog-generation
1704520939950658
content-type
application/x-binary
access-control-allow-origin
*
x-goog-hash
crc32c=Iyg7rQ==, md5=NNfcmwKFDHkSB7ZJiX2hIg==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
51175
accept-ranges
bytes
timing-allow-origin
*
cf-ray
841a20730c6d9007-FRA
expires
Sun, 07 Jan 2024 06:26:00 GMT
/
www.leducrep.com/api-root/media/videos/playlists/OTwDxVhQ/player/json/ 		14 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.leducrep.com/api-root/media/videos/playlists/OTwDxVhQ/player/json/
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/688c080cafcfa4457b823.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.249.109 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
109.249.111.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
65e5c4a834f77fb4a15f777193dcf2cf5395bacadf7cb29179562881b309f45d
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:00 GMT
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-content-type-options
nosniff
content-encoding
gzip
x-envoy-decorator-operation
pmd-nginx-proxy.nginx-proxy.svc.cluster.local:80/*
via
1.1 google
x-envoy-upstream-service-time
15
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
referrer-policy
strict-origin-when-cross-origin
last-modified
Sunday, 07-Jan-2024 06:26:00 GMT
server
istio-envoy
x-pmd-backend
pmd-nginx-proxy-6cbdf6d5bf-kmbl2
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,Accept, Cookie, Origin
content-type
application/json
allow
GET, HEAD, OPTIONS
cache-control
max-age=900,no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
permissions-policy
autoplay=(*), camera=(*), display-capture=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), microphone=(*), payment=(*)
expires
Sun, 07 Jan 2024 06:28:57 GMT
simple
api.sail-personalize.com/v1/personalize/ 		256 B
473 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Requested by
Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash
89df7ffe58aabc66f0aacf387a87c81dcb17141ded528d0d92280ea9165795a6

Request headers

x-lib-version
v1.0.1
accept-language
de-DE,de;q=0.9
authorization
Bearer b9d3df2fccd108b5eff3c44f573b2cd6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://www.leducrep.com/
x-referring-url
https://www.leducrep.com/

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
allowedorigins
*
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
allowedmethods
GET,OPTIONS
cache-control
no-store
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length
172
expires
-1
simple
api.sail-personalize.com/v1/personalize/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method
GET
Origin
https://www.leducrep.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin
https://www.leducrep.com
access-control-max-age
1800
allow
HEAD,GET,OPTIONS
content-length
18
content-type
text/plain
date
Sun, 07 Jan 2024 06:26:01 GMT
segment
api.permutive.com/adv/v2/ 		14 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 07 Jan 2024 06:26:00 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14
content-type
application/json
comscore.js
storage.googleapis.com/pmd-dev-northamerica-northeast1-asset-analytics-pub/js/ 		168 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/pmd-dev-northamerica-northeast1-asset-analytics-pub/js/comscore.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/286b462e1048adda4f6f36.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
276b5244682738d09b1f2ea556faf7d6d967c844fa95c762c121a0957ebe4503

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 05:58:33 GMT
age
1647
x-guploader-uploadid
ABPtcPrbY9dLkP9lWG5LZQpo322m0M8AGWsmNubAlOzPrGkHSFIuthv79ycI1EbQz6YWfWo51ukKIeyi
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
171739
last-modified
Tue, 13 Sep 2022 19:04:43 GMT
server
UploadServer
etag
"702fb2c84c6e8b364a6130cb860c7987"
x-goog-generation
1663095883714722
x-goog-hash
crc32c=aQkgGQ==, md5=cC+yyExuizZKYTDLhgx5hw==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
171739
accept-ranges
bytes
expires
Sun, 07 Jan 2024 06:58:33 GMT
pub
pixel.adsafeprotected.com/services/ 		302 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=928934&slot=%7Bid:jw-ad-1,ss:%5B640.480%5D,p:undefined,t:video%7D&wr=1600.1200&sr=1600.1200&sessionId=ef3b624c-08f3-e1c1-2994-bed573367b6b&url=https%253A%252F%252Fwww.leducrep.com%252F
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.121.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-121-166.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
97cd2b1b2840136e52370255998fb38b3b539e5cc5159dbeb13e58d50ae11915

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
server
nginx
x-server-name
app03.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.leducrep.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
FFz78aBF-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/PLQkjmPj/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/FFz78aBF-320.jpg
31 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/FFz78aBF-320.jpg
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H2
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8c43aae3bb216780a6443ade8f02bd7c8e69812821ef67bc40e89cf19366c50c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
694
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
30659
x-served-by
cache-iad-kjyo7100158-IAD, cache-fra-eddf8230131-FRA
last-modified
Wed, 20 Dec 2023 21:29:19 GMT
server
nginx
x-timer
S1704608761.031104,VS0,VE3
etag
"a335bd741843bf915b3ba0ae4f3e927e"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
76505, 1

Redirect headers

date
Sun, 07 Jan 2024 06:25:53 GMT
via
1.1 df0aa1ee2f3a5b8f1aa2a31aa4b7db86.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
PRG50-C1
age
7
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/FFz78aBF-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Hit from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
gQlY5I53UXRSGdALRixfS-G6KJRlycHisoKbC_W2ARPBm0UEqWJw6A==
bnNxloGy-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/3P97Gxnf/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/bnNxloGy-320.jpg
28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/bnNxloGy-320.jpg
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H2
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
659a39402e1d81bf940a4a59d323fa097b671fb45b1e75251cf15e41ec20d6cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
695
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
28174
x-served-by
cache-iad-kjyo7100127-IAD, cache-fra-eddf8230131-FRA
last-modified
Wed, 20 Dec 2023 01:16:53 GMT
server
nginx
x-timer
S1704608761.017565,VS0,VE1
etag
"fb279d1eb9802fea85ddadd1ed611c18"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
91241, 1

Redirect headers

date
Sun, 07 Jan 2024 06:25:53 GMT
via
1.1 df0aa1ee2f3a5b8f1aa2a31aa4b7db86.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
PRG50-C1
age
7
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/bnNxloGy-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Hit from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
-YwPajvvQr-2jPBXR_wfv8jBOfKFbrSk2SqYkb9E90iIIGpT_4J7aw==
BSVUi8pf-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/3qy56TsQ/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/BSVUi8pf-320.jpg
37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/BSVUi8pf-320.jpg
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H2
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ffcb64c988daac65faa37050a32018092b8107999952e2b59114079c025b49fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
694
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
37582
x-served-by
cache-iad-kjyo7100157-IAD, cache-fra-eddf8230131-FRA
last-modified
Fri, 15 Dec 2023 19:18:18 GMT
server
nginx
x-timer
S1704608761.017590,VS0,VE2
etag
"d81d24d8a6f83d9d38a19d6a07ec7cee"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
65469, 1

Redirect headers

date
Sun, 07 Jan 2024 06:25:53 GMT
via
1.1 df0aa1ee2f3a5b8f1aa2a31aa4b7db86.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
PRG50-C1
age
7
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/BSVUi8pf-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Hit from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
CmLlUBrgyX3K6aiWA0-_6hM97yHFBoDYbedBj63llT9OFnJgbnmPww==
xthNEYuk-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/tsudp1vD/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/xthNEYuk-320.jpg
34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/xthNEYuk-320.jpg
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H2
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a153cbfb7c219b19ed8f17c88bcae1bd2509fcb926bb99c2bfad3bc492e3f333

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
695
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
34188
x-served-by
cache-iad-kcgs7200024-IAD, cache-fra-eddf8230131-FRA
last-modified
Wed, 13 Dec 2023 17:54:24 GMT
server
nginx
x-timer
S1704608761.017614,VS0,VE1
etag
"e826664ebf800ef2931ee6600f25b965"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
2830, 1

Redirect headers

date
Sun, 07 Jan 2024 06:25:53 GMT
via
1.1 df0aa1ee2f3a5b8f1aa2a31aa4b7db86.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
PRG50-C1
age
7
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/xthNEYuk-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Hit from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
xiup2I83YfeH4KpTPOByU8Az5UHeObwvuvvx2jqecUyHt4zeVNLUEw==
iMLWXmHL-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/ZWikScTW/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/iMLWXmHL-320.jpg
29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/iMLWXmHL-320.jpg
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H2
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
eeaedddf1e7c1786533bd591ab2f4c7b7581f4ecb1a304e33bc612bf1e7b12a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
695
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
29108
x-served-by
cache-iad-kjyo7100028-IAD, cache-fra-eddf8230131-FRA
last-modified
Fri, 08 Dec 2023 15:28:54 GMT
server
nginx
x-timer
S1704608761.017576,VS0,VE1
etag
"a45847b4b6e4072f239de4cd55259ee7"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
11235, 1

Redirect headers

date
Sun, 07 Jan 2024 06:25:53 GMT
via
1.1 df0aa1ee2f3a5b8f1aa2a31aa4b7db86.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
PRG50-C1
age
7
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/iMLWXmHL-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Hit from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
SeKjy3NdVBL2HgHO8XRJ_V0MdKghc8autCu6nvrcgN-oQoi0Eo92Cw==
mJXTy8aZ-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/N7kEWSZt/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/mJXTy8aZ-320.jpg
25 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/mJXTy8aZ-320.jpg
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H2
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff4e8e09c759d10bb5fbf7090fd1ce5a6cecee6e2e5038ef9ff2ddb310eab592

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
695
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
24571
x-served-by
cache-iad-kjyo7100084-IAD, cache-fra-eddf8230131-FRA
last-modified
Wed, 29 Nov 2023 21:16:28 GMT
server
nginx
x-timer
S1704608761.017658,VS0,VE1
etag
"25d4518066628df05f48cedf6e311170"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
92148, 1

Redirect headers

date
Sun, 07 Jan 2024 06:25:53 GMT
via
1.1 df0aa1ee2f3a5b8f1aa2a31aa4b7db86.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
PRG50-C1
age
7
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/mJXTy8aZ-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Hit from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
kre4ex9PUo7dPLAzBmxQ4sGtg4nN8RvLD_3hV3moP4m813kej7YN7Q==
1MvalMEH-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/VCF8yUO3/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/1MvalMEH-320.jpg
26 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/1MvalMEH-320.jpg
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H2
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3e9bdf1243d78b069392b4019c5dcd920b3c03ad85d0c8271435789a04ae9fb0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
694
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
25721
x-served-by
cache-iad-kcgs7200155-IAD, cache-fra-eddf8230131-FRA
last-modified
Tue, 28 Nov 2023 18:15:31 GMT
server
nginx
x-timer
S1704608761.017487,VS0,VE1
etag
"ebcdde1b529cdd59da80167c34176822"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
38991, 1

Redirect headers

date
Sun, 07 Jan 2024 06:25:53 GMT
via
1.1 df0aa1ee2f3a5b8f1aa2a31aa4b7db86.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
PRG50-C1
age
7
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/1MvalMEH-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Hit from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
miwkGKB-2MSe-SBWWODZPtvMKb41225hlIPZg-xf2x8RPBG4B1F6jQ==
fXivziBz-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/KGcPRU3z/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/fXivziBz-320.jpg
26 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/fXivziBz-320.jpg
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H2
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
826d7d7528787f06e20fa0352caee25a542acc68342488821087c25105d4113e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
694
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
24962
x-served-by
cache-iad-kjyo7100165-IAD, cache-fra-eddf8230131-FRA
last-modified
Mon, 27 Nov 2023 21:18:54 GMT
server
nginx
x-timer
S1704608761.017501,VS0,VE1
etag
"c4ddef92938e04223ee80a0fbfab6c11"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
52317, 1

Redirect headers

date
Sun, 07 Jan 2024 06:25:53 GMT
via
1.1 df0aa1ee2f3a5b8f1aa2a31aa4b7db86.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
PRG50-C1
age
7
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/fXivziBz-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Hit from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
k04ipfFwSYe3E3sD8cuHbV-ypYlHp8csdiTEX3K5M6Z7_-o14WRQqg==
vKLhH4KN-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/vhTcEbKX/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/vKLhH4KN-320.jpg
24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/vKLhH4KN-320.jpg
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H2
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
528b1fcf765700fd9e52bd28345a232ef96a39128163236e78732912ca0985a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
695
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
24400
x-served-by
cache-iad-kjyo7100082-IAD, cache-fra-eddf8230131-FRA
last-modified
Wed, 22 Nov 2023 21:09:27 GMT
server
nginx
x-timer
S1704608761.017526,VS0,VE1
etag
"04f6fcf80d32fbb8bdd71484d6e2f625"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
258689, 1

Redirect headers

date
Sun, 07 Jan 2024 06:25:53 GMT
via
1.1 df0aa1ee2f3a5b8f1aa2a31aa4b7db86.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
PRG50-C1
age
7
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/vKLhH4KN-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Hit from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
wL_BRZOLWaFZgxbblYgqG7PCpEKuNzaG5HXMUIB4IX04NMq_qhElHg==
S9Ky5YHN-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/1UkcGRec/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/S9Ky5YHN-320.jpg
30 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/S9Ky5YHN-320.jpg
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H2
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ca297b5cbb78735edd0715fb96f8a74a862e1153ad8fd7f17ce86b1e6b27a96d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
694
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
29997
x-served-by
cache-iad-kjyo7100130-IAD, cache-fra-eddf8230131-FRA
last-modified
Thu, 21 Dec 2023 16:25:40 GMT
server
nginx
x-timer
S1704608761.017561,VS0,VE1
etag
"4a1c2c58ba9bff0320893d9c571da4c1"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
3428, 1

Redirect headers

date
Sun, 07 Jan 2024 06:25:53 GMT
via
1.1 df0aa1ee2f3a5b8f1aa2a31aa4b7db86.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
PRG50-C1
age
7
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/S9Ky5YHN-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Hit from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
H2ShTgUhlK2GwQpAgqLuP4MZoV9kLNSW1deRZK1Na_3Yr6w_H17tgw==
player-event
events.qortex.ai/api/v1/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/bootstrapper?group-id=cRWq0mHGUUajm2dPzPy6IA&video-container=.jw-wrapper
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MMBAVYyFcW%2FxE49u7ZrstFpkAjOhw9BGiGCKEY94JUtFD6kjIC4%2FsW7GtCbhqFkpR2Th6I4dC5FxudscfZUqJflcI1nY85t11OW8%2FkgRmdu6kFCzD3vF6PVOvZPbE99JecbxKXG2bqJ3E6Se%2Fd0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
841a2073fc3c927a-FRA
content-length
0
cx-bootstrapper-init
tags.catapultx.com/cxo/ 		49 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.catapultx.com/cxo/cx-bootstrapper-init
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/bootstrapper?group-id=cRWq0mHGUUajm2dPzPy6IA&video-container=.jw-wrapper
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ba7e0e72735ea304bac8a43e87c2da1b7ee2d6705e8548a2fde134beb08d7b48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Dec 2023 15:58:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
119
etag
W/"121"
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IS3bF%2FrmtxDkXeALH4iomEZYWKy57pdPaoAPR0ARO4aiDUsMr1Hlf9mspt6q8uE1KGX8gy5sJf3hvOtrPYVl1C5eEYnO4PsS5KU8Dp8%2FPHxNqlFBicjoJH1kgALfXhsA8NZG7IJXn41HybpDvec%2FfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=180
cf-ray
841a2073ee4d18d4-FRA
init-3392tkd9ir9ggbv3f0mu.js
api.fouanalytics.com/api/ 		0
501 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.fouanalytics.com/api/init-3392tkd9ir9ggbv3f0mu.js
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/bootstrapper?group-id=cRWq0mHGUUajm2dPzPy6IA&video-container=.jw-wrapper
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2KL88zJiAuBGgMbzpQC0VrPKO0JinvLH1XWW0on5JkOYgAMu3u2jgHoghloYYlnovkr3439fhdG1FDM%2Fm0dilHq3XuYRnfQto14ZTkIxBPHdzGMATJRx4K7jDxlxDFzL7izCpGORGcRDwssttkNeq9%2F1xA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
cf-ray
841a20742ab7b7ae-AMS
alt-svc
h3=":443"; ma=86400
expires
0
noscript-3392tkd9ir9ggbv3f0mu.gif
api.fouanalytics.com/api/ 		0
288 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.fouanalytics.com/api/noscript-3392tkd9ir9ggbv3f0mu.gif
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dWaL87yxvlCIOVmk%2BsMN0SbTuZQbEqP9STb34tt6UN6K3WM5gsLuqC91uB5%2FNrfaAEu%2B58aOO0m83PW7%2FYWDhUEuK3tm45qBpYB9pOEcKJIEfoOn8ReIjpsLG%2FChalcaBrl07IJqynp7TT9oXlFlPqb5Jg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
cf-ray
841a20742ab8b7ae-AMS
alt-svc
h3=":443"; ma=86400
expires
0
xd.html
fem.gprod.postmedia.digital/v93.0/ Frame 088C 		165 B
201 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v93.0/xd.html
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
531dd530899d5c89c1c766c0ca463c5e319a84044ebde699ec95b633807025a5

Request headers

Referer
https://www.leducrep.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1592699
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=31622400
content-length
165
content-type
text/html
date
Tue, 19 Dec 2023 20:01:01 GMT
etag
"e66a4f59260370c7eb851d9880e08527"
last-modified
Mon, 11 Dec 2023 19:02:03 GMT
server
UploadServer
x-cache-hit
hit
x-goog-generation
1702321323873559
x-goog-hash
crc32c=e89JmA== md5=5mpPWSYDcMfrhR2YgOCFJw==
x-goog-meta-goog-reserved-file-mtime
1702321262
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
165
x-guploader-uploadid
ABPtcPoGQjKauOGi3_464aKLdj3HMkBQoGIkrGs65D24KRRqb_fjwJ-qsaPvX4e1gOWjF8PBbW3TgatlgA
pub
pixel.adsafeprotected.com/services/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=928934&slot=%7Bid:ad-1,ss:%5B1200.90,970.90,728.90%5D,p:/3081/SMCO_ENCO_AB_LeducRep_EN_WEB/index,t:display%7D&slot=%7Bid:ad-2,ss:%5B6.6,1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_AB_LeducRep_EN_WEB/index,t:display%7D&slot=%7Bid:ad-3,ss:%5B7.7,1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_AB_LeducRep_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-3,ss:%5B8.8%5D,p:/3081/SMCO_ENCO_AB_LeducRep_EN_WEB/index,t:display%7D&slot=%7Bid:ad-4,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_AB_LeducRep_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-4,ss:%5B8.8%5D,p:/3081/SMCO_ENCO_AB_LeducRep_EN_WEB/index,t:display%7D&slot=%7Bid:ad-5,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_AB_LeducRep_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-5,ss:%5B8.8%5D,p:/3081/SMCO_ENCO_AB_LeducRep_EN_WEB/index,t:display%7D&slot=%7Bid:ad-6,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_AB_LeducRep_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-6,ss:%5B8.8%5D,p:/3081/SMCO_ENCO_AB_LeducRep_EN_WEB/index,t:display%7D&slot=%7Bid:ad-7,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_AB_LeducRep_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-7,ss:%5B8.8%5D,p:/3081/SMCO_ENCO_AB_LeducRep_EN_WEB/index,t:display%7D&slot=%7Bid:ad-8,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_AB_LeducRep_EN_WEB/index,t:display%7D&slot=%7Bid:ad-native-8,ss:%5B8.8%5D,p:/3081/SMCO_ENCO_AB_LeducRep_EN_WEB/index,t:display%7D&slot=%7Bid:ad-9,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_ENCO_AB_LeducRep_EN_WEB/index,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=ef3b624c-08f3-e1c1-2994-bed573367b6b&url=https%253A%252F%252Fwww.leducrep.com%252F
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.121.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-121-166.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ae3f77862bc0a6c2b82781a817c8ecebb27b848f0a9cb430fb2bad33934808dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
server
nginx
x-server-name
app01.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.leducrep.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
bid
aax.amazon-adsystem.com/e/dtb/ 		64 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3528&u=https%3A%2F%2Fwww.leducrep.com%2F&pid=33FHu2Detq59z&cb=0&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22ad-1%22%2C%22s%22%3A%5B%221200x90%22%2C%22970x90%22%2C%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22ad-2%22%2C%22s%22%3A%5B%226x6%22%2C%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-3%22%2C%22s%22%3A%5B%227x7%22%2C%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-3%22%2C%22s%22%3A%5B%228x8%22%5D%7D%2C%7B%22sd%22%3A%22ad-4%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-4%22%2C%22s%22%3A%5B%228x8%22%5D%7D%2C%7B%22sd%22%3A%22ad-5%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-5%22%2C%22s%22%3A%5B%228x8%22%5D%7D%2C%7B%22sd%22%3A%22ad-6%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-6%22%2C%22s%22%3A%5B%228x8%22%5D%7D%2C%7B%22sd%22%3A%22ad-7%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-7%22%2C%22s%22%3A%5B%228x8%22%5D%7D%2C%7B%22sd%22%3A%22ad-8%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-8%22%2C%22s%22%3A%5B%228x8%22%5D%7D%2C%7B%22sd%22%3A%22ad-9%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.93.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-93-173.prg50.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 d05dc840d6cf3901928326ad8b6d38c2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PRG50-C1
x-amz-rid
1YY44CDP06R1XW0AM8D6
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.leducrep.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
1HTB3H6EVsdlYlIS9WWgoEGRdJd3BybKXGwiybgbVzfMAa2apE11Aw==
ob.js
cdn-ima.33across.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c707d5798e40035ef5aa307db04e295703514d654b1e65fa62b04492c687c255

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Dec 2023 19:21:40 GMT
server
cloudflare
age
296437
etag
W/"65833ec4-2d18"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
841a20744fd99018-FRA
expires
Wed, 10 Jan 2024 06:26:01 GMT
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
17113
x-jsd-version
master
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230025-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uh8yFSggQXgfshIRJCwp%2FvRaKxIEednBeyEQY%2B6%2FPB7EboOKa%2BQgvw2O506oenCMBun69iEi1590r9j9yOH6wpPI3oP70dK8QrtRCUmDIKmfElWBtd1TuFtRB3fqyt3gUKMyCQGxmVEJ%2BZfbL%2Fs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
841a20743fa22c7a-FRA
xd.js
fem.gprod.postmedia.digital/v93.0/ Frame 088C 		67 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v93.0/xd.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/xd.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8923b4f2bb98765736f23c71a08a37e09f44734e5ebff0bd587f4db5ab1c9c8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fem.gprod.postmedia.digital/v93.0/xd.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 20:01:01 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1702321262
age
1592699
x-guploader-uploadid
ABPtcPoREjOKqPRMxHGPPnOdEAp7dIqGLeVFjY3StzCZb8W4R5tfPw1KnGW4LJBwhAdRzb40U8A0TtAPXA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21177
last-modified
Mon, 11 Dec 2023 19:02:03 GMT
server
UploadServer
etag
W/"2139b791b942c7780fd5e1534f6192af"
vary
Accept-Encoding
x-goog-generation
1702321323904544
x-goog-hash
crc32c=05N7iw==, md5=ITm3kblCx3gP1eFTT2GSrw==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
68978
accept-ranges
none
IrYAVodh.js
cdn.jwplayer.com/libraries/ 		109 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/libraries/IrYAVodh.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/286b462e1048adda4f6f36.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9c00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
81cf291ccaf872d43857c8eab5b4b373c3b1be53f44fec148b9b98849dc0b950

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:23:38 GMT
content-encoding
gzip
via
1.1 df0aa1ee2f3a5b8f1aa2a31aa4b7db86.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
PRG50-C1
age
142
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180
x-robots-tag
noindex, indexifembedded
content-length
41660
x-amz-cf-id
DEYAjhU4YlXkjQ0Le0SMzDQpWGulPsIlAIZKaG3k8dprj9PLf9gPuQ==
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.leducrep.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.leducrep.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 06:26:01 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.leducrep.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.leducrep.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 06:26:01 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.leducrep.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.leducrep.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 06:26:01 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.leducrep.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.leducrep.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 06:26:01 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.leducrep.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.leducrep.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 06:26:01 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.leducrep.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.leducrep.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 06:26:01 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.leducrep.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.leducrep.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 06:26:01 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.leducrep.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.leducrep.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 06:26:01 GMT
server
ATS/9.1.10.94
v1
btlr.sharethrough.com/universal/ 		0
158 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.234.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-234-7.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.leducrep.com
date
Sun, 07 Jan 2024 06:26:01 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
158 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.234.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-234-7.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.leducrep.com
date
Sun, 07 Jan 2024 06:26:01 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
158 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.234.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-234-7.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.leducrep.com
date
Sun, 07 Jan 2024 06:26:01 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
158 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.234.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-234-7.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.leducrep.com
date
Sun, 07 Jan 2024 06:26:01 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
158 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.234.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-234-7.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.leducrep.com
date
Sun, 07 Jan 2024 06:26:01 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
158 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.234.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-234-7.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.leducrep.com
date
Sun, 07 Jan 2024 06:26:01 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
158 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.234.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-234-7.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.leducrep.com
date
Sun, 07 Jan 2024 06:26:01 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
158 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.234.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-234-7.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.leducrep.com
date
Sun, 07 Jan 2024 06:26:01 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
159 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.234.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-234-7.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.leducrep.com
date
Sun, 07 Jan 2024 06:26:01 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
158 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.234.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-234-7.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.leducrep.com
date
Sun, 07 Jan 2024 06:26:01 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
158 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.234.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-234-7.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.leducrep.com
date
Sun, 07 Jan 2024 06:26:01 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
158 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.234.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-234-7.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.leducrep.com
date
Sun, 07 Jan 2024 06:26:01 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
158 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.234.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-234-7.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.leducrep.com
date
Sun, 07 Jan 2024 06:26:01 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
158 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.234.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-234-7.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.leducrep.com
date
Sun, 07 Jan 2024 06:26:01 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		19 B
581 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:01 GMT
an-x-request-uuid
c6c49be4-fe6c-4dc2-b99e-529a046b7f94
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.leducrep.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.77; 45.141.152.77; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.media.net/rtb/ 		32 B
448 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUKB9454
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:00 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.leducrep.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
215
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 07 Jan 2024 06:26:01 GMT
bid
ap.lijit.com/rtb/ 		95 B
370 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.23.0
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.113.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-113-22.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6a9ba343788496fcb13c92a1e1b939ad5ab4b83ec12beccb749c331ea37d703b

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://www.leducrep.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
99
fastlane.json
fastlane.rubiconproject.com/a/api/ 		64 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14648&site_id=359816&zone_id=2597312&size_id=2%3B15%3B15%3B15%3B15%3B15%3B15%3B15%3B15%3B15&alt_size_ids=55%3B2%2C55%2C57%3B2%2C55%2C57%3B2%2C10%2C43%2C44%2C55%2C57%3B2%2C55%2C57%3B2%2C10%2C43%2C44%2C55%2C57%3B2%2C55%2C57%3B2%2C10%2C43%2C44%2C55%2C57%3B2%2C55%2C57%3B2%2C10%2C43%2C44%2C55%2C57&eid_pubcid.org=370dc814-ee65-4135-bdd1-991aac461b96%5E1&rf=https%3A%2F%2Fwww.leducrep.com%2F&tg_i.domain=leducrep.com&tg_i.page=https%3A%2F%2Fwww.leducrep.com%2F&tg_i.aupname=%2F3081%2FSMCO_ENCO_AB_LeducRep_EN_WEB%2Findex&tg_i.pbadslot=%2F3081%2FSMCO_ENCO_AB_LeducRep_EN_WEB%2Findex%23ad-1%3B%2F3081%2FSMCO_ENCO_AB_LeducRep_EN_WEB%2Findex%23ad-2%3B%2F3081%2FSMCO_ENCO_AB_LeducRep_EN_WEB%2Findex%23ad-3%3B%2F3081%2FSMCO_ENCO_AB_LeducRep_EN_WEB%2Findex%23ad-native-3%3B%2F3081%2FSMCO_ENCO_AB_LeducRep_EN_WEB%2Findex%23ad-4%3B%2F3081%2FSMCO_ENCO_AB_LeducRep_EN_WEB%2Findex%23ad-native-4%3B%2F3081%2FSMCO_ENCO_AB_LeducRep_EN_WEB%2Findex%23ad-5%3B%2F3081%2FSMCO_ENCO_AB_LeducRep_EN_WEB%2Findex%23ad-native-5%3B%2F3081%2FSMCO_ENCO_AB_LeducRep_EN_WEB%2Findex%23ad-6%3B%2F3081%2FSMCO_ENCO_AB_LeducRep_EN_WEB%2Findex%23ad-native-6&tk_flint=dmpbjs_v8.23.0&x_source.tid=7ec2fe50-75f5-40f4-9463-d86feeb5354b&l_pb_bid_id=6541aa08f1bfb1f%3B66d530b0a7e69be%3B67c096faa81811%3B68efe021f48cc23%3B69106c167e35b54%3B7071c2a31c9dd6a%3B714cfbca5aaa9fe%3B72199498495bdf%3B73fc04a352d7b7e%3B748bd412dc88b66&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=78386d9b-7e1b-4cc6-8cb0-d806c0275f85%3B9010bf99-2208-494a-be06-0d816670faef%3B0e3ee134-8b2f-4c99-983d-2409d90e0f06%3Bbf2e19cd-a22f-4453-ae88-b652ae1169c0%3B22eebef7-db72-4d72-9aae-11104f72b548%3B6e2fd1c9-6191-4e54-abd8-08d6544f9fc3%3Bd509bb4c-69ec-4420-81a1-c5067f26ea76%3B75df1096-a62e-4e6a-8ec5-6dbd970f2ca7%3Bc54eba0f-4915-4664-8ffa-613ab28255ac%3B48e0ef00-f07e-4d34-a67c-f62d27b6a56a&rp_maxbids=1&p_gpid=%2F3081%2FSMCO_ENCO_AB_LeducRep_EN_WEB%2Findex%23ad-1%3B%2F3081%2FSMCO_ENCO_AB_LeducRep_EN_WEB%2Findex%23ad-2%3B%2F3081%2FSMCO_ENCO_AB_LeducRep_EN_WEB%2Findex%23ad-3%3B%2F3081%2FSMCO_ENCO_AB_LeducRep_EN_WEB%2Findex%23ad-native-3%3B%2F3081%2FSMCO_ENCO_AB_LeducRep_EN_WEB%2Findex%23ad-4%3B%2F3081%2FSMCO_ENCO_AB_LeducRep_EN_WEB%2Findex%23ad-native-4%3B%2F3081%2FSMCO_ENCO_AB_LeducRep_EN_WEB%2Findex%23ad-5%3B%2F3081%2FSMCO_ENCO_AB_LeducRep_EN_WEB%2Findex%23ad-native-5%3B%2F3081%2FSMCO_ENCO_AB_LeducRep_EN_WEB%2Findex%23ad-6%3B%2F3081%2FSMCO_ENCO_AB_LeducRep_EN_WEB%2Findex%23ad-native-6&slots=10&rand=0.6574355817500666
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
73eaad97d5ace6f59c68a793121ebd456f976e02a9f07181c25d5a5a4a3c8a5a

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.leducrep.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		15 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14648&site_id=359816&zone_id=2597312&size_id=15&alt_size_ids=2%2C55%2C57%3B2%2C10%2C43%2C44%2C55%2C57%3B2%2C55%2C57%3B2%2C10%2C43%2C44%2C55%2C57%3B2%2C55%2C57&eid_pubcid.org=370dc814-ee65-4135-bdd1-991aac461b96%5E1&rf=https%3A%2F%2Fwww.leducrep.com%2F&tg_i.domain=leducrep.com&tg_i.page=https%3A%2F%2Fwww.leducrep.com%2F&tg_i.aupname=%2F3081%2FSMCO_ENCO_AB_LeducRep_EN_WEB%2Findex&tg_i.pbadslot=%2F3081%2FSMCO_ENCO_AB_LeducRep_EN_WEB%2Findex%23ad-7%3B%2F3081%2FSMCO_ENCO_AB_LeducRep_EN_WEB%2Findex%23ad-native-7%3B%2F3081%2FSMCO_ENCO_AB_LeducRep_EN_WEB%2Findex%23ad-8%3B%2F3081%2FSMCO_ENCO_AB_LeducRep_EN_WEB%2Findex%23ad-native-8%3B%2F3081%2FSMCO_ENCO_AB_LeducRep_EN_WEB%2Findex%23ad-9&tk_flint=dmpbjs_v8.23.0&x_source.tid=7ec2fe50-75f5-40f4-9463-d86feeb5354b&l_pb_bid_id=7585e419e469274%3B76eb3887ca11179%3B77c6ddbf50022c5%3B7822a4121e82788%3B791687e9e5fc6d3&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=5d980d68-4948-4f26-9766-80671068433c%3B769396da-c2c9-445d-9086-4d5fcba26ea8%3Bbaa5c8b7-557f-420e-88d8-6108a1f48faf%3B4d8ae407-211c-4342-a787-398b64dfa06f%3B546ba380-2938-4dfa-9a3c-92a410fd0096&rp_maxbids=1&p_gpid=%2F3081%2FSMCO_ENCO_AB_LeducRep_EN_WEB%2Findex%23ad-7%3B%2F3081%2FSMCO_ENCO_AB_LeducRep_EN_WEB%2Findex%23ad-native-7%3B%2F3081%2FSMCO_ENCO_AB_LeducRep_EN_WEB%2Findex%23ad-8%3B%2F3081%2FSMCO_ENCO_AB_LeducRep_EN_WEB%2Findex%23ad-native-8%3B%2F3081%2FSMCO_ENCO_AB_LeducRep_EN_WEB%2Findex%23ad-9&slots=5&rand=0.18646440202750147
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9d19ef863185b36bc5021745cf4d850057f4788b7ab71e0b2b30d5857d568173

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.leducrep.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
114 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.leducrep.com
date
Sun, 07 Jan 2024 06:26:01 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
551 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=902201
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5e8f82558e1cccf8248338fa8eb2c9ee4a52e2992bac3cf710bca04209f9d06

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BpMYTtomBKLN7v%2BkVGUSV4i9x13L9fOOA8PMbG9rPuszyszhvuE0apQh%2FdmOAAZ6AzMK53X43ILTwKL22kr%2BHnNool2N92dtE%2FlXBR2sNTnatLxzZ3qJuIOjJ%2F50z1lq91Onye4h"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.leducrep.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
841a20748bfd1e54-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebidjs
rtb.openx.net/openrtbb/ 		53 B
250 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e347da8bbc9a616d51f762f10029ee3b9f24e1d183ae7e5ad63195fb6664658e

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.leducrep.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
cdb
bidder.criteo.com/ 		0
195 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.23.0&cb=8564467081&lsavail=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.leducrep.com
date
Sun, 07 Jan 2024 06:26:00 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
d956f854a7c0609071aa018bcc19c61fa77ca795509da7b7fa13be317ade5302

Request headers

Referer
https://www.leducrep.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.leducrep.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
4aa2c0885ae07456f3a2ec269262f0e3a322066526fd82092cb18360ab195aa1

Request headers

Referer
https://www.leducrep.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.leducrep.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
ba368330f6b3e74e8ced7bd659360a00fc61d5e970bc59e4881efeb54d8a6dca

Request headers

Referer
https://www.leducrep.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.leducrep.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
7a25b27d50d632cc61ca8844ef91bc00d4efc36c37a318c35fd5c76c6dbcec17

Request headers

Referer
https://www.leducrep.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.leducrep.com
access-control-allow-credentials
true
content-length
81
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
655734836f6a9da92a5d7b9ff5437b609ad3011201cde5651259e8205176bb71

Request headers

Referer
https://www.leducrep.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.leducrep.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
c69903a2a63a1b57e1b96899d3c2ae7ecbec6da577be70c7be8e59cc265c69c6

Request headers

Referer
https://www.leducrep.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.leducrep.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
20a39509ff26bec9d43ff25d908d8a241688382f4c7b6822691463bd5ecd92d8

Request headers

Referer
https://www.leducrep.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.leducrep.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
20a0d5600a54c94ed84d8e4ce889e5bbe96bd8682a348aa8fd5357fa76f5f94b

Request headers

Referer
https://www.leducrep.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.leducrep.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
343 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
48b9895453eb4996387ccde6d84d611e405ba43149746e6a9266cebbbf95ee2b

Request headers

Referer
https://www.leducrep.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.leducrep.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.leducrep.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.leducrep.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 06:26:01 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
126 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
5c74b7e2fe1764c28eee273797d8a3996cf050346568ac1050bddc085138911f

Request headers

Referer
https://www.leducrep.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.leducrep.com
access-control-allow-credentials
true
content-length
82
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
7a4b1009ac3724d5746eb472941bc0124e0b7524c02165f746db53c8fdf39af5

Request headers

Referer
https://www.leducrep.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.leducrep.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
540b5453d3d1ffd76c8c9832b7be631fadc7773ed618add2ab247b18aa6e5bd9

Request headers

Referer
https://www.leducrep.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.leducrep.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
114 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e2b613e5d77f16bcd1121b2d53389bf1e342d1f76387f2f2c1a61a3372885963

Request headers

Referer
https://www.leducrep.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.leducrep.com
access-control-allow-credentials
true
content-length
82
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
125 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
b193fe5a1bc72e9aec282949a96fbdaf1d764cfc9d89d5f05b446e69b8eabdbf

Request headers

Referer
https://www.leducrep.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.leducrep.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
182a88dd80fc17b2cb7cb02216c95ef579776905c6a1c3f5260b69e292394d9d

Request headers

Referer
https://www.leducrep.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.leducrep.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.leducrep.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.leducrep.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 06:26:01 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.leducrep.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.leducrep.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 06:26:01 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.leducrep.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.leducrep.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 06:26:01 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.leducrep.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.leducrep.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 06:26:01 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.leducrep.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.leducrep.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 06:26:01 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.leducrep.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.leducrep.com
access-control-max-age
600
age
0
content-length
0
date
Sun, 07 Jan 2024 06:26:01 GMT
server
ATS/9.1.10.94
envelope
lexicon.33across.com/v1/ 		49 B
251 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a0000344KfnAAE&src=esp&ver=1.3.0
Requested by
Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ob.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 07 Jan 2024 06:26:00 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.leducrep.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
OTwDxVhQ
cdn.jwplayer.com/v2/playlists/ 		61 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/playlists/OTwDxVhQ
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.1.1/websites/js/836d4e0fd22a7dc68a052.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9c00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
9461fdd0163c83e35d3e9f878ce7034700c5f616b8df87c6cc5858022928bbb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:25:53 GMT
content-encoding
gzip
via
1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
PRG50-C1
age
8
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-robots-tag
noindex, indexifembedded
content-length
10554
x-amz-cf-id
gmQoanAjPgpUUltWQRowjk_3UzMkg-WF5Jm0EKgWDZJ7zP-KX0Trvw==
expires
Sun, 07 Jan 2024 06:28:53
putRecords
prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/putRecords?encoded=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.237.26.143 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-26-143.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
POST
Origin
https://www.leducrep.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
date
Sun, 07 Jan 2024 06:26:01 GMT
x-amz-apigw-id
RJ-PCHSXPHcEFvQ=
x-amzn-requestid
2aea6163-d279-4fc1-a5ea-4c7951b9cfb8
putRecords
prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/ 		146 B
374 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/putRecords?encoded=true
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.237.26.143 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-26-143.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
7b502a398a244c00330a82b70add336131d05e6f5fece9679ebc7b51ec88e082

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
x-api-key
5e0b19374596b1c8abfb0560fcb956220131d0a7f7100979de5d18cfada355d5
Content-Type
application/json

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
x-amzn-trace-id
Root=1-659a43f9-561879c7256bb19178bf3bdd
x-amzn-requestid
0f09d4ab-0941-414a-9089-a8f6a582f240
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
RJ-PEGmavHcEO4A=
content-length
146
googima.js
ssl.p.jwpcdn.com/player/v/8.30.1/ 		74 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.1/googima.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
80c9671594b35dca109b7ecf4d7ca12db35663ba90b6e591fee421a3d3a6816a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
via
1.1 varnish
age
24773
x-cache
HIT
content-length
22454
x-served-by
cache-fra-eddf8230131-FRA
last-modified
Mon, 13 Nov 2023 20:12:26 GMT
server
AmazonS3
x-timer
S1704608761.118778,VS0,VE0
etag
"016fdad688d9003e0b0c4157e803cf37"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, immutable
accept-ranges
bytes
x-cache-hits
1060
bidding.js
ssl.p.jwpcdn.com/player/v/8.30.1/ 		448 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.1/bidding.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b3587ccc786d72c7d352e3cd589f1c34a6d5f99944560a6c2e7f6f69f0a69b9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
via
1.1 varnish
age
1409
x-cache
HIT
content-length
144290
x-served-by
cache-fra-eddf8230131-FRA
last-modified
Thu, 14 Dec 2023 13:42:51 GMT
server
AmazonS3
x-timer
S1704608761.118979,VS0,VE0
etag
"20b62ce1e7993cc814efa737c197c766"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600, immutable
accept-ranges
bytes
x-cache-hits
3
jwpsrv.js
ssl.p.jwpcdn.com/player/v/8.30.1/ 		65 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.1/jwpsrv.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3c5ff38a6b645121ae055d1bb18885c2f185331f58f6229443c2f031684216f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
via
1.1 varnish
age
359
x-cache
HIT
content-length
19890
x-served-by
cache-fra-eddf8230131-FRA
last-modified
Thu, 14 Dec 2023 19:59:18 GMT
server
AmazonS3
x-timer
S1704608761.118974,VS0,VE0
etag
"1a96e7c0d0040b922d2458e3bc2cfe7f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, immutable
accept-ranges
bytes
x-cache-hits
99
jwplayer.core.controls.js
ssl.p.jwpcdn.com/player/v/8.30.1/ 		318 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.1/jwplayer.core.controls.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3626395a3596984e23ef3c2e882eee1fe93e4830f6c6b90ba9aad5028d2b6c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
via
1.1 varnish
age
4564475
x-cache
HIT
content-length
85284
x-served-by
cache-fra-eddf8230131-FRA
last-modified
Mon, 13 Nov 2023 20:12:20 GMT
server
AmazonS3
x-timer
S1704608761.119110,VS0,VE0
etag
"95e4ba794923b67ae5be72627198a8b3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
285195
OTwDxVhQ
cdn.jwplayer.com/v2/playlists/ 		61 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/playlists/OTwDxVhQ
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9c00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
9461fdd0163c83e35d3e9f878ce7034700c5f616b8df87c6cc5858022928bbb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:25:53 GMT
content-encoding
gzip
via
1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
PRG50-C1
age
8
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-robots-tag
noindex, indexifembedded
content-length
10554
x-amz-cf-id
7BtMDTMYrdA_hnFEFdVJcDPAcGmiV2ohSAaNhcmMMFuViHaZwdq3ag==
expires
Sun, 07 Jan 2024 06:28:53
EP4j6LNJEeu2Q2J+7u8ONQ.json
entitlements.jwplayer.com/ 		69 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://entitlements.jwplayer.com/EP4j6LNJEeu2Q2J+7u8ONQ.json
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.243 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (amb/6AC4) /
Resource Hash
5427e10c23520fbca480e8750c7e03dc2858eee594081879ea72a559bbd9fa81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
last-modified
Sun, 07 Jan 2024 03:20:25 GMT
server
ECAcc (amb/6AC4)
age
11136
vary
Accept-Encoding
x-cache
HIT
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1800, s-maxage=13620
accept-ranges
bytes
content-length
75
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		367 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dac9ce6b163b009d3fae39abc37e728afa2476e5dd0b5e5ac9480a9969fbbe6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128925
x-xss-protection
0
expires
Sun, 07 Jan 2024 06:26:01 GMT
provider.hlsjs.js
ssl.p.jwpcdn.com/player/v/8.30.1/ 		413 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.1/provider.hlsjs.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a6a936bf89e1100e04af426880bbbbcdf995f6501eb58a5e7ca3382b0ce74ac3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
via
1.1 varnish
age
2871482
x-cache
HIT
content-length
126154
x-served-by
cache-fra-eddf8230131-FRA
last-modified
Fri, 10 Nov 2023 21:07:29 GMT
server
AmazonS3
x-timer
S1704608761.150889,VS0,VE0
etag
"c735ce7c150fe5e0fdf3e61f12fd8527"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
257482
Dp6S8fYF.srt
assets-jpcust.jwpsrv.com/tracks/
Redirect Chain
  • https://cdn.jwplayer.com/tracks/Dp6S8fYF.srt
  • https://assets-jpcust.jwpsrv.com/tracks/Dp6S8fYF.srt
1 KB
862 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-jpcust.jwpsrv.com/tracks/Dp6S8fYF.srt
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
84a1251c3dcbb36d527efa7cbf47b5036b85f012eacf4f4d56ee90032bfbbef5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
248
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
688
x-served-by
cache-iad-kjyo7100085-IAD, cache-fra-eddf8230043-FRA
last-modified
Thu, 21 Dec 2023 16:05:20 GMT
server
nginx
x-timer
S1704608761.249514,VS0,VE1
etag
"85a3d7fbaa005ade04843a040c6232f6"
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
35762, 1

Redirect headers

date
Sun, 07 Jan 2024 06:25:54 GMT
via
1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
PRG50-C1
age
7
x-cache
Hit from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/tracks/Dp6S8fYF.srt
access-control-allow-origin
*
x-robots-tag
noindex, indexifembedded
content-length
166
x-amz-cf-id
XrD7KGLVU3fPGOyNJGDMKDuT40jL1LW3aTZGX9OEJhCYhs8088ALVA==
polyfills.webvtt.js
ssl.p.jwpcdn.com/player/v/8.30.1/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.1/polyfills.webvtt.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f955bad4911e135ef8894618754dbed63059322adf7404c619734960cce6adc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
via
1.1 varnish
age
2010451
x-cache
HIT
content-length
4510
x-served-by
cache-fra-eddf8230131-FRA
last-modified
Mon, 13 Nov 2023 20:12:22 GMT
server
AmazonS3
x-timer
S1704608761.187435,VS0,VE0
etag
"4ecf1daa69f7252ad15b34ff4485ec7a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
57924
1UkcGRec-120.vtt
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://cdn.jwplayer.com/strips/1UkcGRec-120.vtt
  • https://assets-jpcust.jwpsrv.com/strips/1UkcGRec-120.vtt
2 KB
695 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-jpcust.jwpsrv.com/strips/1UkcGRec-120.vtt
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
08e5a6db06d84ec26e14d8fb6b440780431a22b7620b35ea5a8f1723385d12a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
206
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
315
x-served-by
cache-iad-kjyo7100118-IAD, cache-fra-eddf8230043-FRA
last-modified
Thu, 21 Dec 2023 17:12:00 GMT
server
nginx
x-timer
S1704608761.249615,VS0,VE1
etag
"374c3ba0592b8812be871b852908c207"
vary
Accept-Encoding
content-type
text/vtt
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
15707, 1

Redirect headers

date
Sun, 07 Jan 2024 06:25:54 GMT
via
1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
PRG50-C1
age
7
x-cache
Hit from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/strips/1UkcGRec-120.vtt
access-control-allow-origin
*
x-robots-tag
noindex, indexifembedded
content-length
166
x-amz-cf-id
bC7A9QOCIjSDDWtNsbDRWA2M8yPMhxv14mJqkUI8fCDdP-34M_ONwQ==
provider.cast.js
ssl.p.jwpcdn.com/player/v/8.30.1/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.1/provider.cast.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1e11545f37f9b79411db316051568e9232e4306b7b86a1fc28195596d21a8839

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
via
1.1 varnish
age
2690106
x-cache
HIT
content-length
10035
x-served-by
cache-fra-eddf8230131-FRA
last-modified
Mon, 13 Nov 2023 20:12:23 GMT
server
AmazonS3
x-timer
S1704608761.206462,VS0,VE0
etag
"11ee85ad71debb9f00a186341c5562fb"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
162824
related.js
ssl.p.jwpcdn.com/player/v/8.30.1/ 		103 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.1/related.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f9d9f5036d0bd2be56f58b96153837812b097932175127c8b0261eb0ba7b58de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
via
1.1 varnish
age
2768095
x-cache
HIT
content-length
25137
x-served-by
cache-fra-eddf8230131-FRA
last-modified
Mon, 13 Nov 2023 20:12:25 GMT
server
AmazonS3
x-timer
S1704608761.206580,VS0,VE0
etag
"e6b820b0a7ae68bd30c9a97e44e1ea55"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
258176
1UkcGRec.m3u8
cdn.jwplayer.com/manifests/ 		2 KB
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/manifests/1UkcGRec.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9c00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
2131050f59d7a75989ab42208ae48f17cea879636d8f8e645921a36a20eeed46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:25:54 GMT
content-encoding
gzip
via
1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
PRG50-C1
age
7
x-cache
Hit from cloudfront
content-type
application/vnd.apple.mpegurl; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180
x-robots-tag
noindex, indexifembedded
content-length
390
x-amz-cf-id
sjpN2M52bNWsKR1fHK9jLO3qQsUNhDkRhVAkHDx5XXWvJN-xO8l-pQ==
S9Ky5YHN-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/1UkcGRec/poster.jpg?width=720
  • https://assets-jpcust.jwpsrv.com/thumbnails/S9Ky5YHN-720.jpg
98 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/S9Ky5YHN-720.jpg
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H2
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
889701e4cb98cd11ef7cd807a7051acd4df7a4cb3c99d035253d8c4b4c1a4069

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
794
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
94827
x-served-by
cache-iad-kcgs7200086-IAD, cache-fra-eddf8230131-FRA
last-modified
Thu, 21 Dec 2023 16:25:40 GMT
server
nginx
x-timer
S1704608761.274470,VS0,VE1
etag
"2506f6e12f04ac1f2b50bf6f72546b34"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
2620, 1

Redirect headers

date
Sun, 07 Jan 2024 06:25:54 GMT
via
1.1 df0aa1ee2f3a5b8f1aa2a31aa4b7db86.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
PRG50-C1
age
7
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/S9Ky5YHN-720.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Hit from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
Kz0tiV8R4-IgX5iQchqIhILUFlQuDcobeFM-IgmSsUzPWUf_2prZXA==
S9Ky5YHN-640.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/1UkcGRec/poster.jpg?width=640
  • https://assets-jpcust.jwpsrv.com/thumbnails/S9Ky5YHN-640.jpg
80 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/S9Ky5YHN-640.jpg
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H2
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2b07fe7247fc6cee7cd074645d1227522c3dbd5491fa5001fcc4705a7cd3fa90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
693
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
77563
x-served-by
cache-iad-kiad7000112-IAD, cache-fra-eddf8230131-FRA
last-modified
Thu, 21 Dec 2023 16:25:41 GMT
server
nginx
x-timer
S1704608761.274356,VS0,VE3
etag
"c7722046f4f00e1782ac8fe54b73243d"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
16, 1

Redirect headers

date
Sun, 07 Jan 2024 06:25:54 GMT
via
1.1 df0aa1ee2f3a5b8f1aa2a31aa4b7db86.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
PRG50-C1
age
7
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/S9Ky5YHN-640.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Hit from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
PQ-F6X1aTD6O5UelFoyBCIdLNAej6caYQxFhjNh0vNrOM1TV3gj2Rg==
auction
prebid-server.rubiconproject.com/openrtb2/ 		173 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/bidding.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
45de24604c43426267ec183e2f863a96df243d4d1ece043b616561ad6e67832b

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.6.0
Content-Type
application/json
access-control-allow-origin
https://www.leducrep.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
Expires
0
translator
hbopenbid.pubmatic.com/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/bidding.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.leducrep.com
date
Sun, 07 Jan 2024 06:26:01 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=1031461
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/bidding.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b8f827ee28fad62699352bcbd1533f8dbe1cb0264833dd2dcc5561e43234a0c

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VTX3VfCv6GaL8zRt1ve2TeoktJ7XqpiEeTSVjwl%2F4Ku2dL9lIzjd1reqn1V%2BdAQwlqJF8mE%2BXgx%2BUxOhS7nrPLZFD3jpGzzSOlnOuTA8QQmFY3nV86yYTGfmcaxK1ibA67lFiRZF"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.leducrep.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
841a2075acae1e54-FRA
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
bridge3.609.1_en_ca.html
imasdk.googleapis.com/js/core/ Frame D64A 		750 KB
240 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.609.1_en_ca.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e7efb6ae6f9571dd815db7eee285ce5288648414d2ce024f97135625180c6af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.leducrep.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
131726
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
245974
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Fri, 05 Jan 2024 17:50:35 GMT
expires
Sat, 04 Jan 2025 17:50:35 GMT
last-modified
Mon, 18 Dec 2023 19:42:36 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 07 Jan 2024 06:26:01 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame B446 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 05:36:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2974
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 07 Jan 2024 06:36:27 GMT
manifest-audio_eng=112043-video_eng=312749.m3u8
videos-cloudfront-usp.jwpsrv.com/659aecb2_009d7300e4b3c0d7d00f687c7fa1f2cd8e865f60/site/ReDAXyY4/media/1UkcGRec/version/tqKlQ9gM/manifest.ism/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront-usp.jwpsrv.com/659aecb2_009d7300e4b3c0d7d00f687c7fa1f2cd8e865f60/site/ReDAXyY4/media/1UkcGRec/version/tqKlQ9gM/manifest.ism/manifest-audio_eng=112043-video_eng=312749.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:f400:2:cecb:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
1e0b48703e6b552217f94c3d2de4454e244562d87992eaca4aed36bd2402c276

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 06:22:29 GMT
via
1.1 2a9856881d192b485d1bf1928e98c7ec.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
86638
x-cache
Hit from cloudfront
content-length
1286
server
Apache
etag
"usp-F68A3AFC"
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-expose-headers
server,range,date,x-cdn-forward
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
origin, range, x-cdn-forward
x-amz-cf-id
JOK-bnzypFOC_UjB8wRsDJftYhMoT8m26WYzq7HOnyWEW4zwQzc1mg==
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 07 Jan 2024 06:26:01 GMT
1UkcGRec-120.jpg
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://cdn.jwplayer.com/strips/1UkcGRec-120.jpg
  • https://assets-jpcust.jwpsrv.com/strips/1UkcGRec-120.jpg
225 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/strips/1UkcGRec-120.jpg
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H2
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4e164a6eeb4844482d5036d0f2f4b1fd7f42b39007f512ef071a3f3fec1dfa97

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
794
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
227252
x-served-by
cache-iad-kcgs7200022-IAD, cache-fra-eddf8230131-FRA
last-modified
Thu, 21 Dec 2023 17:12:00 GMT
server
nginx
x-timer
S1704608761.333109,VS0,VE3
etag
"0652356d22c4a8febf4dad73d9689afb"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
18, 1

Redirect headers

date
Sun, 07 Jan 2024 06:25:54 GMT
via
1.1 df0aa1ee2f3a5b8f1aa2a31aa4b7db86.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
PRG50-C1
age
7
x-cache
Hit from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/strips/1UkcGRec-120.jpg
access-control-allow-origin
*
x-robots-tag
noindex, indexifembedded
content-length
166
x-amz-cf-id
S5dZt3YOJlWYh1lLnPSPrKEVpNCw5s64wghovTXnvXP0nm7HiMhFOg==
manifest-audio_eng=112043-video_eng=312749-1.ts
videos-cloudfront-usp.jwpsrv.com/659aecb2_009d7300e4b3c0d7d00f687c7fa1f2cd8e865f60/site/ReDAXyY4/media/1UkcGRec/version/tqKlQ9gM/manifest.ism/ 		285 KB
286 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront-usp.jwpsrv.com/659aecb2_009d7300e4b3c0d7d00f687c7fa1f2cd8e865f60/site/ReDAXyY4/media/1UkcGRec/version/tqKlQ9gM/manifest.ism/manifest-audio_eng=112043-video_eng=312749-1.ts
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:f400:2:cecb:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
547fc84dc54d9df451c2d97795e6a93ce45509c53da3e3dc2dcc3c543d11551f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 19:15:45 GMT
via
1.1 2a9856881d192b485d1bf1928e98c7ec.cloudfront.net (CloudFront)
x-usp-info1
t=1970-01-01T00:00:00Z lookahead=2
x-amz-cf-pop
PRG50-C1
age
385816
x-cache
Hit from cloudfront
content-length
292152
server
Apache
etag
"usp-72208672"
content-type
video/MP2T
access-control-allow-origin
*
access-control-expose-headers
server,range,date,x-cdn-forward
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
link
<manifest-audio_eng=112043-video_eng=312749-2.ts>; rel="next"
access-control-allow-headers
origin, range, x-cdn-forward
x-amz-cf-id
iDbzxo6gHVJkcpHq5thXTSfzkiul9WjbAOh8JJZdL5Rk6sRo5jfemg==
cast_framework.js
www.gstatic.com/cast/sdk/libs/sender/1.0/ 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12197
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 23:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="chrome-dongle"
vary
Accept-Encoding
report-to
{"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type
text/javascript
cache-control
private, max-age=0
accept-ranges
bytes
expires
Sun, 07 Jan 2024 06:26:01 GMT
cast_sender.js
www.gstatic.com/eureka/clank/120/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/120/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 16:35:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49825
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14705
x-xss-protection
0
last-modified
Mon, 23 Oct 2023 15:04:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sun, 07 Jan 2024 16:35:36 GMT
events
api.permutive.com/v2.0/batch/ 		101 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
8c47de12bf55371acecb47047d7b71a06cdb6bf7d71f736ae4e24a189d130eba

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.leducrep.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
ping.gif
placement-prd.jwpltx.com/v1/placement/ 		0
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://placement-prd.jwpltx.com/v1/placement/ping.gif?h=-80898340&e=pll&n=8847904289355719&aid=EP4j6LNJEeu2Q2J%2B7u8ONQ&plv=0.13.0&sa=1704608760663
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:8e00:15:2b26:f200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
via
1.1 4b07e670df891a80bcae1d5be052af3c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
DGctNd6akk1X6QuvPKELgyO-YwlbAv69IrnQQbxsNOt0vBqO4ILqNw==
x-cache
Miss from cloudfront
ping.gif
prd.jwpltx.com/v1/jwplayer6/ 		0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=1705622280&e=e&n=8058992965223939&abc=0&aid=EP4j6LNJEeu2Q2J%2B7u8ONQ&amp=0&ask=K0NLwyPr&at=1&c=1&ccp=0&cp=0&d=0&eb=0&ed=6&emi=nwqvf91pd1ka&i=0&id=1UkcGRec&lid=u2p44418azpl&lsa=read&mt=0&pbd=1&pbr=1&pgi=11d9swo1ikdl&ph=1&pid=IrYAVodh&pii=0&pl=282&plc=20&pli=tt6tmg139ubd&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Home%20%7C%20Leduc%20Representative&pu=https%3A%2F%2Fwww.leducrep.com%2F&pv=8.30.1&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=Canada%E2%80%99s%20dumbest%20historical%20cancellation%20yet&tv=3.43.2&vb=1&vi=1&vl=90&wd=501&ab=1&bpv=7.5.0&cae=0&cb=1&cdid=leadVideoIFrameHeadline&cme=0&dd=1&fed=OTwDxVhQ&flc=0&fv=&ga=0&lng=en-CA&mk=hls&mu=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2F1UkcGRec.m3u8&pbc=0&pd=2&pdr=&plng=en-CA&plt=1400&pni=1&po=0&pogt=%20Leduc%20Representative&rf=%2F%2Fcdn.jwplayer.com%2Fv2%2Fplaylists%2FuzU5KAZg%3Frelated_media_id%3DMEDIAID&sn=%7B%22controlbar%22%3A%7B%22background%22%3A%22rgba(0%2C0%2C0%2C0)%22%2C%22icons%22%3A%22rgba(255%2C255%2C255%2C0.8)%22%2C%22iconsActive%22%3A%22%23FFFFFF%22%2C%22text%22%3A%22%23FFFFFF%22%7D%2C%22menus%22%3A%7B%22background%22%3A%22%23333333%22%2C%22text%22%3A%22rgba(255%2C255%2C255%2C0.8)%22%2C%22textActive%22%3A%22%23FFFFFF%22%7D%2C%22timeslider%22%3A%7B%22progress%22%3A%22%23F2F2F2%22%2C%22rail%22%3A%22rgba(255%2C255%2C255%2C0.3)%22%7D%2C%22tooltips%22%3A%7B%22background%22%3A%22%23FFFFFF%22%2C%22text%22%3A%22%23000000%22%7D%7D&sp=0&st=90&sa=1704608761210
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:ec00:1b:6b7c:c940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
via
1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
-cwDJYDjI4GAn5e1lg_zKisuceAw_1M3n28oNmQxQ4MMoYZctTGgSQ==
x-cache
Miss from cloudfront
ping.gif
prd.jwpltx.com/v1/clienta/ 		0
202 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/clienta/ping.gif?h=-81514951&e=abq&n=3288607717556384&abc=0&aid=EP4j6LNJEeu2Q2J%2B7u8ONQ&amp=0&ask=K0NLwyPr&at=1&c=1&ccp=0&cp=0&d=0&eb=0&ed=6&emi=nwqvf91pd1ka&i=0&id=1UkcGRec&lid=u2p44418azpl&lsa=read&mt=0&pbd=1&pbr=1&pgi=11d9swo1ikdl&ph=1&pid=IrYAVodh&pii=0&pl=282&plc=20&pli=tt6tmg139ubd&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Home%20%7C%20Leduc%20Representative&pu=https%3A%2F%2Fwww.leducrep.com%2F&pv=8.30.1&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=Canada%E2%80%99s%20dumbest%20historical%20cancellation%20yet&tv=3.43.2&vb=1&vi=1&vl=90&wd=501&ab=1&abid=16nesir1clmj&apid=16nesir1clmj&awi=1&awc=1&p=-1&pc=0&pi=0&pr=0&aml=0&flpy=USD&vpb=%7B%22pubmatic.id%22%3A%225352956%22%2C%22pubmatic.pubid%22%3A%22160305%22%2C%22rubicon.pubid%22%3A%2214648%22%2C%22rubicon.siteId%22%3A%22505096%22%2C%22rubicon.zoneId%22%3A%223013794%22%2C%22indexexchange.id%22%3A%221031461%22%7D&vto=3000&bpv=7.5.0&rtp=%7B%7D&tpi=&sa=1704608761213
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:ec00:1b:6b7c:c940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
via
1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
bPf48MKdCcOWeDoKWr-jaUK_FreUo1lvPtY2SwCp7Yf2VNTxY68T3A==
x-cache
Miss from cloudfront
ping.gif
prd.jwpltx.com/v1/clienta/ 		0
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/clienta/ping.gif?h=-1876670598&e=abr&n=2897262658980042&abc=0&aid=EP4j6LNJEeu2Q2J%2B7u8ONQ&amp=0&ask=K0NLwyPr&at=1&c=1&ccp=0&cp=0&d=0&eb=0&ed=6&emi=nwqvf91pd1ka&i=0&id=1UkcGRec&lid=u2p44418azpl&lsa=read&mt=0&pbd=1&pbr=1&pgi=11d9swo1ikdl&ph=1&pid=IrYAVodh&pii=0&pl=282&plc=20&pli=tt6tmg139ubd&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Home%20%7C%20Leduc%20Representative&pu=https%3A%2F%2Fwww.leducrep.com%2F&pv=8.30.1&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=Canada%E2%80%99s%20dumbest%20historical%20cancellation%20yet&tv=3.43.2&vb=1&vi=1&vl=90&wd=501&ab=1&abid=16nesir1clmj&apid=16nesir1clmj&awi=1&awc=1&p=-1&pc=0&pi=0&pr=0&aml=0&flpy=USD&vpb=%7B%22pubmatic.id%22%3A%225352956%22%2C%22pubmatic.pubid%22%3A%22160305%22%2C%22pubmatic.result%22%3A0%2C%22pubmatic.code%22%3A0%2C%22pubmatic.timeForBidResponse%22%3A73%2C%22rubicon.pubid%22%3A%2214648%22%2C%22rubicon.siteId%22%3A%22505096%22%2C%22rubicon.result%22%3A0%2C%22rubicon.code%22%3A0%2C%22rubicon.timeForBidResponse%22%3A42%2C%22rubicon.zoneId%22%3A%223013794%22%2C%22indexexchange.id%22%3A%221031461%22%2C%22indexexchange.result%22%3A0%2C%22indexexchange.code%22%3A0%2C%22indexexchange.timeForBidResponse%22%3A37%7D&vto=3000&sa=1704608761289
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:ec00:1b:6b7c:c940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
via
1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
xNwFVoOfe5QxANcrw578H3vrXuCGZpN_1swMWoNV89KBNwMosIAW5w==
x-cache
Miss from cloudfront
3810102a-6e56-4c45-b0b7-9eb085a3df4b
https://www.leducrep.com/ 		366 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.leducrep.com/3810102a-6e56-4c45-b0b7-9eb085a3df4b
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
943030a2bb4a69de7b031fefa25844e7cfd27154a2ba1f4b05d180a55273ab21

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
374591
Content-Type
text/javascript
ca852450ddef2c05d8cb.js
fem.gprod.postmedia.digital/v93.0/chunks/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v93.0/chunks/ca852450ddef2c05d8cb.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b1631a16b9a272828ad99cdb2ff9beb5ca3f1bcfe33741fc51fb9fb1e764e227

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 20:02:45 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1702321262
age
1592596
x-guploader-uploadid
ABPtcPpaWm0d60dk10OdDFRAt7PFPu8x7tuiWBj7FlzAB-oyMqrfnqildjb9nO0N7MGfjGS4Ha5FBPHCdtoiTqk
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1108
last-modified
Mon, 11 Dec 2023 19:02:01 GMT
server
UploadServer
etag
W/"b8c89500a3911a44ff74904e79f8d535"
vary
Accept-Encoding
x-goog-generation
1702321321293267
x-goog-hash
crc32c=5hc1ug==, md5=uMiVAKORGkT/dJBOefjVNQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
3199
accept-ranges
none
ads
securepubads.g.doubleclick.net/gampad/ 		477 KB
33 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=50067298834188&correlator=1324898115890984&eid=44807746&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fifs&iu_parts=3081%2CSMCO_ENCO_AB_LeducRep_EN_WEB%2Cindex&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1200x90%7C970x90%7C728x90%2C6x6%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C7x7%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C320x50%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C320x50%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C320x50%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C320x50%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C320x50%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C320x50%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250&fluid=0%2C0%2C0%2Cheight%2C0%2Cheight%2C0%2Cheight%2C0%2Cheight%2C0%2Cheight%2C0%2Cheight%2C0&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1704608761497&lmt=1704608618&adxs=200%2C797%2C797%2C768%2C200%2C768%2C200%2C768%2C200%2C768%2C200%2C768%2C200%2C768%2C200&adys=154%2C1236%2C2047%2C2857%2C3615%2C4524%2C5282%2C5806%2C5623%2C6147%2C5964%2C6516%2C6305%2C6829%2C6646&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C11%7C12%7C13%7C14&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.leducrep.com%2F&vis=1&psz=1600x90%7C1600x250%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250&msz=1600x-1%7C1600x-1%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1&fws=4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600&ga_vid=612804346.1704608762&ga_sid=1704608762&ga_hid=68042329&ga_fc=false&a3p=EhsKDDMzYWNyb3NzLmNvbRiOi-aUzjFIAFICCG8SOwoKcHViY2lkLm9yZxIkMzcwZGM4MTQtZWU2NS00MTM1LWJkZDEtOTkxYWFjNDYxYjk2GM-J5pTOMUgA&dlt=1704608760379&idt=298&prev_scp=loc%3D1%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Da052f38a-ad25-11ee-b0c2-025c7d14b065%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%2C90%7Cloc%3D2%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Da052f38c-ad25-11ee-b0c2-025c7d14b065%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.12%26hb_adid%3D2558454540bc386f%26hb_bidder%3Drubicon%7Cloc%3D3%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Da052f38d-ad25-11ee-b0c2-025c7d14b065%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.12%26hb_adid%3D25680eb770c9a939%26hb_bidder%3Drubicon%7Cslot%3Dinfeed%26loc%3D3%26amznbid%3D2%26amznp%3D2%26id%3Da052f38e-ad25-11ee-b0c2-025c7d14b065%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%7Cloc%3D4%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Da052f38f-ad25-11ee-b0c2-025c7d14b065%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.49%26hb_adid%3D2527051dd104a8f3%26hb_bidder%3Drubicon%7Cslot%3Dinfeed%26loc%3D4%26amznbid%3D2%26amznp%3D2%26id%3Da052f390-ad25-11ee-b0c2-025c7d14b065%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%7Cloc%3D5%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Da052f391-ad25-11ee-b0c2-025c7d14b065%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%7Cslot%3Dinfeed%26loc%3D5%26amznbid%3D2%26amznp%3D2%26id%3Da052f392-ad25-11ee-b0c2-025c7d14b065%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.49%26hb_adid%3D25379b32470a79d%26hb_bidder%3Drubicon%7Cloc%3D6%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Da052f393-ad25-11ee-b0c2-025c7d14b065%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%7Cslot%3Dinfeed%26loc%3D6%26amznbid%3D2%26amznp%3D2%26id%3Da052f394-ad25-11ee-b0c2-025c7d14b065%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.49%26hb_adid%3D254f806f3e3c81cd%26hb_bidder%3Drubicon%7Cloc%3D7%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Da052f395-ad25-11ee-b0c2-025c7d14b065%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%7Cslot%3Dinfeed%26loc%3D7%26amznbid%3D2%26amznp%3D2%26id%3Da052f396-ad25-11ee-b0c2-025c7d14b065%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%7Cloc%3D8%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Da052f397-ad25-11ee-b0c2-025c7d14b065%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%7Cslot%3Dinfeed%26loc%3D8%26amznbid%3D2%26amznp%3D2%26id%3Da052f398-ad25-11ee-b0c2-025c7d14b065%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.22%26hb_adid%3D25131b11709c59f8%26hb_bidder%3Drubicon%7Cloc%3D9%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Da052f399-ad25-11ee-b0c2-025c7d14b065%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40&cust_params=permutive%3D96400%252Crts%26prmtvvid%3D4a2168a9-3063-42db-b7ab-e02a350e0edc%26prmtvwid%3D23dc09d6-b664-425a-a76e-0eed6a6cc102%26no_pol%3Dtrue%26page%3Dindex%26pr%3Dldr%26sensitive%3Dn%26negative%3Dn%26comm%3Dy%26et%3Dsm%26ck%3Dindex%26imp%3Dindex%26prmtvsdk%3Dweb%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3D&adks=376532002%2C2436115278%2C3413650033%2C1804677122%2C38557255%2C1804677125%2C38557254%2C1804677124%2C38557273%2C1804677127%2C38557272%2C1804677126%2C38557275%2C1804677129%2C38557274&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ec87eba0bf7e1bc1c3b3bf1acadcc50f0fa85800566e996b0bc0000697ae8ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34226
x-xss-protection
0
google-lineitem-id
-1,6404573011,6320689129,-2,6123534659,-2,6320689129,-2,6404573011,-2,6404573011,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,138455016631,138435367038,-2,138406246674,-2,138435367035,-2,138454355355,-2,138455016757,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.leducrep.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401020101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
afe1c499cb41ea225213f2143b7778426f56c4b94396bb7f6bfe3b5b55602186
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12232
x-xss-protection
0
container.html
53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9547 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.leducrep.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 07 Jan 2024 06:26:01 GMT
expires
Mon, 06 Jan 2025 06:26:01 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
login
postmedia.hub.loginradius.com/ssologin/ 		38 B
545 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

Date
Sun, 07 Jan 2024 06:26:01 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Server
nginx
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS, POST, GET, PUT, OPTIONS, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
https://www.leducrep.com
X-LoginRadius-Server
Primary - IDX - AWS
Access-Control-Allow-Credentials
true
X-Server
ms_idx_primary
Connection
keep-alive
Content-Length
38
login
postmedia.hub.loginradius.com/ssologin/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.leducrep.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS POST, GET, PUT, OPTIONS, DELETE
Access-Control-Allow-Origin
https://www.leducrep.com
Connection
keep-alive
Date
Sun, 07 Jan 2024 06:26:01 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-LoginRadius-Server
Primary - IDX - AWS
X-Server
ms_idx_primary
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 07 Jan 2024 06:26:01 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0891 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.leducrep.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
25677
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 06 Jan 2024 23:18:04 GMT
expires
Sun, 05 Jan 2025 23:18:04 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3375 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
323500d40f8f9b2cde39bc8cf232ade4b0564be3f1a08560bbeb78c7eeaad5ee
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MgWxj0FYzOjtBY7iBZ4eDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.leducrep.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-MgWxj0FYzOjtBY7iBZ4eDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 07 Jan 2024 06:26:01 GMT
expires
Sun, 07 Jan 2024 06:26:01 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 0891 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 14:51:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
56056
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 05 Jan 2025 14:51:45 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3375 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401020101&jk=50067298834188&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
signinprompt
edge-auth.microsoft.com/v0.5/ Frame 873D 		472 B
850 B 		Document
General
Check archive.org
Download Go to
Full URL
https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=67a985be-4d7f-4074-844d-83c5c6c78e72&send_session_started=true&client_id=9e0f1475-e4d9-4f30-8a31-99ca6d85282f&locale=en-US&context=signin
Requested by
Host: edge-auth.microsoft.com
URL: https://edge-auth.microsoft.com/js/ms_auth_client.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.158 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
bingforbusiness.com
Software
/
Resource Hash
978782ab21a5dd5e6c36b58d24151abcfa0d4439dfcbe7f14adbe0c661f3ceb3
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'nonce-wI5mEIujbfWYTzLuJ6JD2WjNzmP/j+H9U6BaWmmyGzncmJvxyzk7ZHBTkCdvs3vxfiJ/DpagxEr2YMyZR3DBE/dNcN6n07bFGlVUX90wDwgiJ96Dkq+st7aLkFVNDQYLAGvwnJG27aL33VypoLlP3cmZY3qjFKwjoPAj0zyiGZY=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';

Request headers

Referer
https://www.leducrep.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-security-policy
script-src 'strict-dynamic' 'nonce-wI5mEIujbfWYTzLuJ6JD2WjNzmP/j+H9U6BaWmmyGzncmJvxyzk7ZHBTkCdvs3vxfiJ/DpagxEr2YMyZR3DBE/dNcN6n07bFGlVUX90wDwgiJ96Dkq+st7aLkFVNDQYLAGvwnJG27aL33VypoLlP3cmZY3qjFKwjoPAj0zyiGZY=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';
content-type
text/html; charset=utf-8
date
Sun, 07 Jan 2024 06:26:01 GMT
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: 08C0C5920AAF4681A21219F66F80437A Ref B: AMS231032605027 Ref C: 2024-01-07T06:26:01Z
vf-v2.js
cdn.viafoura.net/ 		860 KB
200 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/vf-v2.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:8000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2196688d207f9a82188db611ae912978d9c8216c2b4315784871bce6d42846d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
YlbS_G4WAW7t_ds3W.YeUbIaDvXXT1Jm
content-encoding
br
via
1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
date
Sun, 07 Jan 2024 06:21:50 GMT
x-amz-cf-pop
PRG50-C1
age
262
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:08:26 GMT
server
AmazonS3
etag
W/"70684489be37a1b0f601e0e4dcb4baad"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
x-amz-cf-id
rn18BFyyDzjBJxf7T9hF-c9lMXq95iXZzRpgRAnReh5PxSxJ6I9ZGQ==
gtm.js
www.googletagmanager.com/ 		451 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
96136a8fe593c37b7742c8cc402cf9a81d0b26cd8d6a11bc46a63f04aead885b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128221
x-xss-protection
0
last-modified
Sun, 07 Jan 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 07 Jan 2024 06:26:01 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-72.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 02:09:59 GMT
content-encoding
gzip
via
1.1 2b92d172bc628dd9c34a8c262218ac02.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:13:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
15362
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
zadVPzelQANX_kJ1MbqlFwLsTUh2y7kVxweKKM0hKgmGayHPBUepmA==
mparticle.js
jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/ 		325 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
6841d7c15644d3ea1f34a63596f54c7eed39540848bdca3e106ee3ba518f6382

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by
cache-iad-kcgs7200117-IAD, cache-fra-eddf8230037-FRA
date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
server
Kestrel
age
146
x-timer
S1704608762.699233,VS0,VE1
x-origin-name
fastlyshield--shield_ssl_cache_iad_kcgs7200117_IAD
x-cache
HIT, HIT
content-type
application/javascript
vary
Accept, Accept-Encoding
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
116158
x-cache-hits
14, 1
gtm.js
www.googletagmanager.com/ 		155 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v93.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cd01e3c28e570955c3d32f0018d482b8a61a69107632421148e3dcaab84153a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50878
x-xss-protection
0
last-modified
Sun, 07 Jan 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 07 Jan 2024 06:26:01 GMT
generate_204
tpc.googlesyndication.com/ Frame 0891 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?s9sdQQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ms_auth_server_button.min.js
edge-auth.microsoft.com/v0.5/js/ Frame 873D 		26 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge-auth.microsoft.com/v0.5/js/ms_auth_server_button.min.js
Requested by
Host: edge-auth.microsoft.com
URL: https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=67a985be-4d7f-4074-844d-83c5c6c78e72&send_session_started=true&client_id=9e0f1475-e4d9-4f30-8a31-99ca6d85282f&locale=en-US&context=signin
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.158 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
bingforbusiness.com
Software
/
Resource Hash
7c8f24757683d5fece3f8af5853e19b1432c3d9110c3f6307b1ea434807eb4c7
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'nonce-bo6Qnn0XiNOdSo6XouGf9DfBw4kr6H+NnO7VbP+t2/5eD5+jDHZlDrTUU4+15MbSE0z0Utlag5ZOBXisV/c9eVypEV8BtxAeILHLxwW1SHFrckMt/yN6j5NPhlSY9LKnmNo/BIwPhX7gijrePLNI1Xl+/f+cTylOjlxOKgiGRyo=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=67a985be-4d7f-4074-844d-83c5c6c78e72&send_session_started=true&client_id=9e0f1475-e4d9-4f30-8a31-99ca6d85282f&locale=en-US&context=signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
script-src 'strict-dynamic' 'nonce-bo6Qnn0XiNOdSo6XouGf9DfBw4kr6H+NnO7VbP+t2/5eD5+jDHZlDrTUU4+15MbSE0z0Utlag5ZOBXisV/c9eVypEV8BtxAeILHLxwW1SHFrckMt/yN6j5NPhlSY9LKnmNo/BIwPhX7gijrePLNI1Xl+/f+cTylOjlxOKgiGRyo=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';
date
Sun, 07 Jan 2024 06:26:01 GMT
last-modified
Tue, 02 Jan 1601 01:21:08 GMT
x-msedge-ref
Ref A: 407CCAA32AE64AD3978FE4A4204F930B Ref B: AMS231032605027 Ref C: 2024-01-07T06:26:01Z
etag
"d47ff7f29d"
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
26781
identify
identity.mparticle.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-mp-key
Access-Control-Request-Method
POST
Origin
https://www.leducrep.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
age
1983
date
Sun, 07 Jan 2024 06:26:01 GMT
server
Kestrel
strict-transport-security
max-age=900
via
1.1 varnish
x-cache
HIT
x-cache-hits
516
x-fastly-trace-id
3589670090
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-fra-eddf8230067-FRA
x-timer
S1704608762.750304,VS0,VE0
gtm.js
www.googletagmanager.com/ 		232 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5KMC8ND&l=dl_mparticle
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cf464f1e850b27ea7942f1fa638cb6f4789d36f4b0e1c564ac3a74cc0b62f823
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68888
x-xss-protection
0
last-modified
Sun, 07 Jan 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 07 Jan 2024 06:26:01 GMT
identify
identity.mparticle.com/v1/ 		175 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
3b4ebe5a87b2f945344d06699a230b5b880061b554786d6c6a4d3a876973ecc1
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us1-99b65fde89a1a145894d2d51d283cc83
Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
via
1.1 varnish
x-mp-max-age
86400
strict-transport-security
max-age=900
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-cache
MISS
x-served-by
cache-fra-eddf8230067-FRA
server
Kestrel
x-timer
S1704608762.756964,VS0,VE173
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-fastly-trace-id
3589670134
accept-ranges
bytes
x-cache-hits
0
gtm.js
www.googletagmanager.com/ 		115 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K9L8JRZ&l=gtm_data_layer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
60b6fb471b6448d4aafebe6c871af63ea4f78422eab86c2f872bb8cb4e78f4ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45002
x-xss-protection
0
last-modified
Sun, 07 Jan 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 07 Jan 2024 06:26:01 GMT
gtm.js
www.googletagmanager.com/ 		308 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a32a2fa64f4b452903c13ddeb624d92e606e12774bd93047247018347336b019
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
93810
x-xss-protection
0
last-modified
Sun, 07 Jan 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 07 Jan 2024 06:26:01 GMT
metric
edge-auth.microsoft.com/ Frame 873D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://edge-auth.microsoft.com/metric
Requested by
Host: edge-auth.microsoft.com
URL: https://edge-auth.microsoft.com/v0.5/js/ms_auth_server_button.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.158 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
bingforbusiness.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'nonce-GuXhxryJyyzYS+DtxhDzj05nZXtHTmiudIThCVtU3lGf46xZ4NSAFl/2ysv7H/m5eO5oLxMbvA5UKjQFoJIzSUd/6YXnBLamtDD7YSj0pvUflFuXXrmt8+/gZzPRH9NylzdU/6Ml3oM3qJoYJHTrvdXvWskSwBzTGOhjYpayk3w=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';

Request headers

Referer
https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=67a985be-4d7f-4074-844d-83c5c6c78e72&send_session_started=true&client_id=9e0f1475-e4d9-4f30-8a31-99ca6d85282f&locale=en-US&context=signin
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
script-src 'strict-dynamic' 'nonce-GuXhxryJyyzYS+DtxhDzj05nZXtHTmiudIThCVtU3lGf46xZ4NSAFl/2ysv7H/m5eO5oLxMbvA5UKjQFoJIzSUd/6YXnBLamtDD7YSj0pvUflFuXXrmt8+/gZzPRH9NylzdU/6Ml3oM3qJoYJHTrvdXvWskSwBzTGOhjYpayk3w=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Sun, 07 Jan 2024 06:26:01 GMT
x-msedge-ref
Ref A: DCDDCD0D9A864F64AAFFDC1B7A2A29DF Ref B: AMS231032605027 Ref C: 2024-01-07T06:26:01Z
content-length
0
x-cache
CONFIG_NOCACHE
metric
edge-auth.microsoft.com/ Frame 873D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://edge-auth.microsoft.com/metric
Requested by
Host: edge-auth.microsoft.com
URL: https://edge-auth.microsoft.com/v0.5/js/ms_auth_server_button.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.158 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
bingforbusiness.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'nonce-0pBjrq3cBDei6gBjDa3keYJV39l3rqbMxO0+8ScaJUbj1ZbqML4l1UMnfr+xEBimJ7N2Asf/gTlUnOfVo5Jidmvl3kuw6Zxq1TYj+wLeJCBTEDgSt1gjDULMChb0hYANqoVXiMV4U1u4U0dkJiZ8cUwBaiowQ/mvvfBikNhYHtA=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';

Request headers

Referer
https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=67a985be-4d7f-4074-844d-83c5c6c78e72&send_session_started=true&client_id=9e0f1475-e4d9-4f30-8a31-99ca6d85282f&locale=en-US&context=signin
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
script-src 'strict-dynamic' 'nonce-0pBjrq3cBDei6gBjDa3keYJV39l3rqbMxO0+8ScaJUbj1ZbqML4l1UMnfr+xEBimJ7N2Asf/gTlUnOfVo5Jidmvl3kuw6Zxq1TYj+wLeJCBTEDgSt1gjDULMChb0hYANqoVXiMV4U1u4U0dkJiZ8cUwBaiowQ/mvvfBikNhYHtA=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Sun, 07 Jan 2024 06:26:01 GMT
x-msedge-ref
Ref A: 219819F96E434FA6AED26D26084E7C41 Ref B: AMS231032605027 Ref C: 2024-01-07T06:26:01Z
content-length
0
x-cache
CONFIG_NOCACHE
gtm.js
www.googletagmanager.com/ 		231 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NFGNKKG&l=mpartical
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d33c5987823e42d0e01b4f88ecba283d04d36292837cb858d74bb6cc3a7e866f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75174
x-xss-protection
0
last-modified
Sun, 07 Jan 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 07 Jan 2024 06:26:01 GMT
js
www.googletagmanager.com/gtag/ 		264 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dc9040810df8915022883b6323c27452a2658a2126b54ce10f70cc1429d875f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 07 Jan 2024 06:26:01 GMT
ribn.min.js
assets.ribn.com/production/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ribn.com/production/ribn.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:91b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d22c2b457592d1f744afe93fdca6657e1985e47f0fade89674ae45ebce1d6428

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
via
1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA50-C1
age
5246
x-cache
Hit from cloudfront
last-modified
Wed, 28 Oct 2020 14:49:59 GMT
server
cloudflare
etag
W/"6b213f30955b664fd78dc9e388b17e54"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
841a20795bd43684-FRA
x-amz-cf-id
T4Q3UOzGBM6kK_qZS6FsxG_6jcuJ1UqWRKkGOja1AwzgQsMsJHahrw==
expires
Sun, 07 Jan 2024 10:26:01 GMT
ribn-postmedia.min.js
assets.ribn.com/v2/production/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ribn.com/v2/production/ribn-postmedia.min.js
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:91b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c81cab8c63d469329c0e0724770c6c8622f0d5d1fb8b6f919b6d7dddfadba190

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA50-C1
age
975
x-cache
Hit from cloudfront
last-modified
Wed, 01 Sep 2021 18:06:03 GMT
server
cloudflare
etag
W/"baaa6497dd2dea88d8fdb6d6cca08cf2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
841a20795bd63684-FRA
x-amz-cf-id
fIhTC6RNRsbC3otE-7lTux7T2Nd--Y2oY_ij3XSCz3MahL9-9BnDPw==
expires
Sun, 07 Jan 2024 10:26:01 GMT
FFz78aBF-120.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/PLQkjmPj/poster.jpg?width=120
  • https://assets-jpcust.jwpsrv.com/thumbnails/FFz78aBF-120.jpg
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/FFz78aBF-120.jpg
Protocol
H2
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
27e80871c8e74e873a0e85fd9e0027e1917b9bcb3ace3641d8b553578a45e9a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
692
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
7499
x-served-by
cache-iad-kiad7000135-IAD, cache-fra-eddf8230131-FRA
last-modified
Wed, 20 Dec 2023 21:29:19 GMT
server
nginx
x-timer
S1704608762.839181,VS0,VE1
etag
"023f311021b512f28ba68f0e01c5ce83"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
8699, 1

Redirect headers

date
Sun, 07 Jan 2024 06:25:54 GMT
via
1.1 df0aa1ee2f3a5b8f1aa2a31aa4b7db86.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
PRG50-C1
age
7
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/FFz78aBF-120.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Hit from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
f8zdy881TRl6eb7lCIN_xjz6nd_3GNMMk-BM-aOhH2GVW5SuaFQfKw==
js
www.googletagmanager.com/gtag/ 		264 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-60TQYJ3HTT&l=gtm_data_layer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
104a0949326837e3aa7a8647a06c3a81abea87676eae5e991dd2b9a40f6b2f1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91329
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 07 Jan 2024 06:26:01 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 07 Jan 2024 05:22:25 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3816
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 07 Jan 2024 07:22:25 GMT
marfeel-sdk.js
sdk.mrf.io/statics/ 		156 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:325a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7f6e2585f4bb89f9d5c4bf0bfdf2d8637fd97a0818ca76fe281eb7229e8fbf6

Request headers

Referer
https://www.leducrep.com/
Origin
https://www.leducrep.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-response-time
1ms
date
Sun, 07 Jan 2024 06:26:03 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Fri, 05 Jan 2024 21:34:39 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1800
x-envoy-upstream-service-time
8
accept-ranges
bytes
cf-ray
841a207c0bf53df9-SIN
alt-svc
h3=":443"; ma=86400
content-length
45824
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2aa7779577c8f4ff268d5bbd5b13b7d577930c1824b43b4b5442d4c92a695154
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 07 Jan 2024 06:26:01 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54372
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
hhg0lalCvhT6LHzYDQh5LqVvO6KutHadB4TSFjr3822+V4wVMz+N8Bnm4mQELWLmqV07OorPIWHnvXFOHJjNgg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
tag.min.js
get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-71.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7fdeb1c6fd18e0f486055ae90b9c37c166cd1b455157daa7de08f4271ac696ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
XfYprRTzfIx5sUT1DKibUZklTDJ88StC
content-encoding
gzip
via
1.1 aa90ed38e679f04bd48e055cce602e20.cloudfront.net (CloudFront)
date
Sun, 07 Jan 2024 01:43:59 GMT
last-modified
Thu, 24 Aug 2023 11:20:32 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
16995
x-amz-server-side-encryption
AES256
etag
W/"10ba0dba424c8954df3533bfd881e874"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
7QX9oc-wvPq0uqfh2bBK7lR0hxxPRtAIGqnDkgEgaP0dtR9uHvad_Q==
p.js
cdn.parsely.com/keys/leducrep.com/ 		58 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/leducrep.com/p.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.97.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-97-61.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
efea12f2147c9eafe82af9d2d615a7bff841b7dd229c02c52d2a03154445dd97

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
public
date
Sat, 06 Jan 2024 08:56:29 GMT
content-encoding
gzip
via
1.1 91afcef6d5c7e90d0a4bb2c3a456c690.cloudfront.net (CloudFront)
last-modified
Tue, 03 Oct 2023 13:34:56 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
age
77372
etag
W/"651c1880-e656"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
41q40TRh_X9rS3bxA07vLCNf5bHM50nL-2LvrrdjTGAS1S1ciWAywQ==
expires
Sun, 07 Jan 2024 08:56:29 GMT
collect
region1.analytics.google.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-72QH41ZTMR&gtm=45je4130v880952817z879194588&_p=1704608761684&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=612804346.1704608762&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1704608761&sct=1&seg=0&dl=https%3A%2F%2Fwww.leducrep.com%2F&dt=Home%20%7C%20Leduc%20Representative&en=page_view&_fv=1&_ss=1&tfd=2058
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.leducrep.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-72QH41ZTMR&cid=612804346.1704608762&gtm=45je4130v880952817z879194588&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.leducrep.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-72QH41ZTMR&cid=612804346.1704608762&gtm=45je4130v880952817z879194588&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=773041840
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2
api.viafoura.co/v2/www.leducrep.com/bootstrap/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/www.leducrep.com/bootstrap/v2
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4847:e5f9:63eb:8cb4:6f23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
72242e4acc05b52056c9370496f443e3c56ef196ad3aee13739d149726f517f2

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

x-instance-id
i-00c9149e86379db4e
pragma
no-cache
date
Sun, 07 Jan 2024 06:26:02 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.leducrep.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Sun, 07 Jan 2024 06:26:02 GMT
collect
www.google-analytics.com/j/ 		4 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=68042329&t=pageview&_s=1&dl=https%3A%2F%2Fwww.leducrep.com%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Leduc%20Representative&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACAABBAAAACAEK~&jid=2011150092&gjid=512654383&cid=612804346.1704608762&tid=UA-213173459-6&_gid=1885440670.1704608762&_r=1&_slc=1&gtm=45He4130n81P3Q4QHWv854753396&cd2=2024-01-07T07%3A26%3A01.801%2B01%3A00&cd7=anonymous&cd17=0&cd23=Leduc%20Representative&cd24=Cheetah&cd25=15.1.1&cd26=v93.0&cd27=0&cd28=GTM-P3Q4QHW&cd29=55&cd31=index&cd52=index&cd65=false&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd1=612804346.1704608762&z=289085908
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.leducrep.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
1685973801652415
connect.facebook.net/signals/config/ 		142 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1685973801652415?v=2.9.139&r=stable&domain=www.leducrep.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c3a1e19ae447c458c806cec0f399a8b654602801a1b68e7c0341562c22b90f7e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 07 Jan 2024 06:26:02 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
QHB8CSlventdRFdtQ83zPZyIxjgBC56+lYrmA1TIrqTeeKwLngeFVJFgsMct9dN72GGOo7OU+ElxXw8p7RDPTg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-60TQYJ3HTT&gtm=45je4130v880952820z8854753396&_p=1704608761686&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=612804346.1704608762&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&dl=https%3A%2F%2Fwww.leducrep.com%2F&sid=1704608761&sct=1&seg=0&dt=Home%20%7C%20Leduc%20Representative&en=page_view&_fv=1&_ss=1&ep.debug_mode=false&ep.gtm_version=55&ep.gtm_container_id=GTM-P3Q4QHW&ep.ad_blocker_enabled=false&ep.user_status=anonymous&ep.page_type=index&ep.platform=Cheetah&ep.platform_version=15.1.1&ep.fem_version=v93.0&ep.brand=Leduc%20Representative&ep.timestamp=2024-01-07T07%3A26%3A01.927%2B01%3A00&ep.ga_client_id=612804346.1704608762&ep.main_category=index&ep.metered_content=false&up.client_id=612804346.1704608762&tfd=2133
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-60TQYJ3HTT&l=gtm_data_layer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.leducrep.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-60TQYJ3HTT&cid=612804346.1704608762&gtm=45je4130v880952820z8854753396&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-60TQYJ3HTT&l=gtm_data_layer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.leducrep.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-60TQYJ3HTT&cid=612804346.1704608762&gtm=45je4130v880952820z8854753396&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=2083733641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
state
api.permutive.com/v1.0/ 		0
34 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
/
p1.parsely.com/plogger/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1704608761941&plid=7e32ba7b-ada5-4a5d-b76d-ceea3e950205&idsite=leducrep.com&url=https%3A%2F%2Fwww.leducrep.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22login_status%22%3A%22anonymous%22%7D&sid=1&surl=https%3A%2F%2Fwww.leducrep.com%2F&sref=&sts=1704608761939&slts=0&title=Home+%7C+Leduc+Representative&date=Sun+Jan+07+2024+07%3A26%3A01+GMT%2B0100+(Central+European+Standard+Time)&action=pageview&pvid=d3bb3e89-33c0-4726-84b7-b14e4308aa59&u=pid%3Dd4d5abce-dadf-4c11-b2d8-2fb32a319c0b
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.99.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-99-225.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sun, 07 Jan 2024 06:26:02 GMT
Cache-Control
no-cache
Last-Modified
Sunday, 07-Jan-2024 06:26:02 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		0
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-fra-eddf8230040-FRA
date
Sun, 07 Jan 2024 06:26:02 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1704608762.012821,VS0,VE2
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
identify
identity.mparticle.com/v1/ 		175 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e4f77d4fc1b2f6ef7ec75aefbb3a20147cf10afd2de2de2fcd484623afabb302
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us1-99b65fde89a1a145894d2d51d283cc83
Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 07 Jan 2024 06:26:02 GMT
content-encoding
gzip
via
1.1 varnish
x-mp-max-age
86400
strict-transport-security
max-age=900
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-cache
MISS
x-served-by
cache-fra-eddf8230067-FRA
server
Kestrel
x-timer
S1704608762.956382,VS0,VE121
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-fastly-trace-id
3589671160
accept-ranges
bytes
x-cache-hits
0
identify
api.permutive.com/v2.0/ 		50 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
0e935e79b3b0221c5baaed71640b023404a24bacc5e945c8a2fcc820ea0437c7

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 07 Jan 2024 06:26:01 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.leducrep.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-fra-eddf8230040-FRA
date
Sun, 07 Jan 2024 06:26:02 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1704608762.012806,VS0,VE4
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
v2
api.viafoura.co/v2/www.leducrep.com/bootstrap/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/www.leducrep.com/bootstrap/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4847:e5f9:63eb:8cb4:6f23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.leducrep.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
access-control-allow-origin
https://www.leducrep.com
access-control-max-age
1728000
cache-control
max-age=0
date
Sun, 07 Jan 2024 06:26:02 GMT
expires
Sun, 07 Jan 2024 06:26:02 GMT
server
nginx/1.18.0 (Ubuntu)
identify
identity.mparticle.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-mp-key
Access-Control-Request-Method
POST
Origin
https://www.leducrep.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
age
1983
date
Sun, 07 Jan 2024 06:26:01 GMT
server
Kestrel
strict-transport-security
max-age=900
via
1.1 varnish
x-cache
HIT
x-cache-hits
517
x-fastly-trace-id
3589671130
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-fra-eddf8230067-FRA
x-timer
S1704608762.949357,VS0,VE0
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-213173459-6&cid=612804346.1704608762&jid=2011150092&gjid=512654383&_gid=1885440670.1704608762&_u=YCDACAAABAAAACAEK~&z=514149616
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 07 Jan 2024 06:26:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.leducrep.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
audiences
api.permutive.com/audience-matching/v1/id/68346cd5-d3d7-498d-a8bc-8f9b5b4f0bdc/ 		12 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/audience-matching/v1/id/68346cd5-d3d7-498d-a8bc-8f9b5b4f0bdc/audiences?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 07 Jan 2024 06:26:02 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
content-type
application/json
/
onetag-geo.s-onetag.com/ 		555 B
963 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-41.fra56.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:02 GMT
via
1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront), 1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2, FRA56-P5
x-amzn-requestid
f1b1c410-cbb2-4d8a-a3d4-3d1be782119f
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
RJ-PIG0ECYcELOQ=
content-length
555
x-amz-cf-id
EtLQvPzX5JWw6a5urgX7xMQVsK1cbV21CklJE02yWIrcfJaFz_nOQA==
beacon.min.js
signal-beacon.s-onetag.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-68.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0a16378462c7afcb27d8e14cf50e2cd3a8980af2895d20622640b096920719e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
bto3eb0o1YxjKQVMPWidTjdqvOBrBN1F
content-encoding
gzip
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
date
Sun, 07 Jan 2024 03:39:24 GMT
last-modified
Tue, 13 Jun 2023 14:58:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
9999
x-amz-server-side-encryption
AES256
etag
W/"565eb88b90415391668a5cb7cfb4557a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
3G9Z6YknBb0jlgHMPASVt2T5ds3RZ7toe-4I9GQHz8EQgL_5GTD-iw==
ga-audiences
www.google.com/ads/ 		42 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-213173459-6&cid=612804346.1704608762&jid=2011150092&_u=YCDACAAABAAAACAEK~&z=28200451
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-213173459-6&cid=612804346.1704608762&jid=2011150092&_u=YCDACAAABAAAACAEK~&z=28200451
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cx-overlay.js
tags.catapultx.com/cxo/ 		127 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.catapultx.com/cxo/cx-overlay.js
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/cx-bootstrapper-init
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
9fba1b0797e04bb4e94dffcf9068f89e75b4fa5569dc9efcb5aa72275435457b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:02 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Wed, 13 Dec 2023 15:55:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"121"
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OEoBeFwBzbQfe%2BPXa%2FxD5eRjmuf4COuurGkm9Lo3di%2FSIlL%2FBztXKlIVvP2LU5zv0FKUsiaaPtnzr2Zo52Q6BXNiM8y6scME8ivqf%2B3RNFEU2%2BXYbt9jP2Jxmkh2uBABS7ddxcvVDnqZTpud64IYfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=180
cf-ray
841a207ab97418d4-FRA
/
onetag-geo.s-onetag.com/ 		555 B
960 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-41.fra56.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:02 GMT
via
1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront), 1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2, FRA56-P5
x-amzn-requestid
f1b1c410-cbb2-4d8a-a3d4-3d1be782119f
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
RJ-PIG0ECYcELOQ=
content-length
555
x-amz-cf-id
Lt0T-NK5FkbJ2O4wcKbbl1qOiWInYFXQ-8-hA-xBWT1cQeaimN0Ybw==
events
jssdks.mparticle.com/v3/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		41 B
156 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v3/JS/us1-99b65fde89a1a145894d2d51d283cc83/events
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
27935a472399d9f95aa1624556308ed45f45bef82f3000fd0409cd2ae826c126

Request headers

Accept
text/plain;charset=UTF-8
Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-fra-eddf8230040-FRA
date
Sun, 07 Jan 2024 06:26:02 GMT
content-encoding
gzip
via
1.1 varnish
server
Kestrel
x-timer
S1704608762.088861,VS0,VE3
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1685973801652415&ev=PageView&dl=https%3A%2F%2Fwww.leducrep.com%2F&rl=&if=false&ts=1704608762101&sw=1600&sh=1200&v=2.9.139&r=stable&ec=0&o=4126&fbp=fb.1.1704608762099.1172638786&cs_est=true&ler=empty&it=1704608761923&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 07 Jan 2024 06:26:02 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
jload
pixel.adsafeprotected.com/ Frame 6B96 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=928934&campId=300x250&pubId=4811995650&chanId=21729720023&placementId=6404573011&pubCreative=138455016631&pubOrder=3265484082&cb=1363016801&custom=index&custom2=2&adsafe_par&impId=a052f38c-ad25-11ee-b0c2-025c7d14b065
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.121.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-121-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b15c40dd94433a3ceff1cb7b8d3984045b9287456c9f0a6497d96bcc0bf9f094

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:02 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 081F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsueBMUiG9KVHOZf3tjg4iK2RU66igCs07ARe6sV2aAvLJGZ9Mth8RVlMkxSDK6j4CJdKVBI5DHe4vb0yxFlPsvowlMCdWw4a2BupC1O_QnigmI4FesAyKclUF7IkUrWGfiVok749AUh9dcxv-qzJl3D69n8tZ6FqoolojrcYK08wVe_2Mb4FVySdDP7R36FHca9S9561iNoZzRhgf1m7lusBD8edTQQdYxcpwPPvy75FXXbeEwrpb6cC-4ksyTQZy48kzdLu_4gcKpw7s6m6gyb9pUj7JC-4e1aTdN7iABWOXt84ZckAsE7AFI9PkpjIWudoerncEMHRLhugXe1dy3-EW7B4kfyTtEYS5eJ4Nk-EfnwgNhwqzkqaMbmJpWYDst43Xovu7L0&sai=AMfl-YRoIkI8QYWRSD4h18Yyc1_LUXRQvYIPTg-EOibAGC9ypCYxd4MRVOtMS_X4y419Q3zqEM7p_CUg86IOLtQiIpM5XgtIdb2OpWSEDhfc7hhCsdFC1q-xDnZ8nujm73CUO-WDj2klJnzaSRSZOMq5tBo&sig=Cg0ArKJSzB1bOumY8asBEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 07 Jan 2024 06:26:02 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 081F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 18:15:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
43813
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 Jan 2024 18:15:49 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 081F 		204 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=44809772
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9edd5080ba31477d99e1ea20b721b25107635f954e55b74d6519d37e9f939f29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 05:53:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
1967
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62690
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 07 Jan 2024 06:53:15 GMT
13464713703624624285
tpc.googlesyndication.com/simgad/ Frame 081F 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13464713703624624285
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6e3d179d834b1629e4aa452fc1a55911bf2dded83a97e80a4fb50a2b619728e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Wed, 01 Jan 2025 09:29:23 GMT
date
Tue, 02 Jan 2024 09:29:23 GMT
x-content-type-options
nosniff
age
420999
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62241
x-xss-protection
0
last-modified
Thu, 16 Nov 2023 21:58:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
container.html
53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7007 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.leducrep.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 07 Jan 2024 06:26:01 GMT
expires
Mon, 06 Jan 2025 06:26:01 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-72QH41ZTMR&gtm=45je4130v880952817z8880952820&_p=1704608761684&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=612804346.1704608762&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEI&_s=2&sid=1704608761&sct=1&seg=0&dl=https%3A%2F%2Fwww.leducrep.com%2F&dt=Home%20%7C%20Leduc%20Representative&en=ad_impression&_c=1&ep.query_id=CKb22b3SyoMDFYGogwcdZ54AtA&_et=310&tfd=2371
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.leducrep.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-72QH41ZTMR&gtm=45je4130v880952817z8880952820&_p=1704608761684&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=612804346.1704608762&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEI&_s=3&sid=1704608761&sct=1&seg=0&dl=https%3A%2F%2Fwww.leducrep.com%2F&dt=Home%20%7C%20Leduc%20Representative&en=ad_impression&_c=1&ep.query_id=CO2s3b3SyoMDFYGogwcdZ54AtA&_et=2&tfd=2376
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.leducrep.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-60TQYJ3HTT&gtm=45je4130v880952820&_p=1704608761686&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=612804346.1704608762&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEI&_s=2&dl=https%3A%2F%2Fwww.leducrep.com%2F&sid=1704608761&sct=1&seg=0&dt=Home%20%7C%20Leduc%20Representative&en=ad_impression&_c=1&ep.debug_mode=false&ep.gtm_version=55&ep.gtm_container_id=GTM-P3Q4QHW&ep.ad_blocker_enabled=false&ep.user_status=anonymous&ep.page_type=index&ep.platform=Cheetah&ep.platform_version=15.1.1&ep.fem_version=v93.0&ep.brand=Leduc%20Representative&ep.timestamp=2024-01-07T07%3A26%3A01.927%2B01%3A00&ep.ga_client_id=612804346.1704608762&ep.query_id=CKb22b3SyoMDFYGogwcdZ54AtA&_et=245&tfd=2378
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-60TQYJ3HTT&l=gtm_data_layer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.leducrep.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-60TQYJ3HTT&gtm=45je4130v880952820&_p=1704608761686&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=612804346.1704608762&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEI&_s=3&dl=https%3A%2F%2Fwww.leducrep.com%2F&sid=1704608761&sct=1&seg=0&dt=Home%20%7C%20Leduc%20Representative&en=ad_impression&_c=1&ep.debug_mode=false&ep.gtm_version=55&ep.gtm_container_id=GTM-P3Q4QHW&ep.ad_blocker_enabled=false&ep.user_status=anonymous&ep.page_type=index&ep.platform=Cheetah&ep.platform_version=15.1.1&ep.fem_version=v93.0&ep.brand=Leduc%20Representative&ep.timestamp=2024-01-07T07%3A26%3A01.927%2B01%3A00&ep.ga_client_id=612804346.1704608762&ep.query_id=CO2s3b3SyoMDFYGogwcdZ54AtA&_et=1&tfd=2381
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-60TQYJ3HTT&l=gtm_data_layer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.leducrep.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 081F 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af162dff6298ff4658ce0d470ac6d7f4bdbf4c9b37ff38ab2807e4e0ef2dc5e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
rtb
rtb.ads.travelaudience.com/ Frame B31C 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.ads.travelaudience.com/rtb?ads=30000567.16.0.70017798.0.0..0.DE.-1..WCFkB71VQRro3ZpXl41jTw%3D%3D.60028487.OTk5JTJjMQ==...WCFkB71VQRro3ZpXl41jTw%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCopZk-UOaZa3MJIHRjuwP57yCoAvKkbX7ctPipc7RCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NjExMDUzNjYyNjEzMzkwyAEJqQITD9A53FuyPuACAKgDAcgDAqoEqwJP0PIoGbkdCkI9pJMSR_xlQIkcxdtJw2kBymI_Djr3PwMbIoJDAhz73ZEfMd4zpWSMs2X4iuKFR9svvs3HS8b7FUb-JOrX5IU8vBWBX7DCwnHF5C9rZTVd51tyNjXboh6XLCXu_GTn0MWNnsWuWcpRWYJr7F7_bCrgIrfbiSyxdXu8uL-lHLXTLqUZBb0Mys8HBBPIdMfvwW2IcG6MRkVAaE0ahJ756Fw1mw2HOll1F_1ylHOnmxyZsp1ATeaSw00N-Wz6QULwnKzZRg_0sl7X8KWCHY-YIgyRaO32uU19RiqvNiwiPQDA52KfiiUd12m7Ii7u4JzFiFTSHlYxVcnISIHk6OeS_Izm9R65vm3byF11MgLomAr2RaNV6Tz1PTxtAfOSN3HvES5eH-AEAYAGtZPZmrvjkP8eoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YBwEAEyAusCOgKAQEi9_cE6WMn92L3SyoMD-gsCCAGADAHiDRMIpfbZvdLKgwMVgaiDBx1nngC00BUBgBcB%26num%3D1%26sig%3DAOD64_3oYByg6fjw1ftF-R2xD0VWHJ05QA%26client%3Dca-pub-5611053662613390%26adurl%3D&googlewinningprice=ZZpD-QAJJi0Hg6iBAACeZ8jnld7qzJkeSTogRg&wpc=EUR&site=www.leducrep.com&slotvisibility=1&gcpm=4813594&gpos=1&bidder=bidder-rtb-production-7c77b89f8c-v8rnc&dv=1&uuid=&suid=&brq=1n5SGr3JJt09kJiAlYEB5Gqq8odzhGWkk_aGPA&ssp_id=0&l=en&ts=1704608761&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=rkQ7ieuZL_-epQ8J8f5p7BG8LiayuEilStTPELxmszA=
Requested by
Host: 53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com
URL: https://53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.187.184.108 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
108.184.187.35.bc.googleusercontent.com
Software
/
Resource Hash
ebd1b6e9d7e32fd1080d3510adc18f5111d882c980a668a77c1ef24328020c9f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 07 Jan 2024 06:26:02 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-engine-version
0.0.0
x-host
deliveryengine-rtb-production-b78967497-rtkrp
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 7007 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js
Requested by
Host: 53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com
URL: https://53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 18:15:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
43813
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 Jan 2024 18:15:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 7007 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com
URL: https://53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 10:12:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
72802
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8523
x-xss-protection
0
server
cafe
etag
16500369019378894752
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 Jan 2024 10:12:40 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7007 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com
URL: https://53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 10:17:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
158898
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 04 Jan 2025 10:17:44 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 7007 		204 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=44809772
Requested by
Host: 53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com
URL: https://53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9edd5080ba31477d99e1ea20b721b25107635f954e55b74d6519d37e9f939f29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 05:53:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
1967
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62690
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 07 Jan 2024 06:53:15 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 081F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvcApDgU74SpVE47UVxO1Z8KfVEbZaGdt6X_XDQ7ryRDPNKxA9wQ_T2o3AyqP8RZgp8LPtEMJ42t0aZRL4-tFLFfoa-ki1dyq9JygMAuAXrqYDoawkCIUgMbec5hItE-amU5n818oVjZ3tMKCvIGPm_GLWXzHPqmchvVIkUfyPQhdNc6vqD8_DNmWKx5teypaUXsrbxSo5gVpwz2hH2p8lH1fJYibG6bc0gbljOB4YDN7Dc2oRxSmlucCQPcVRCkDKJaFpwUEnkmMhrnC40gN3Cu92MZsY-sKnowttvaefCBhkTSEqtUaSxXd9QnrKwA_L0LObEOwaKOZUG56RyQn8h8-YkWA6_4keRxcFtnjl5OBGRFSqeWvQcas5Y4YOkZE-a0O5u13ZxRIQ&sai=AMfl-YQYSRKxwD1zeBR5MEHbnqsNTGyOrLu_VEThTYEWt-RDMSxW0z-GXJm-m6EM-cn7fiFXrcocmEEw8Y37ItpCI-qvMpNsawLH80AM16Evw5ZslCKW77tVL_ZZEH0uAHwmMa6kYt1YSjB5VLsTp0mWunc&sig=Cg0ArKJSzInXDBvtZbw0EAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=44809772
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 07 Jan 2024 06:26:02 GMT
truncated
/ Frame 7007 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af5c29046b83ccf4ce7371d31702e118852796b685f9fb2d9d4a7e5858d4a295

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame 7007 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=ChzId-UOaZa3MJIHRjuwP57yCoAvKkbX7ctPipc7RCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NjExMDUzNjYyNjEzMzkwyAEJqQITD9A53FuyPuACAKgDAcgDAqoEqAJP0PIoGbkdCkI9pJMSR_xlQIkcxdtJw2kBymI_Djr3PwMbIoJDAhz73ZEfMd4zpWSMs2X4iuKFR9svvs3HS8b7FUb-JOrX5IU8vBWBX7DCwnHF5C9rZTVd51tyNjXboh6XLCXu_GTn0MWNnsWuWcpRWYJr7F7_bCrgIrfbiSyxdXu8uL-lHLXTLqUZBb0Mys8HBBPIdMfvwW2IcG6MRkVAaE0ahJ756Fw1mw2HOll1F_1ylHOnmxyZsp1ATeaSw00N-Wz6QULwnKzZRg_0sl7X8KWCHY-YIgyRaO32uU19RiqvNiwiPQDA52KfiiUd12m7Ii7u4JzFiFTSHlYxVcnISIGm6sYAbiIJ_IFWl8hMzc_KKiXiNQDYXRPmZjlniIlALesCvIbmjuAEAYAGtZPZmrvjkP8eoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YBwEAEyAusCOgKAQEi9_cE6WMn92L3SyoMDgAoD-gsCCAGADAHiDRMIpfbZvdLKgwMVgaiDBx1nngC00BUBgBcBshccChoSFHB1Yi01NjExMDUzNjYyNjEzMzkwGM31EQ&sigh=bgaPyokGjG0&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_rZi-c8fwed5BX3lShTKs6RArGP3PHAfVF8XiQvV3iS9VebMHXS8xZev7CaYdGvH7c6hIX4cqvv_5v02iJLrB2zZyZy5kFX2Q0hgB&cbvp=2&vis=1
Requested by
Host: 53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com
URL: https://53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401020101&jk=50067298834188&bg=!KCulK2TNAAY3kmNgF5I7ADQBe5WfOA57XkL3aAyM68TBmbKK2ipM281EWzXRpsl3sqDQ9jYjd7YPj57m9NK9Q5k7zEceAgAAADRSAAAAAmgBBwoARm44crgIkom-jDmAAByePUQjFIAr22ZYMumLhSLiwPYlaRGZsnQBelVvT8PTnKO5cfC2R4m7H-tafAiNsdnkW9ITmNYWJluZArBY1zx3mwEq7ZaZVzqrswKqC3ejA7VXtWYZkTLRsVCH4lkV4uggxTSJWPnIxotO5m5hkTAdAIenU4Dj2bSvySaTG0IRpKiD39EmH_ezJnmHyzgBPpenKPfhjvqcHbxJsyMxYtEKSv7KnpB7deD4dgKgaJeGtf5kCbVaet2-dP7Ts9UesaWGRabM_ItIWMJtKkWa5Gdnrh9-WwlfgWk9WrAlNO_CapIjxGO26YALIc4xqJMCut2ELCPvl7Kx7RUc4eymroi8UBDy2cU5vAkiPYa9iqgQy6wJevbAdgHXs1yl5CO-4IybuqYmiO6nEprYg90Td-vUT4_R9U0ReloC8aBP12WmCKWjt53Z9_Xp7m2kij3t6nB6JylCIo-ICPn9gG_gN3Xz4HHNACFlNFw-d3OMTCdYrWOxSVXXDxjgL1W41kHHT7XzEyHaXK-W5WPhiWxQKY6XpQpitGPVPNWRTuc9PRZqVx9aqJNqoL5jK5bQedr5v9IbGAoAOPDocZowzfAY2Sbt_bBb9xxmEQppCqWlgTAP7GW2ka--uWvvb-vMvTZ2HFIPTH1vGnQXsOtD-ldxOmA7ta1ZfjIf2cwUxKywuaT0AGuEfL1hNHR5gYzOuYqYx46hMI6awaVcxxQc2RhzsZOVeO9BGdKCBbXQz9NxHGSR-xI5Rt3FGOGJDtVt4eHH8N2P9vbNCTD_J2ANUGiGvTK3Iblpfn60e0vXXnQnqy_L614Lb6GyNM38hgyreGWbb_3H59OyS3K5484dSLzQHIbPkxzKdKojSg4NMYKx-Zk3PVY5sa6stfZI7YUr1h4mcfdD2hYcjlsSfPV29Pw_nEx_Hjztp81szJgmXYODHpgGq0GH_-ky61wHHweZVIksnbpV-CeQiTxXRWJ0vo_L8naqTs5JNF0g0IhD27rH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
main.19.8.466.js
static.adsafeprotected.com/ Frame 6B96 		213 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.466.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=928934&campId=300x250&pubId=4811995650&chanId=21729720023&placementId=6404573011&pubCreative=138455016631&pubOrder=3265484082&cb=1363016801&custom=index&custom2=2&adsafe_par&impId=a052f38c-ad25-11ee-b0c2-025c7d14b065
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:9200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8acc1f1025dcaf26f8f860f726b3a05a701b77eb685301d4f25bc8339bbf891f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 20:53:12 GMT
x-amz-version-id
xzgJjX2ySahBlQ72zDUgnxljnut_sNmJ
content-encoding
gzip
via
1.1 7be6cb2d0156b563b6b1c8f2595ddd52.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
2107970
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 13 Dec 2023 19:37:51 GMT
server
AmazonS3
etag
W/"eac384b0904b6f5677cb58a4d4e104c8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
87aIMJdVQzSghpeQZZ-MxeILH4SoB2bPy16W4JI8NX9J5TZwskQWFg==
usync.html
eus.rubiconproject.com/ Frame A662 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/bidding.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.leducrep.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 07 Jan 2024 06:26:02 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E52F 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.96.187 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-96-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.leducrep.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=116105
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sun, 07 Jan 2024 06:26:02 GMT
expires
Mon, 08 Jan 2024 14:41:07 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 6455 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.30.1/bidding.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.leducrep.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
236
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
841a207c79b3383d-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 07 Jan 2024 06:26:02 GMT
expires
Sun, 07 Jan 2024 10:26:02 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
el.ashx
ads.travelaudience.com/ Frame B31C 		631 B
675 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.travelaudience.com/el.ashx?__trackerRequestId=0.654330512704321&adPos=&ai1=1%3B30000567%3B16%3B1%3B%3B%3B0%3B-1%3B%3B%3B%3BWCFkB71VQRro3ZpXl41jTw%3D%3D%3B60028487%3B999%252c1%3B%3B%3B2%3B4%3B50006134%3BWCFkB71VQRro3ZpXl41jTw%3D%3D%3BEUR%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B70017798%3B1n5SGr3JJt09kJiAlYEB5Gqq8odzhGWkk_aGPA%3BEUR%3B2%3B%3B%3B%3B%3B0%3B%3B&aid=&an=&ask=&at=1&bc=1&bd=bidder-rtb-production-7c77b89f8c-v8rnc&bnr=0&brq=1n5SGr3JJt09kJiAlYEB5Gqq8odzhGWkk_aGPA&di=&did=-1&dnt=&dv=1&ed=&ev=ic&fm=728x90&gcpm=4813594&gctr=&ia=0&id5Decr=&id5Encr=&id5PID=&id5Src=&iid=&ilt=&ir=0&ld=&mai=&mat=1&mid=&na=&no=&oo=&pb=90000&pos_old=&rg=1&rts=&salt=01&sc=&site=www.leducrep.com&ssp=0&sv=1&tsf=&ua=&uc=DE&ucy=&uuid=C5197F1F-47FD-48EB-B0F0-091234F6668C&view=&vrt=&vw=&wp=ZZpD-QAJJi0Hg6iBAACeZ8jnld7qzJkeSTogRg
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000567.16.0.70017798.0.0..0.DE.-1..WCFkB71VQRro3ZpXl41jTw%3D%3D.60028487.OTk5JTJjMQ==...WCFkB71VQRro3ZpXl41jTw%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCopZk-UOaZa3MJIHRjuwP57yCoAvKkbX7ctPipc7RCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NjExMDUzNjYyNjEzMzkwyAEJqQITD9A53FuyPuACAKgDAcgDAqoEqwJP0PIoGbkdCkI9pJMSR_xlQIkcxdtJw2kBymI_Djr3PwMbIoJDAhz73ZEfMd4zpWSMs2X4iuKFR9svvs3HS8b7FUb-JOrX5IU8vBWBX7DCwnHF5C9rZTVd51tyNjXboh6XLCXu_GTn0MWNnsWuWcpRWYJr7F7_bCrgIrfbiSyxdXu8uL-lHLXTLqUZBb0Mys8HBBPIdMfvwW2IcG6MRkVAaE0ahJ756Fw1mw2HOll1F_1ylHOnmxyZsp1ATeaSw00N-Wz6QULwnKzZRg_0sl7X8KWCHY-YIgyRaO32uU19RiqvNiwiPQDA52KfiiUd12m7Ii7u4JzFiFTSHlYxVcnISIHk6OeS_Izm9R65vm3byF11MgLomAr2RaNV6Tz1PTxtAfOSN3HvES5eH-AEAYAGtZPZmrvjkP8eoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YBwEAEyAusCOgKAQEi9_cE6WMn92L3SyoMD-gsCCAGADAHiDRMIpfbZvdLKgwMVgaiDBx1nngC00BUBgBcB%26num%3D1%26sig%3DAOD64_3oYByg6fjw1ftF-R2xD0VWHJ05QA%26client%3Dca-pub-5611053662613390%26adurl%3D&googlewinningprice=ZZpD-QAJJi0Hg6iBAACeZ8jnld7qzJkeSTogRg&wpc=EUR&site=www.leducrep.com&slotvisibility=1&gcpm=4813594&gpos=1&bidder=bidder-rtb-production-7c77b89f8c-v8rnc&dv=1&uuid=&suid=&brq=1n5SGr3JJt09kJiAlYEB5Gqq8odzhGWkk_aGPA&ssp_id=0&l=en&ts=1704608761&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=rkQ7ieuZL_-epQ8J8f5p7BG8LiayuEilStTPELxmszA=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.0.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.0.190.35.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:02 GMT
content-encoding
gzip
x-engine-version
0.0.0
via
1.1 google
server
nginx/1.21.6
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
content-type
image/jpeg
x-host
tde-deliveryengine-production-5db7bf8975-zbkn2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
728x90_Abu_Dhabi_Winter_Culture_EN.gif
static.travelaudience.com/img/import/AbuDhabi_DMO/Abu_Dhabi_Winter_R3_EN_banners/ Frame B31C 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.travelaudience.com/img/import/AbuDhabi_DMO/Abu_Dhabi_Winter_R3_EN_banners/728x90_Abu_Dhabi_Winter_Culture_EN.gif
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000567.16.0.70017798.0.0..0.DE.-1..WCFkB71VQRro3ZpXl41jTw%3D%3D.60028487.OTk5JTJjMQ==...WCFkB71VQRro3ZpXl41jTw%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCopZk-UOaZa3MJIHRjuwP57yCoAvKkbX7ctPipc7RCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NjExMDUzNjYyNjEzMzkwyAEJqQITD9A53FuyPuACAKgDAcgDAqoEqwJP0PIoGbkdCkI9pJMSR_xlQIkcxdtJw2kBymI_Djr3PwMbIoJDAhz73ZEfMd4zpWSMs2X4iuKFR9svvs3HS8b7FUb-JOrX5IU8vBWBX7DCwnHF5C9rZTVd51tyNjXboh6XLCXu_GTn0MWNnsWuWcpRWYJr7F7_bCrgIrfbiSyxdXu8uL-lHLXTLqUZBb0Mys8HBBPIdMfvwW2IcG6MRkVAaE0ahJ756Fw1mw2HOll1F_1ylHOnmxyZsp1ATeaSw00N-Wz6QULwnKzZRg_0sl7X8KWCHY-YIgyRaO32uU19RiqvNiwiPQDA52KfiiUd12m7Ii7u4JzFiFTSHlYxVcnISIHk6OeS_Izm9R65vm3byF11MgLomAr2RaNV6Tz1PTxtAfOSN3HvES5eH-AEAYAGtZPZmrvjkP8eoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YBwEAEyAusCOgKAQEi9_cE6WMn92L3SyoMD-gsCCAGADAHiDRMIpfbZvdLKgwMVgaiDBx1nngC00BUBgBcB%26num%3D1%26sig%3DAOD64_3oYByg6fjw1ftF-R2xD0VWHJ05QA%26client%3Dca-pub-5611053662613390%26adurl%3D&googlewinningprice=ZZpD-QAJJi0Hg6iBAACeZ8jnld7qzJkeSTogRg&wpc=EUR&site=www.leducrep.com&slotvisibility=1&gcpm=4813594&gpos=1&bidder=bidder-rtb-production-7c77b89f8c-v8rnc&dv=1&uuid=&suid=&brq=1n5SGr3JJt09kJiAlYEB5Gqq8odzhGWkk_aGPA&ssp_id=0&l=en&ts=1704608761&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=rkQ7ieuZL_-epQ8J8f5p7BG8LiayuEilStTPELxmszA=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.170.237 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
237.170.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
5f2976c5a7b275ea2c2b9051dbd1067f4646e19867183e8e38a66e7908eac586

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 05:44:19 GMT
age
2503
x-guploader-uploadid
ABPtcPoaLwsFsn7QhYheLPxv3fmOZ5AcKBuG7_tW5JYMCRLecZ9NatBg8Uxl87Yp49YMRw9WLvhb1x4e8g
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15505
last-modified
Thu, 30 Nov 2023 01:51:48 GMT
server
UploadServer
etag
"7aa984220ca2cff0f05b8a1633adf2a0"
vary
Origin
x-goog-generation
1701309108858485
x-goog-hash
crc32c=7OAdAA==, md5=eqmEIgyiz/DwW4oWM63yoA==
content-type
image/gif
cache-control
public, max-age=3600
x-goog-stored-content-length
15505
accept-ranges
bytes
expires
Sun, 07 Jan 2024 06:44:19 GMT
moatad.js
z.moatads.com/travel198849194933/ Frame B31C 		334 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/travel198849194933/moatad.js
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000567.16.0.70017798.0.0..0.DE.-1..WCFkB71VQRro3ZpXl41jTw%3D%3D.60028487.OTk5JTJjMQ==...WCFkB71VQRro3ZpXl41jTw%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCopZk-UOaZa3MJIHRjuwP57yCoAvKkbX7ctPipc7RCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NjExMDUzNjYyNjEzMzkwyAEJqQITD9A53FuyPuACAKgDAcgDAqoEqwJP0PIoGbkdCkI9pJMSR_xlQIkcxdtJw2kBymI_Djr3PwMbIoJDAhz73ZEfMd4zpWSMs2X4iuKFR9svvs3HS8b7FUb-JOrX5IU8vBWBX7DCwnHF5C9rZTVd51tyNjXboh6XLCXu_GTn0MWNnsWuWcpRWYJr7F7_bCrgIrfbiSyxdXu8uL-lHLXTLqUZBb0Mys8HBBPIdMfvwW2IcG6MRkVAaE0ahJ756Fw1mw2HOll1F_1ylHOnmxyZsp1ATeaSw00N-Wz6QULwnKzZRg_0sl7X8KWCHY-YIgyRaO32uU19RiqvNiwiPQDA52KfiiUd12m7Ii7u4JzFiFTSHlYxVcnISIHk6OeS_Izm9R65vm3byF11MgLomAr2RaNV6Tz1PTxtAfOSN3HvES5eH-AEAYAGtZPZmrvjkP8eoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YBwEAEyAusCOgKAQEi9_cE6WMn92L3SyoMD-gsCCAGADAHiDRMIpfbZvdLKgwMVgaiDBx1nngC00BUBgBcB%26num%3D1%26sig%3DAOD64_3oYByg6fjw1ftF-R2xD0VWHJ05QA%26client%3Dca-pub-5611053662613390%26adurl%3D&googlewinningprice=ZZpD-QAJJi0Hg6iBAACeZ8jnld7qzJkeSTogRg&wpc=EUR&site=www.leducrep.com&slotvisibility=1&gcpm=4813594&gpos=1&bidder=bidder-rtb-production-7c77b89f8c-v8rnc&dv=1&uuid=&suid=&brq=1n5SGr3JJt09kJiAlYEB5Gqq8odzhGWkk_aGPA&ssp_id=0&l=en&ts=1704608761&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=rkQ7ieuZL_-epQ8J8f5p7BG8LiayuEilStTPELxmszA=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-133.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
46fca6dc6e672a29d25c9bf87c1402e9ba22990aa214ab0d8c848fdc40862df6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:02 GMT
content-encoding
gzip
last-modified
Mon, 04 Dec 2023 07:33:51 GMT
server
AmazonS3
x-amz-request-id
FFQKGZ4CVJ38PZ4F
etag
"9521db5e6c70e50593db6744649776f6"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=63683
accept-ranges
bytes
content-length
115798
x-amz-id-2
Enk6uaj0/pC1mW6E82ydrP5rcrpsMqVempoORq8ShrClC6W6AuW8edqz/4zAxI9A9RWhceV5ZEI=
creative.js
ads.travelaudience.com/js/ Frame B31C 		56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.travelaudience.com/js/creative.js?version=0.0.0
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000567.16.0.70017798.0.0..0.DE.-1..WCFkB71VQRro3ZpXl41jTw%3D%3D.60028487.OTk5JTJjMQ==...WCFkB71VQRro3ZpXl41jTw%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCopZk-UOaZa3MJIHRjuwP57yCoAvKkbX7ctPipc7RCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NjExMDUzNjYyNjEzMzkwyAEJqQITD9A53FuyPuACAKgDAcgDAqoEqwJP0PIoGbkdCkI9pJMSR_xlQIkcxdtJw2kBymI_Djr3PwMbIoJDAhz73ZEfMd4zpWSMs2X4iuKFR9svvs3HS8b7FUb-JOrX5IU8vBWBX7DCwnHF5C9rZTVd51tyNjXboh6XLCXu_GTn0MWNnsWuWcpRWYJr7F7_bCrgIrfbiSyxdXu8uL-lHLXTLqUZBb0Mys8HBBPIdMfvwW2IcG6MRkVAaE0ahJ756Fw1mw2HOll1F_1ylHOnmxyZsp1ATeaSw00N-Wz6QULwnKzZRg_0sl7X8KWCHY-YIgyRaO32uU19RiqvNiwiPQDA52KfiiUd12m7Ii7u4JzFiFTSHlYxVcnISIHk6OeS_Izm9R65vm3byF11MgLomAr2RaNV6Tz1PTxtAfOSN3HvES5eH-AEAYAGtZPZmrvjkP8eoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YBwEAEyAusCOgKAQEi9_cE6WMn92L3SyoMD-gsCCAGADAHiDRMIpfbZvdLKgwMVgaiDBx1nngC00BUBgBcB%26num%3D1%26sig%3DAOD64_3oYByg6fjw1ftF-R2xD0VWHJ05QA%26client%3Dca-pub-5611053662613390%26adurl%3D&googlewinningprice=ZZpD-QAJJi0Hg6iBAACeZ8jnld7qzJkeSTogRg&wpc=EUR&site=www.leducrep.com&slotvisibility=1&gcpm=4813594&gpos=1&bidder=bidder-rtb-production-7c77b89f8c-v8rnc&dv=1&uuid=&suid=&brq=1n5SGr3JJt09kJiAlYEB5Gqq8odzhGWkk_aGPA&ssp_id=0&l=en&ts=1704608761&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=rkQ7ieuZL_-epQ8J8f5p7BG8LiayuEilStTPELxmszA=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.0.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.0.190.35.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
baccf45a36486a2abc76291138c8661c88e8a2aa1ad74d279882ae80245e0fb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
public
date
Sun, 07 Jan 2024 06:26:02 GMT
content-encoding
gzip
via
1.1 google
last-modified
Thu, 04 Jan 2024 14:03:45 GMT
server
nginx/1.21.6
etag
W/"6596bac1-e1b5"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
max-age=86400, public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 08 Jan 2024 06:26:02 GMT
sca.17.6.2.js
static.adsafeprotected.com/ Frame 8024 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.leducrep.com
URL: https://www.leducrep.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:9200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 7be6cb2d0156b563b6b1c8f2595ddd52.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
9353812
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
2IVHdux8RooNYnaTbRB8DqmD00RL7Vxzu1VByC3V44ucM7JV7ejgmA==
mon
pixel.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=928934&campId=300x250&pubId=4811995650&chanId=21729720023&placementId=6404573011&pubCreative=138455016631&pubOrder=3265484082&cb=1363016801&custom=index&custom2=2&adsafe_par&impId=a052f38c-ad25-11ee-b0c2-025c7d14b065&adsafe_url=https%3A%2F%2Fwww.leducrep.com%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:92fbf61c-e1fc-2a62-9a23-5349a9994a13,c:ATrCZ,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-765c58974b-4r8f2,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:650.1111.300.250,am:i,cc:650.1111.300.250,piv:36,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:55,mot:0,app:0,maw:0,fm:u0EIEhY+11%7C12%7C131%7C132%7C14%7C15%7C16%7C17*.928934%7C171%7C181%7C19%7C1a%7C1b,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:76,oid:a109bffb-ad25-11ee-b406-727a392b7ec1,v:19.8.466,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.121.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-121-166.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:02 GMT
server
nginx
x-server-name
app10.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
usync.js
eus.rubiconproject.com/ Frame A662 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
094400fb43c70285180192f21c9f677821824153b56f4d886169102c35ecb443

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sun, 07 Jan 2024 06:26:02 GMT
Content-Encoding
gzip
Last-Modified
Sat, 06 Jan 2024 22:07:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=56443
Connection
keep-alive
Content-Length
13174
Expires
Sun, 07 Jan 2024 22:06:45 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 6CB8
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.leducrep.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.leducrep.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.leducrep.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f32ddb305976dfd2fb5841d97e6fd53f91bf0dcc9aa0a3fa15d646fd1fca097b

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
841a207cfe6e3719-FRA
content-encoding
br
content-type
text/html
date
Sun, 07 Jan 2024 06:26:02 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EBfdG8Lb7i9caC2v9Q5ML%2BboZ3PjxSga1W4f5AU%2Fvmno%2BwqJOprOOCu3He8eJsFeL7uVUmFQpWbpY0rQ9p7KjZ%2BW9EmCNPkITzYBLUEGv4U%2F2emR22PXK3zUmikeIbykQYzRlOaNY5XpsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
841a207cd92c1e54-FRA
content-length
0
date
Sun, 07 Jan 2024 06:26:02 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Fwww.leducrep.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=axk9YUi%2BwFc3uFaVpYAEfWD84HnUOsifdY5RH1NuV796e%2FwF6NEtSZm3OkI2ZScfJSqh%2BEkptDnqQbebV1RQz7tEC5htN2pdpYccWu7WkWXkCBRUifJo%2FOFywYzbMtAgyynENCojMobkDg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=92fbf61c-e1fc-2a62-9a23-5349a9994a13&tv=%7Bc:ATrDp,pingTime:-2,time:101,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:119,beZ:120,mfA:174,cmA:175,inA:175,inZ:177,prA:177,prZ:191,si:195,poA:195,poZ:203,cmZ:203,mfZ:203,loA:211,loZ:213,ltA:220,ltZ:220,mdA:120,mdZ:147%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:36,vs:o,r:l,w:300,h:250,t:75%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:101,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:75,wc:0.0.1600.1200,ac:650.1111.300.250,am:i,cc:650.1111.300.250,piv:36,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B44~30%5D,as:%5B44~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:u0EIEhY+11%7C12%7C131%7C132%7C14%7C15%7C16%7C17*.928934%7C171%7C181%7C19%7C1a%7C1b,idMap:17*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,siq:76,slid:%5Bgoogle_ads_iframe_/3081/SMCO_ENCO_AB_LeducRep_EN_WEB/index_1,google_ads_iframe_/3081/SMCO_ENCO_AB_LeducRep_EN_WEB/index_1__container__,ad-2,ad__inner-2,main-content%5D,sinceFw:25,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:d4b7:4b0a:dd42:a73b Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:02 GMT
server
nginx
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
PugMaster
image6.pubmatic.com/AdServer/ Frame E52F 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=53021392&p=160305&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:02 GMT
content-length
0
khaos.json
token.rubiconproject.com/ Frame A662 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
n.js
mb.moatads.com/ Frame B31C 		97 B
274 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/n.js?e=35&ol=650774323&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3MIJ1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-tGYyp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-3VB%2FRG4580cdYQ%3D%3D&sc=1&os=1-vQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=TRAVELAUDIENCE_DISPLAY1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2F53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com&lp=https%3A%2F%2Fwww.leducrep.com&t=1704608762375&de=298194605874&m=0&ar=cc84ca2002d-clean&iw=34392e3&q=2&cb=0&ym=0&cu=1704608762375&ll=2&lm=2&ln=1&r=0&em=0&en=0&d=30000567%3A50006134%3A60028487%3A70017798&zMoatSSP=0&zMoatDeal=-1&zMoatSubdomain=leducrep.com&zMoatIMPID=1n5SGr3JJt09kJiAlYEB5Gqq8odzhGWkk_aGPA&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.leducrep.com&id=0&ii=2&bo=53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com&bd=728x90&zMoatOrigSlicer1=53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com&zMoatOrigSlicer2=728x90&zMoatDomain=leducrep.com&gw=travel198849194933&fd=1&it=500&ti=0&ih=2&pe=0%3A162%3A162%3A0%3A0&jk=-1&jm=-1&fs=206701&na=1557699757&cs=0&ord=1704608762375&jv=1514737535&callback=DOMlessLLDcallback_54997043
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/travel198849194933/moatad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.147.81.223 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
858497369947d8f01ffdd894d7e59c0eeff34ab8cc2ee1f8bd3d242972285353

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:02 GMT
server
istio-envoy
etag
"ae5369757f66d80ee6905cd62b7276ed5b562de3"
content-type
text/html; charset=UTF-8
cache-control
max-age=900
x-envoy-upstream-service-time
6
timing-allow-origin
*
content-length
97
pixel.gif
px.moatads.com/ Frame B31C 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=TRAVELAUDIENCE_DISPLAY1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2F53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com&lp=https%3A%2F%2Fwww.leducrep.com&t=1704608762375&de=298194605874&m=0&ar=cc84ca2002d-clean&iw=34392e3&q=3&cb=0&ym=0&cu=1704608762375&ll=2&lm=2&ln=1&r=0&em=0&en=0&d=30000567%3A50006134%3A60028487%3A70017798&zMoatSSP=0&zMoatDeal=-1&zMoatSubdomain=leducrep.com&zMoatIMPID=1n5SGr3JJt09kJiAlYEB5Gqq8odzhGWkk_aGPA&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.leducrep.com&id=0&ii=2&bo=53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com&bd=728x90&zMoatOrigSlicer1=53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com&zMoatOrigSlicer2=728x90&zMoatDomain=leducrep.com&gw=travel198849194933&fd=1&it=500&ti=0&ih=2&pe=0%3A162%3A162%3A0%3A0&jk=-1&jm=-1&fs=206701&na=19698381&cs=0
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000567.16.0.70017798.0.0..0.DE.-1..WCFkB71VQRro3ZpXl41jTw%3D%3D.60028487.OTk5JTJjMQ==...WCFkB71VQRro3ZpXl41jTw%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCopZk-UOaZa3MJIHRjuwP57yCoAvKkbX7ctPipc7RCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NjExMDUzNjYyNjEzMzkwyAEJqQITD9A53FuyPuACAKgDAcgDAqoEqwJP0PIoGbkdCkI9pJMSR_xlQIkcxdtJw2kBymI_Djr3PwMbIoJDAhz73ZEfMd4zpWSMs2X4iuKFR9svvs3HS8b7FUb-JOrX5IU8vBWBX7DCwnHF5C9rZTVd51tyNjXboh6XLCXu_GTn0MWNnsWuWcpRWYJr7F7_bCrgIrfbiSyxdXu8uL-lHLXTLqUZBb0Mys8HBBPIdMfvwW2IcG6MRkVAaE0ahJ756Fw1mw2HOll1F_1ylHOnmxyZsp1ATeaSw00N-Wz6QULwnKzZRg_0sl7X8KWCHY-YIgyRaO32uU19RiqvNiwiPQDA52KfiiUd12m7Ii7u4JzFiFTSHlYxVcnISIHk6OeS_Izm9R65vm3byF11MgLomAr2RaNV6Tz1PTxtAfOSN3HvES5eH-AEAYAGtZPZmrvjkP8eoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YBwEAEyAusCOgKAQEi9_cE6WMn92L3SyoMD-gsCCAGADAHiDRMIpfbZvdLKgwMVgaiDBx1nngC00BUBgBcB%26num%3D1%26sig%3DAOD64_3oYByg6fjw1ftF-R2xD0VWHJ05QA%26client%3Dca-pub-5611053662613390%26adurl%3D&googlewinningprice=ZZpD-QAJJi0Hg6iBAACeZ8jnld7qzJkeSTogRg&wpc=EUR&site=www.leducrep.com&slotvisibility=1&gcpm=4813594&gpos=1&bidder=bidder-rtb-production-7c77b89f8c-v8rnc&dv=1&uuid=&suid=&brq=1n5SGr3JJt09kJiAlYEB5Gqq8odzhGWkk_aGPA&ssp_id=0&l=en&ts=1704608761&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=rkQ7ieuZL_-epQ8J8f5p7BG8LiayuEilStTPELxmszA=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-133.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Sun, 07 Jan 2024 06:26:02 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 07 Jan 2024 06:26:02 GMT
js-err
rtb.ads.travelaudience.com/ Frame B31C 		35 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.ads.travelaudience.com/js-err?description=Script%20error.&url=&line=0&col=0&parent_url=https%3A%2F%2Frtb.ads.travelaudience.com%2Frtb%3Fads%3D30000567.16.0.70017798.0.0..0.DE.-1..WCFkB71VQRro3ZpXl41jTw%253D%253D.60028487.OTk5JTJjMQ%3D%3D...WCFkB71VQRro3ZpXl41jTw%253D%253D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ%3D%3D.2.0%26p%3D90000%26x%3D728%26y%3D90%26click%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCopZk-UOaZa3MJIHRjuwP57yCoAvKkbX7ctPipc7RCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NjExMDUzNjYyNjEzMzkwyAEJqQITD9A53FuyPuACAKgDAcgDAqoEqwJP0PIoGbkdCkI9pJMSR_xlQIkcxdtJw2kBymI_Djr3PwMbIoJDAhz73ZEfMd4zpWSMs2X4iuKFR9svvs3HS8b7FUb-JOrX5IU8vBWBX7DCwnHF5C9rZTVd51tyNjXboh6XLCXu_GTn0MWNnsWuWcpRWYJr7F7_bCrgIrfbiSyxdXu8uL-lHLXTLqUZBb0Mys8HBBPIdMfvwW2IcG6MRkVAaE0ahJ756Fw1mw2HOll1F_1ylHOnmxyZsp1ATeaSw00N-Wz6QULwnKzZRg_0sl7X8KWCHY-YIgyRaO32uU19RiqvNiwiPQDA52KfiiUd12m7Ii7u4JzFiFTSHlYxVcnISIHk6OeS_Izm9R65vm3byF11MgLomAr2RaNV6Tz1PTxtAfOSN3HvES5eH-AEAYAGtZPZmrvjkP8eoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YBwEAEyAusCOgKAQEi9_cE6WMn92L3SyoMD-gsCCAGADAHiDRMIpfbZvdLKgwMVgaiDBx1nngC00BUBgBcB%2526num%253D1%2526sig%253DAOD64_3oYByg6fjw1ftF-R2xD0VWHJ05QA%2526client%253Dca-pub-5611053662613390%2526adurl%253D%26googlewinningprice%3DZZpD-QAJJi0Hg6iBAACeZ8jnld7qzJkeSTogRg%26wpc%3DEUR%26site%3Dwww.leducrep.com%26slotvisibility%3D1%26gcpm%3D4813594%26gpos%3D1%26bidder%3Dbidder-rtb-production-7c77b89f8c-v8rnc%26dv%3D1%26uuid%3D%26suid%3D%26brq%3D1n5SGr3JJt09kJiAlYEB5Gqq8odzhGWkk_aGPA%26ssp_id%3D0%26l%3Den%26ts%3D1704608761%26uc%3DDE%26at%3D1%26ia%3D0%26mai%3D%26mat%3D1%26ir%3D0%26an%3D%26rg%3D1%26hm%3DrkQ7ieuZL_-epQ8J8f5p7BG8LiayuEilStTPELxmszA%3D
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000567.16.0.70017798.0.0..0.DE.-1..WCFkB71VQRro3ZpXl41jTw%3D%3D.60028487.OTk5JTJjMQ==...WCFkB71VQRro3ZpXl41jTw%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCopZk-UOaZa3MJIHRjuwP57yCoAvKkbX7ctPipc7RCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NjExMDUzNjYyNjEzMzkwyAEJqQITD9A53FuyPuACAKgDAcgDAqoEqwJP0PIoGbkdCkI9pJMSR_xlQIkcxdtJw2kBymI_Djr3PwMbIoJDAhz73ZEfMd4zpWSMs2X4iuKFR9svvs3HS8b7FUb-JOrX5IU8vBWBX7DCwnHF5C9rZTVd51tyNjXboh6XLCXu_GTn0MWNnsWuWcpRWYJr7F7_bCrgIrfbiSyxdXu8uL-lHLXTLqUZBb0Mys8HBBPIdMfvwW2IcG6MRkVAaE0ahJ756Fw1mw2HOll1F_1ylHOnmxyZsp1ATeaSw00N-Wz6QULwnKzZRg_0sl7X8KWCHY-YIgyRaO32uU19RiqvNiwiPQDA52KfiiUd12m7Ii7u4JzFiFTSHlYxVcnISIHk6OeS_Izm9R65vm3byF11MgLomAr2RaNV6Tz1PTxtAfOSN3HvES5eH-AEAYAGtZPZmrvjkP8eoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YBwEAEyAusCOgKAQEi9_cE6WMn92L3SyoMD-gsCCAGADAHiDRMIpfbZvdLKgwMVgaiDBx1nngC00BUBgBcB%26num%3D1%26sig%3DAOD64_3oYByg6fjw1ftF-R2xD0VWHJ05QA%26client%3Dca-pub-5611053662613390%26adurl%3D&googlewinningprice=ZZpD-QAJJi0Hg6iBAACeZ8jnld7qzJkeSTogRg&wpc=EUR&site=www.leducrep.com&slotvisibility=1&gcpm=4813594&gpos=1&bidder=bidder-rtb-production-7c77b89f8c-v8rnc&dv=1&uuid=&suid=&brq=1n5SGr3JJt09kJiAlYEB5Gqq8odzhGWkk_aGPA&ssp_id=0&l=en&ts=1704608761&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=rkQ7ieuZL_-epQ8J8f5p7BG8LiayuEilStTPELxmszA=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.187.184.108 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
108.184.187.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://rtb.ads.travelaudience.com/rtb?ads=30000567.16.0.70017798.0.0..0.DE.-1..WCFkB71VQRro3ZpXl41jTw%3D%3D.60028487.OTk5JTJjMQ==...WCFkB71VQRro3ZpXl41jTw%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCopZk-UOaZa3MJIHRjuwP57yCoAvKkbX7ctPipc7RCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NjExMDUzNjYyNjEzMzkwyAEJqQITD9A53FuyPuACAKgDAcgDAqoEqwJP0PIoGbkdCkI9pJMSR_xlQIkcxdtJw2kBymI_Djr3PwMbIoJDAhz73ZEfMd4zpWSMs2X4iuKFR9svvs3HS8b7FUb-JOrX5IU8vBWBX7DCwnHF5C9rZTVd51tyNjXboh6XLCXu_GTn0MWNnsWuWcpRWYJr7F7_bCrgIrfbiSyxdXu8uL-lHLXTLqUZBb0Mys8HBBPIdMfvwW2IcG6MRkVAaE0ahJ756Fw1mw2HOll1F_1ylHOnmxyZsp1ATeaSw00N-Wz6QULwnKzZRg_0sl7X8KWCHY-YIgyRaO32uU19RiqvNiwiPQDA52KfiiUd12m7Ii7u4JzFiFTSHlYxVcnISIHk6OeS_Izm9R65vm3byF11MgLomAr2RaNV6Tz1PTxtAfOSN3HvES5eH-AEAYAGtZPZmrvjkP8eoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YBwEAEyAusCOgKAQEi9_cE6WMn92L3SyoMD-gsCCAGADAHiDRMIpfbZvdLKgwMVgaiDBx1nngC00BUBgBcB%26num%3D1%26sig%3DAOD64_3oYByg6fjw1ftF-R2xD0VWHJ05QA%26client%3Dca-pub-5611053662613390%26adurl%3D&googlewinningprice=ZZpD-QAJJi0Hg6iBAACeZ8jnld7qzJkeSTogRg&wpc=EUR&site=www.leducrep.com&slotvisibility=1&gcpm=4813594&gpos=1&bidder=bidder-rtb-production-7c77b89f8c-v8rnc&dv=1&uuid=&suid=&brq=1n5SGr3JJt09kJiAlYEB5Gqq8odzhGWkk_aGPA&ssp_id=0&l=en&ts=1704608761&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=rkQ7ieuZL_-epQ8J8f5p7BG8LiayuEilStTPELxmszA=
Origin
https://rtb.ads.travelaudience.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:02 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
access-control-allow-methods
GET
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
access-control-allow-origin
https://rtb.ads.travelaudience.com
content-type
image/gif
casale
match.adsrvr.org/track/cmf/ Frame 6CB8 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.leducrep.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:02 GMT
server
Kestrel
content-length
70
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 6CB8
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZZpD.vmU1qINiwdd3mODlAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEII3pMyGh3kENEsgSKX2ETk&google_cver=1&google_hm=2
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEII3pMyGh3kENEsgSKX2ETk&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.leducrep.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s7B6qweuKnasm7DXpBkJ%2FtPdZZefO611oYgCVMY81rbp3QnVGwpCkCAuFwYAA%2BbmsvBpTQI2mkqVh2PqpvzSHcC2prK4wQy0We%2BYJ6htfLJhBzQcQIjBGZy%2F6FG8%2BbE3Pujku8IODtDYfw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
841a207daeb83719-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEII3pMyGh3kENEsgSKX2ETk&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 6CB8
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZZpD.vmU1qINiwdd3mODlAAA%262182&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZZpD.vmU1qINiwdd3mODlAAA%262182&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=e798796f5cb548e08c7eb2a7863cc338
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.leducrep.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:02 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Date
Sun, 07 Jan 2024 06:26:02 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
3
dcm
s.amazon-adsystem.com/ Frame 6CB8
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZZpD-vmU1qINiwdd3mODlAAACIYAAAAB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZZpD-vmU1qINiwdd3mODlAAACIYAAAAB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZZpD-vmU1qINiwdd3mODlAAACIYAAAAB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.leducrep.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 07 Jan 2024 06:26:02 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
G8NQJAK3T4ZCRPWX7M7X
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 07 Jan 2024 06:26:02 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8XBYV3K41H0C3T3JWR32
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZZpD-vmU1qINiwdd3mODlAAACIYAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
x.bidswitch.net/ Frame 6CB8 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.leducrep.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.21.114 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-21-114.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
ZZpD-vmU1qINiwdd3mODlAAACIYAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 6CB8 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZZpD-vmU1qINiwdd3mODlAAACIYAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.leducrep.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:8461:1fe4:b475:56d7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 6CB8
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZZpD.vmU1qINiwdd3mODlAAA%262182
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZZpD.vmU1qINiwdd3mODlAAA%262182&tc=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=TGZheBHwfRbvc5gu-tem1BNUD6-Fu0nJgEaeoZEQA6c&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZZpD.vmU1qINiwdd3mODlAAA%262182&tc=1
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=TGZheBHwfRbvc5gu-tem1BNUD6-Fu0nJgEaeoZEQA6c&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZZpD.vmU1qINiwdd3mODlAAA%262182&tc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.leducrep.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dCvyLOTpf006IeWPDSxUCLi%2Fm1WznU0dkXQM%2F81fgvTTz%2FK7M7CrMYuYpbAgYEGwBsi8iXa1uDFi3F5j2d5k8KCcBoF1yAUza9%2FQwZFf3FUniCUjuCSwNMdILgvoVsrC6AgUi97kYKZnCg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
841a207d9eb23719-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=TGZheBHwfRbvc5gu-tem1BNUD6-Fu0nJgEaeoZEQA6c&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZZpD.vmU1qINiwdd3mODlAAA%262182&tc=1
pragma
no-cache
date
Sun, 07 Jan 2024 06:26:02 GMT, Sun, 07 Jan 2024 06:26:02 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 6CB8 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.leducrep.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Sun, 07 Jan 2024 06:26:02 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 6CB8 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZZpD.vmU1qINiwdd3mODlAAA%262182
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.leducrep.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:02 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
74566
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
841a207d3a09383d-FRA
content-length
43
expires
Mon, 08 Jan 2024 06:26:02 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=92fbf61c-e1fc-2a62-9a23-5349a9994a13&tv=%7Bc:ATrEP,time:189,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:189,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:75,wc:0.0.1600.1200,ac:650.1111.300.250,am:i,cc:650.1111.300.250,piv:36,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B132~30%5D,as:%5B132~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:u0EIEhY+11%7C12%7C131%7C132%7C14%7C15%7C16%7C17*.928934%7C171%7C181%7C19%7C1a%7C1b,idMap:17*,rmeas:1,rend:1,renddet:IMG.qs,siq:76,sis:160%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:d4b7:4b0a:dd42:a73b Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:02 GMT
server
nginx
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
pixel.gif
px.moatads.com/ Frame B31C 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fstatic.travelaudience.com%2Fimg%2Fimport%2FAbuDhabi_DMO%2FAbu_Dhabi_Winter_R3_EN_banners%2F728x90_Abu_Dhabi_Winter_Culture_EN.gif&i=TRAVELAUDIENCE_DISPLAY1&ol=650774323&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3MIJ1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-tGYyp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-3VB%2FRG4580cdYQ%3D%3D&sc=1&os=1-vQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.leducrep.com&id=0&ii=2&f=1&j=https%3A%2F%2F53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com&lp=https%3A%2F%2Fwww.leducrep.com&t=1704608762375&de=298194605874&cu=1704608762375&m=42&ar=cc84ca2002d-clean&iw=34392e3&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A162%3A162%3A0%3A0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=29&cd=0&ah=29&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=30000567%3A50006134%3A60028487%3A70017798&bo=53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com&bd=728x90&gw=travel198849194933&zMoatOrigSlicer1=53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com&zMoatOrigSlicer2=728x90&zMoatDomain=leducrep.com&zMoatSubdomain=leducrep.com&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=1n5SGr3JJt09kJiAlYEB5Gqq8odzhGWkk_aGPA&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jk=-1&jm=-1&tc=0&fs=206701&na=2140499151&cs=0
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000567.16.0.70017798.0.0..0.DE.-1..WCFkB71VQRro3ZpXl41jTw%3D%3D.60028487.OTk5JTJjMQ==...WCFkB71VQRro3ZpXl41jTw%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCopZk-UOaZa3MJIHRjuwP57yCoAvKkbX7ctPipc7RCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NjExMDUzNjYyNjEzMzkwyAEJqQITD9A53FuyPuACAKgDAcgDAqoEqwJP0PIoGbkdCkI9pJMSR_xlQIkcxdtJw2kBymI_Djr3PwMbIoJDAhz73ZEfMd4zpWSMs2X4iuKFR9svvs3HS8b7FUb-JOrX5IU8vBWBX7DCwnHF5C9rZTVd51tyNjXboh6XLCXu_GTn0MWNnsWuWcpRWYJr7F7_bCrgIrfbiSyxdXu8uL-lHLXTLqUZBb0Mys8HBBPIdMfvwW2IcG6MRkVAaE0ahJ756Fw1mw2HOll1F_1ylHOnmxyZsp1ATeaSw00N-Wz6QULwnKzZRg_0sl7X8KWCHY-YIgyRaO32uU19RiqvNiwiPQDA52KfiiUd12m7Ii7u4JzFiFTSHlYxVcnISIHk6OeS_Izm9R65vm3byF11MgLomAr2RaNV6Tz1PTxtAfOSN3HvES5eH-AEAYAGtZPZmrvjkP8eoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YBwEAEyAusCOgKAQEi9_cE6WMn92L3SyoMD-gsCCAGADAHiDRMIpfbZvdLKgwMVgaiDBx1nngC00BUBgBcB%26num%3D1%26sig%3DAOD64_3oYByg6fjw1ftF-R2xD0VWHJ05QA%26client%3Dca-pub-5611053662613390%26adurl%3D&googlewinningprice=ZZpD-QAJJi0Hg6iBAACeZ8jnld7qzJkeSTogRg&wpc=EUR&site=www.leducrep.com&slotvisibility=1&gcpm=4813594&gpos=1&bidder=bidder-rtb-production-7c77b89f8c-v8rnc&dv=1&uuid=&suid=&brq=1n5SGr3JJt09kJiAlYEB5Gqq8odzhGWkk_aGPA&ssp_id=0&l=en&ts=1704608761&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=rkQ7ieuZL_-epQ8J8f5p7BG8LiayuEilStTPELxmszA=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-133.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Sun, 07 Jan 2024 06:26:02 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 07 Jan 2024 06:26:02 GMT
thirdpartycookie
api.viafoura.co/v2/www.leducrep.com/ 		45 B
649 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/www.leducrep.com/thirdpartycookie?section=
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4847:e5f9:63eb:8cb4:6f23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-instance-id
i-0cff580541d066a63
pragma
no-cache
date
Sun, 07 Jan 2024 06:26:02 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.leducrep.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Sun, 07 Jan 2024 06:26:02 GMT
p-fc3a8e1a.system.js
tags.catapultx.com/cxo/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.catapultx.com/cxo/p-fc3a8e1a.system.js
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/cx-overlay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3e72ffa59a0684c988173f4ea0d75435f8ff50995c92974aa316288efe96a539

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Dec 2023 15:58:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
125
etag
W/"121"
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cWCtTJhWhhnc0%2Bnfxr3Ex55IhuMBg176sU2MI90Cozn7sSArukzm1GqFpUnvC1%2BwL39ac2CAuRXllIP92T9c2gPVREnZp6A0JITgzVCVtJYtXB7hxhSMGVF1wahXBLbQ6Sh84aTgsDr%2BPXueVyAr3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=180
cf-ray
841a207ddb1418d4-FRA
p-31c577a7.system.js
tags.catapultx.com/cxo/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.catapultx.com/cxo/p-31c577a7.system.js
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/cx-overlay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a87dab54792ca3697212f10ca3a1504a38c2c6d609612d0e3954824d2726a172

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Dec 2023 15:58:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
125
etag
W/"121"
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lpEtGyCp1qsKnIk4TLB3d0gFssMVqs4jIJNJIa8NEezttg9eLEPQBhMj7u8LBbFTgn6at%2FXWVgYhsZbySWi7uj5L%2FEJkXKr6HnjY%2FtmD4qjRLSeo8dj2T%2BwpMXj9oKfPQGniki9PYhxIEBes6vPtZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=180
cf-ray
841a207dfb2d18d4-FRA
pixel.gif
px.moatads.com/ Frame B31C 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=650774323&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3MIJ1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-tGYyp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-3VB%2FRG4580cdYQ%3D%3D&sc=1&os=1-vQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.leducrep.com&id=0&ii=2&f=1&j=https%3A%2F%2F53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com&lp=https%3A%2F%2Fwww.leducrep.com&t=1704608762375&de=298194605874&cu=1704608762375&m=204&ar=cc84ca2002d-clean&iw=34392e3&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&lh=15&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A162%3A162%3A0%3A238&aa=0&ad=83&cn=0&gk=83&gl=0&ik=83&ic=83&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=29&cd=29&ah=29&am=29&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=30000567%3A50006134%3A60028487%3A70017798&bo=53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com&bd=728x90&gw=travel198849194933&zMoatOrigSlicer1=53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com&zMoatOrigSlicer2=728x90&zMoatDomain=leducrep.com&zMoatSubdomain=leducrep.com&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=1n5SGr3JJt09kJiAlYEB5Gqq8odzhGWkk_aGPA&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=-1&jm=-1&tc=0&fs=206701&na=1895933495&cs=0
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000567.16.0.70017798.0.0..0.DE.-1..WCFkB71VQRro3ZpXl41jTw%3D%3D.60028487.OTk5JTJjMQ==...WCFkB71VQRro3ZpXl41jTw%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCopZk-UOaZa3MJIHRjuwP57yCoAvKkbX7ctPipc7RCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NjExMDUzNjYyNjEzMzkwyAEJqQITD9A53FuyPuACAKgDAcgDAqoEqwJP0PIoGbkdCkI9pJMSR_xlQIkcxdtJw2kBymI_Djr3PwMbIoJDAhz73ZEfMd4zpWSMs2X4iuKFR9svvs3HS8b7FUb-JOrX5IU8vBWBX7DCwnHF5C9rZTVd51tyNjXboh6XLCXu_GTn0MWNnsWuWcpRWYJr7F7_bCrgIrfbiSyxdXu8uL-lHLXTLqUZBb0Mys8HBBPIdMfvwW2IcG6MRkVAaE0ahJ756Fw1mw2HOll1F_1ylHOnmxyZsp1ATeaSw00N-Wz6QULwnKzZRg_0sl7X8KWCHY-YIgyRaO32uU19RiqvNiwiPQDA52KfiiUd12m7Ii7u4JzFiFTSHlYxVcnISIHk6OeS_Izm9R65vm3byF11MgLomAr2RaNV6Tz1PTxtAfOSN3HvES5eH-AEAYAGtZPZmrvjkP8eoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YBwEAEyAusCOgKAQEi9_cE6WMn92L3SyoMD-gsCCAGADAHiDRMIpfbZvdLKgwMVgaiDBx1nngC00BUBgBcB%26num%3D1%26sig%3DAOD64_3oYByg6fjw1ftF-R2xD0VWHJ05QA%26client%3Dca-pub-5611053662613390%26adurl%3D&googlewinningprice=ZZpD-QAJJi0Hg6iBAACeZ8jnld7qzJkeSTogRg&wpc=EUR&site=www.leducrep.com&slotvisibility=1&gcpm=4813594&gpos=1&bidder=bidder-rtb-production-7c77b89f8c-v8rnc&dv=1&uuid=&suid=&brq=1n5SGr3JJt09kJiAlYEB5Gqq8odzhGWkk_aGPA&ssp_id=0&l=en&ts=1704608761&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=rkQ7ieuZL_-epQ8J8f5p7BG8LiayuEilStTPELxmszA=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-133.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Sun, 07 Jan 2024 06:26:02 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 07 Jan 2024 06:26:02 GMT
p-cb52e3b0.system.entry.js
tags.catapultx.com/cxo/ 		553 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.catapultx.com/cxo/p-cb52e3b0.system.entry.js
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/cx-overlay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
4da325f33603cea1c0fb888724333710a30f485bd6bacd5bb5c3cf094c1048f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Dec 2023 15:58:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
125
etag
W/"121"
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PBADrk%2BztI3HWsBZTQXW35NWPcYD5%2BWzaaXsBYcUqmA0e6OGIc5eEY%2BSFFP9M3ZD4Z487ulUc73dBmQghgsQ4RnM%2BnJ19SgKyi7vZJpqRs5ea9n9leVkyD0top3MEKjqihdIZCoGL9DMD6zRh%2BWnmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=180
cf-ray
841a207e2b4318d4-FRA
intl-messageformat.1ffa056616fa00afbfc0.js
cdn.viafoura.net/chunks/defaultVendors~languages/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/defaultVendors~languages/intl-messageformat.1ffa056616fa00afbfc0.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:8000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42716b1e53a7779105575276cedc2e75677bc64e77b0a712bc0d48e2479abd98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 16:08:40 GMT
x-amz-version-id
HO9xTEwUA9XX7mdUyeB5zFlGyaHcZJoU
content-encoding
br
via
1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
2038643
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:07:47 GMT
server
AmazonS3
etag
W/"1c693504509bdbb60c6776720954c7c1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
Sq95iOhBmd2Q79v98S-xUl93Q8GqS7zQh-hmInMboszUKw-Y6NMaTA==
intl-messageformat.bba378369051b3ea02d6.js
cdn.viafoura.net/chunks/languages/ 		135 B
625 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/intl-messageformat.bba378369051b3ea02d6.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:8000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
af979786c73f4c25357e6528bb264f3dffae203ec6ff1adced8b57c3532f6d4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 16:08:44 GMT
x-amz-version-id
UzLWjcfYom6uexWyVPi6r3Nw71PzbVar
via
1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
2038638
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
135
last-modified
Thu, 14 Dec 2023 16:07:56 GMT
server
AmazonS3
etag
"41f960d448b03a594d459a897779ddf6"
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
lzF_blPOAdKVUJgioeT3MCn69XFIq_I0bcF5kNTCizsizTSHBdz0tA==
en-us-base-json.22dd055f6ebc67a95f1d.js
cdn.viafoura.net/chunks/languages/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/en-us-base-json.22dd055f6ebc67a95f1d.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:8000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b2d2f5d052658ef5589fe450a8654dbeb88d97511ce36f21f1c3bb3b38fa3c24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 19:41:27 GMT
x-amz-version-id
eMLa6OOnuDbIY213u_T07FIUE3Zk08lX
content-encoding
br
via
1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
297876
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:08:01 GMT
server
AmazonS3
etag
W/"dfb5516fd649a383d34843bb4b99126e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
nPrY9qjemTrKrYtTb8wawcOsRVRohqvq_PHC62X9IsuD6Z6gQDN6kA==
pixel.gif
travel198849194933.s.moatpixel.com/ Frame B31C 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=29&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=leducrep.com&L1id=30000567&L2id=50006134&L3id=60028487&L4id=70017798&S1id=53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com&S2id=728x90&ord=1704608762375&r=298194605874&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatSubdomain=leducrep.com&zMoatIMPID=1n5SGr3JJt09kJiAlYEB5Gqq8odzhGWkk_aGPA&bedc=1&nosend&q=1&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000567.16.0.70017798.0.0..0.DE.-1..WCFkB71VQRro3ZpXl41jTw%3D%3D.60028487.OTk5JTJjMQ==...WCFkB71VQRro3ZpXl41jTw%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCopZk-UOaZa3MJIHRjuwP57yCoAvKkbX7ctPipc7RCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NjExMDUzNjYyNjEzMzkwyAEJqQITD9A53FuyPuACAKgDAcgDAqoEqwJP0PIoGbkdCkI9pJMSR_xlQIkcxdtJw2kBymI_Djr3PwMbIoJDAhz73ZEfMd4zpWSMs2X4iuKFR9svvs3HS8b7FUb-JOrX5IU8vBWBX7DCwnHF5C9rZTVd51tyNjXboh6XLCXu_GTn0MWNnsWuWcpRWYJr7F7_bCrgIrfbiSyxdXu8uL-lHLXTLqUZBb0Mys8HBBPIdMfvwW2IcG6MRkVAaE0ahJ756Fw1mw2HOll1F_1ylHOnmxyZsp1ATeaSw00N-Wz6QULwnKzZRg_0sl7X8KWCHY-YIgyRaO32uU19RiqvNiwiPQDA52KfiiUd12m7Ii7u4JzFiFTSHlYxVcnISIHk6OeS_Izm9R65vm3byF11MgLomAr2RaNV6Tz1PTxtAfOSN3HvES5eH-AEAYAGtZPZmrvjkP8eoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YBwEAEyAusCOgKAQEi9_cE6WMn92L3SyoMD-gsCCAGADAHiDRMIpfbZvdLKgwMVgaiDBx1nngC00BUBgBcB%26num%3D1%26sig%3DAOD64_3oYByg6fjw1ftF-R2xD0VWHJ05QA%26client%3Dca-pub-5611053662613390%26adurl%3D&googlewinningprice=ZZpD-QAJJi0Hg6iBAACeZ8jnld7qzJkeSTogRg&wpc=EUR&site=www.leducrep.com&slotvisibility=1&gcpm=4813594&gpos=1&bidder=bidder-rtb-production-7c77b89f8c-v8rnc&dv=1&uuid=&suid=&brq=1n5SGr3JJt09kJiAlYEB5Gqq8odzhGWkk_aGPA&ssp_id=0&l=en&ts=1704608761&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=rkQ7ieuZL_-epQ8J8f5p7BG8LiayuEilStTPELxmszA=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.225.114 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-225-114.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:02 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 07 Jan 2024 06:26:02 GMT
pixel.gif
travel198849194933.s.moatpixel.com/ Frame B31C 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=83&fi=1&apd=194&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=leducrep.com&L1id=30000567&L2id=50006134&L3id=60028487&L4id=70017798&S1id=53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com&S2id=728x90&ord=1704608762375&r=298194605874&t=hdn&os=1&fi2=0&div1=0&ait=0&zMoatSubdomain=leducrep.com&zMoatIMPID=1n5SGr3JJt09kJiAlYEB5Gqq8odzhGWkk_aGPA&bedc=1&nosend&q=2&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000567.16.0.70017798.0.0..0.DE.-1..WCFkB71VQRro3ZpXl41jTw%3D%3D.60028487.OTk5JTJjMQ==...WCFkB71VQRro3ZpXl41jTw%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCopZk-UOaZa3MJIHRjuwP57yCoAvKkbX7ctPipc7RCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NjExMDUzNjYyNjEzMzkwyAEJqQITD9A53FuyPuACAKgDAcgDAqoEqwJP0PIoGbkdCkI9pJMSR_xlQIkcxdtJw2kBymI_Djr3PwMbIoJDAhz73ZEfMd4zpWSMs2X4iuKFR9svvs3HS8b7FUb-JOrX5IU8vBWBX7DCwnHF5C9rZTVd51tyNjXboh6XLCXu_GTn0MWNnsWuWcpRWYJr7F7_bCrgIrfbiSyxdXu8uL-lHLXTLqUZBb0Mys8HBBPIdMfvwW2IcG6MRkVAaE0ahJ756Fw1mw2HOll1F_1ylHOnmxyZsp1ATeaSw00N-Wz6QULwnKzZRg_0sl7X8KWCHY-YIgyRaO32uU19RiqvNiwiPQDA52KfiiUd12m7Ii7u4JzFiFTSHlYxVcnISIHk6OeS_Izm9R65vm3byF11MgLomAr2RaNV6Tz1PTxtAfOSN3HvES5eH-AEAYAGtZPZmrvjkP8eoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YBwEAEyAusCOgKAQEi9_cE6WMn92L3SyoMD-gsCCAGADAHiDRMIpfbZvdLKgwMVgaiDBx1nngC00BUBgBcB%26num%3D1%26sig%3DAOD64_3oYByg6fjw1ftF-R2xD0VWHJ05QA%26client%3Dca-pub-5611053662613390%26adurl%3D&googlewinningprice=ZZpD-QAJJi0Hg6iBAACeZ8jnld7qzJkeSTogRg&wpc=EUR&site=www.leducrep.com&slotvisibility=1&gcpm=4813594&gpos=1&bidder=bidder-rtb-production-7c77b89f8c-v8rnc&dv=1&uuid=&suid=&brq=1n5SGr3JJt09kJiAlYEB5Gqq8odzhGWkk_aGPA&ssp_id=0&l=en&ts=1704608761&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=rkQ7ieuZL_-epQ8J8f5p7BG8LiayuEilStTPELxmszA=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.225.114 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-225-114.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:02 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 07 Jan 2024 06:26:02 GMT
pixel.gif
travel198849194933.s.moatpixel.com/ Frame B31C 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=83&fi=1&apd=194&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=leducrep.com&L1id=30000567&L2id=50006134&L3id=60028487&L4id=70017798&S1id=53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com&S2id=728x90&ord=1704608762375&r=298194605874&t=fv&os=1&fi2=0&div1=0&ait=0&zMoatSubdomain=leducrep.com&zMoatIMPID=1n5SGr3JJt09kJiAlYEB5Gqq8odzhGWkk_aGPA&bedc=1&nosend&q=3&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000567.16.0.70017798.0.0..0.DE.-1..WCFkB71VQRro3ZpXl41jTw%3D%3D.60028487.OTk5JTJjMQ==...WCFkB71VQRro3ZpXl41jTw%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCopZk-UOaZa3MJIHRjuwP57yCoAvKkbX7ctPipc7RCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NjExMDUzNjYyNjEzMzkwyAEJqQITD9A53FuyPuACAKgDAcgDAqoEqwJP0PIoGbkdCkI9pJMSR_xlQIkcxdtJw2kBymI_Djr3PwMbIoJDAhz73ZEfMd4zpWSMs2X4iuKFR9svvs3HS8b7FUb-JOrX5IU8vBWBX7DCwnHF5C9rZTVd51tyNjXboh6XLCXu_GTn0MWNnsWuWcpRWYJr7F7_bCrgIrfbiSyxdXu8uL-lHLXTLqUZBb0Mys8HBBPIdMfvwW2IcG6MRkVAaE0ahJ756Fw1mw2HOll1F_1ylHOnmxyZsp1ATeaSw00N-Wz6QULwnKzZRg_0sl7X8KWCHY-YIgyRaO32uU19RiqvNiwiPQDA52KfiiUd12m7Ii7u4JzFiFTSHlYxVcnISIHk6OeS_Izm9R65vm3byF11MgLomAr2RaNV6Tz1PTxtAfOSN3HvES5eH-AEAYAGtZPZmrvjkP8eoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YBwEAEyAusCOgKAQEi9_cE6WMn92L3SyoMD-gsCCAGADAHiDRMIpfbZvdLKgwMVgaiDBx1nngC00BUBgBcB%26num%3D1%26sig%3DAOD64_3oYByg6fjw1ftF-R2xD0VWHJ05QA%26client%3Dca-pub-5611053662613390%26adurl%3D&googlewinningprice=ZZpD-QAJJi0Hg6iBAACeZ8jnld7qzJkeSTogRg&wpc=EUR&site=www.leducrep.com&slotvisibility=1&gcpm=4813594&gpos=1&bidder=bidder-rtb-production-7c77b89f8c-v8rnc&dv=1&uuid=&suid=&brq=1n5SGr3JJt09kJiAlYEB5Gqq8odzhGWkk_aGPA&ssp_id=0&l=en&ts=1704608761&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=rkQ7ieuZL_-epQ8J8f5p7BG8LiayuEilStTPELxmszA=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.225.114 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-225-114.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:02 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 07 Jan 2024 06:26:02 GMT
LoginRadiusV2.js
auth.lrcontent.com/v2/ 		211 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.lrcontent.com/v2/LoginRadiusV2.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdd5eb5886d055428379d1938f01e5a186f7f8dbf3efc851ad9e04914302eb59
Security Headers
Name Value
Strict-Transport-Security max-age= 63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:02 GMT
strict-transport-security
max-age= 63072000; includeSubdomains; preload
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
gzip
x-amz-cf-pop
FRA56-C1
age
3024
cf-polished
origSize=1336927
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
cf-bgj
minify
last-modified
Mon, 04 Dec 2023 07:20:21 GMT
server
cloudflare
etag
W/"34dedade3a8f1aa4aa0db4d3bf475de7"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
841a207e6c285d61-FRA
x-amz-cf-id
Wiy7pv9-5PipjGPQsFslOsOXatN9welp3t5Fm7Xcg2uH7k2HN2haRQ==
expires
Sun, 07 Jan 2024 10:26:02 GMT
ingest
i.viafoura.co/v3/www.leducrep.com/ 		67 B
393 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://i.viafoura.co/v3/www.leducrep.com/ingest
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.215.232.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-215-232-18.compute-1.amazonaws.com
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.leducrep.com
date
Sun, 07 Jan 2024 06:26:02 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/png
content-length
67
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=92fbf61c-e1fc-2a62-9a23-5349a9994a13&tv=%7Bc:ATrHT,pingTime:-10,time:379,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEyOSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1704608762645%7C%7Ca65a1bcdee44bb7c53f5b51f7e48375a%7C%7C746ded226cc656dc46dc973a01bf1b48%7C%7C0188c1dbdb2388344091ee4da84dd734%7C%7C6cb99686856ab18c2f9d242fb413f5fb%7C%7C2a1456c528f55f7cfe976aef724ef24c%7C%7Cb5d78a29630351694d717a59326d45aa%7C%7C96763fc47ecac97d312c2edbf705dd6b%7C%7C1663701684%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:d4b7:4b0a:dd42:a73b Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:02 GMT
server
nginx
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
player-event
events.qortex.ai/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.leducrep.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
841a207eafdc927a-FRA
date
Sun, 07 Jan 2024 06:26:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y8krLA4azgkczf7R1pSIfjwTjsnrZ4z5K%2FqONJqGPw1rraxIzjg6nbbhB4zYd7J9vofy1EZ1c2K61HUtIxBOjHRWy5%2Bj2bVoYvS9Lyn3GJ8i96IV4hoI8H6QNo1Z3%2FRKWkJeli1l7M0C2kNua0M%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
player-event
events.qortex.ai/api/v1/ 		0
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/p-cb52e3b0.system.entry.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 07 Jan 2024 06:26:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qb8sKhzoMgQAKp2T0FX5mNsnytrsJ9a0lkEQXKvhU%2FGPDGwKc9kfMfeST%2FKMir3QqCkY1gQrl7ngBU8HIqd%2F0MSxpbpYO3bqXibN4lyGdEkVz1bfvT%2BQQxK85sEQCbn%2B3ahxyMJ5Y%2BbZpX3igI0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
841a207f581a927a-FRA
content-length
0
leducrep.com
demand.qortex.ai/api/v1/group/configs/cRWq0mHGUUajm2dPzPy6IA/ 		20 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://demand.qortex.ai/api/v1/group/configs/cRWq0mHGUUajm2dPzPy6IA/leducrep.com
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/p-cb52e3b0.system.entry.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1de634db007c4bfe020367356aba354767210a14b849b7189db4ca600b3904fe

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:02 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0XHQyPrSnp1L5C0OQB9FydrshNeq6bbqQSUQrE6iZA2HUVwcI2KP8bt4w0H1R74fqX8MJShSBXExAiNM0pc29kLH8gC8iNNrySBI%2B84VYnKKUwR439sET0Jj3bLJ5zpxG1sdbxDW5rRHDXtyyZk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
841a207eafdd927a-FRA
player-event
events.qortex.ai/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.leducrep.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
841a207eafdf927a-FRA
date
Sun, 07 Jan 2024 06:26:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=klrJtVoteEOzrZXwVEkIowKqnu8TlYqERksqL74nEYQenaWYnX9%2BfLSiZbmEd%2B5SA0vYfJC7yj9%2BahpPVwAGHRkwGMb6kilbRxJL2IB8Vx%2Fbi369AdYZfnEaSR3fEoYVJXoz5o%2FALDY7r%2BS0ybc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
player-event
events.qortex.ai/api/v1/ 		0
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/p-cb52e3b0.system.entry.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 07 Jan 2024 06:26:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tKYF6sG%2BLvFvmp5woIAfoWrmIg7YvE9%2F7P5aJv7tjiJFGKw4%2BWF4%2B%2BBpxEDXoa2h28XowTca93LlP6sGllsWOOwYLCqPpaul6lnuWXd0R1FL8E5SYGPu1uNDqS3F2aVVW%2B4VucOT9XKgZFSy8l0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
841a207fe84d927a-FRA
content-length
0
svod-module-js.af0a0ec7f140c97a1728.js
cdn.viafoura.net/chunks/vuex_store/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vuex_store/svod-module-js.af0a0ec7f140c97a1728.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2127:8000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0a633cd18a8ef38d694ec323dfd22731854e161f2ebee27b2eb9870a7df78980

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 16:08:49 GMT
x-amz-version-id
oVcFYRVQ6xZnBh6.ADJboKZ1fI_ywaEX
content-encoding
gzip
via
1.1 d19bc25644fc0cb24d9e1c2cb87755ca.cloudfront.net (CloudFront)
age
2038634
x-amz-cf-pop
PRG50-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:08:02 GMT
server
AmazonS3
etag
W/"29fcd3e8ac2266d59e9874ce666e077c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
TJ5ew7OHWTMdwcujd42enYsXKpVu6tWyOvNbv0P4-n9gEoqCgEBJyQ==
appInfo
config.lrcontent.com/ciam/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://www.leducrep.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
x-requested-with
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.leducrep.com
allow
GET, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
841a207efd323a84-FRA
date
Sun, 07 Jan 2024 06:26:02 GMT
server
cloudflare
vary
Origin
appInfo
config.lrcontent.com/ciam/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Requested by
Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/LoginRadiusV2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca8e011c30e88f7508e3aa362170192447703c3054a19d3df50335a6d9576640

Request headers

Referer
https://www.leducrep.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:02 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
access-control-allow-origin
https://www.leducrep.com
cache-control
max-age=86400
cf-ray
841a207f4d563a84-FRA
pixel.gif
travel198849194933.s.moatpixel.com/ Frame B31C 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=285&fi=1&apd=396&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=leducrep.com&L1id=30000567&L2id=50006134&L3id=60028487&L4id=70017798&S1id=53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com&S2id=728x90&ord=1704608762375&r=298194605874&t=nht&os=1&fi2=0&div1=0&ait=0&zMoatSubdomain=leducrep.com&zMoatIMPID=1n5SGr3JJt09kJiAlYEB5Gqq8odzhGWkk_aGPA&bedc=1&nosend&q=4&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.225.114 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-225-114.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:02 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 07 Jan 2024 06:26:02 GMT
login
postmedia.hub.loginradius.com/ssologin/ 		38 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Requested by
Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/LoginRadiusV2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.leducrep.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sun, 07 Jan 2024 06:26:02 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Server
nginx
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS, POST, GET, PUT, OPTIONS, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
https://www.leducrep.com
X-LoginRadius-Server
Primary - IDX - AWS
Access-Control-Allow-Credentials
true
X-Server
ms_idx_primary
Connection
keep-alive
Content-Length
38
login
postmedia.hub.loginradius.com/ssologin/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://www.leducrep.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
x-requested-with
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS POST, GET, PUT, OPTIONS, DELETE
Access-Control-Allow-Origin
https://www.leducrep.com
Connection
keep-alive
Date
Sun, 07 Jan 2024 06:26:02 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-LoginRadius-Server
Primary - IDX - AWS
X-Server
ms_idx_primary
player-event
events.qortex.ai/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.leducrep.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
841a2080987a927a-FRA
date
Sun, 07 Jan 2024 06:26:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=crAmil6%2Be4dDJY70xxNZQ04xHY2%2BmT0yziXS1vWCvZmBjdOaBIgQC36fbQUCPukd6zX9hlXLTv7FK600WF%2BCQTELV4nGctTShWOpW6ZDivtpdlxjgkrbDAgI3jGYPwkj5ouIxEvShf6AVn3RJQo%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
pwt.js
ads.pubmatic.com/AdServer/js/pwt/161089/5500/ 		212 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/161089/5500/pwt.js
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/p-cb52e3b0.system.entry.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.96.187 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-96-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4dcf78b31f69c1674cb5a75cd5fd5744538b50eaf34076396d9cf54acebee6e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:02 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:43:34 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=39753
accept-ranges
bytes
content-length
65407
expires
Sun, 07 Jan 2024 17:28:35 GMT
player-event
events.qortex.ai/api/v1/ 		0
257 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/p-cb52e3b0.system.entry.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 07 Jan 2024 06:26:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4tSM6GyX302%2FAftpRNyiQATffLtODYqb2CbCiOizVgzOFaZRxjaqEShzKTcwRYTpUXFHSIrTDcGqvuRdagzZ2GX9R0w1I20dgT6Ijq4Q1Abb1FmIKSCYlGJglRHLMPLxynSVqy5NeF18IZ6jQxc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
841a2081b8f4927a-FRA
content-length
0
user-sync
sync.adkernel.com/ Frame 79BE 		0
134 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=202271&r=https%3A%2F%2Fdemand.qortex.ai%2Fsync%3Fakuid%3Dhttps%3A%2F%2Fwww.leducrep.com%7C%7BUID%7D
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/p-cb52e3b0.system.entry.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.leducrep.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store
Connection
close
Content-Length
0
Date
Sun, 07 Jan 2024 06:26:03 GMT
Server
nginx
player-event
events.qortex.ai/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.leducrep.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
841a2080a884927a-FRA
date
Sun, 07 Jan 2024 06:26:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BlrpeNDuYY1uOTWWxezKudDS%2B21V1eBjweBWaOfBVZfATBCnb%2FPYOdbbD8KSFCg%2F7TYjuBKS3D7ZoKgdMnJ5gOazFlXfY%2B5cRFS35VUgnNsjZnHZWTRzULwa1UHEevea2A0GIDCXhHddFf4XeyA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
player-event
events.qortex.ai/api/v1/ 		0
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: tags.catapultx.com
URL: https://tags.catapultx.com/cxo/p-cb52e3b0.system.entry.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 07 Jan 2024 06:26:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J1e9%2BgqsEXs4zv5npAVtsbwL0MiaOO2FY0Vn96zjPy2REvWbDhI0CUj2HyYH%2Fuvr1jUHK9G%2BPASRmmOeA9zaGRzqoESkdqZNwcpq4kb7nUBWqOYK4KzNDHtEYJnBVGI%2FL23ffjzsD%2Fe4Zu33YL4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
841a2081a8f1927a-FRA
content-length
0
publishertag.prebid.139.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
etag
W/"653a6f57-17cae"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 08 Jan 2024 06:26:03 GMT
syncframe
gum.criteo.com/ Frame 6657 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.leducrep.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.leducrep.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 07 Jan 2024 06:26:02 GMT
server
Kestrel
server-processing-duration-in-ticks
347592
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
publishertag.prebid.139.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
etag
W/"653a6f57-17cae"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 08 Jan 2024 06:26:03 GMT
sid
mug.criteo.com/ Frame 6657
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=leducrep.com&sn=ChromeSyncframe&so=0&topUrl=www.leducrep.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=qxHt_nxQdkt6TWNTN2xJQ2lWRHM0U3JHTHlXM1d5Ym0zVWlYTEVPV2VJTzJoSmNmVU5ZMmViSTZKTnJrUTh3ZEhiREs4Z3R2UUZsdG9zRm51U1phOEt2aTYwVUNST1Y2di9qQU9SS3htaWRJZ2E1NnJKWVVXSEJXK3FKL3...
425 B
645 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=qxHt_nxQdkt6TWNTN2xJQ2lWRHM0U3JHTHlXM1d5Ym0zVWlYTEVPV2VJTzJoSmNmVU5ZMmViSTZKTnJrUTh3ZEhiREs4Z3R2UUZsdG9zRm51U1phOEt2aTYwVUNST1Y2di9qQU9SS3htaWRJZ2E1NnJKWVVXSEJXK3FKL3RyRmc3WUNNa3lJbTR0UGdqYWQ2alZqZVdFc1pMbW1VNTl4cnVlUStHQVVkVkpPUzZoYVVteGg1ZlFOT21TcFdDTXZvT0pBd2dsRy9aWENRYkNhQUlKV1B2cCtoU0t5NWpla1pjSmdqL0NFWlIrZFdQRHVrS3k1NXRIWGxnWTQ3YUFNMTYzYjZXR3hvbjlVa1RRTThwUi9WVXB2WjlGT3VpQ1FwSFlSQ3VhU29FNDcrNWx3WT18&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b389731c27fd90c3a4eb2eeaa1f4cc76f27fdb3f09449b8d180de151ad7a0f24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:02 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1203363
expires
0

Redirect headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:03 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=qxHt_nxQdkt6TWNTN2xJQ2lWRHM0U3JHTHlXM1d5Ym0zVWlYTEVPV2VJTzJoSmNmVU5ZMmViSTZKTnJrUTh3ZEhiREs4Z3R2UUZsdG9zRm51U1phOEt2aTYwVUNST1Y2di9qQU9SS3htaWRJZ2E1NnJKWVVXSEJXK3FKL3RyRmc3WUNNa3lJbTR0UGdqYWQ2alZqZVdFc1pMbW1VNTl4cnVlUStHQVVkVkpPUzZoYVVteGg1ZlFOT21TcFdDTXZvT0pBd2dsRy9aWENRYkNhQUlKV1B2cCtoU0t5NWpla1pjSmdqL0NFWlIrZFdQRHVrS3k1NXRIWGxnWTQ3YUFNMTYzYjZXR3hvbjlVa1RRTThwUi9WVXB2WjlGT3VpQ1FwSFlSQ3VhU29FNDcrNWx3WT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
351758
content-length
0
expires
0
ingest.php
events.newsroom.bi/ 		50 B
852 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
57.128.96.93 Sartrouville, France, ASN16276 (OVH, FR),
Reverse DNS
haproxy05.cl11.ovh.mrf.io
Software
istio-envoy /
Resource Hash
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 07 Jan 2024 06:26:03 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.leducrep.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
66
e0a4db8779dc244a772e.js
sdk.mrf.io/statics/ 		50 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/e0a4db8779dc244a772e.js
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:325a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c615104d3516e49abe78a9102737c6aa04056c6a8090e5746a38921d3b3811ab

Request headers

Referer
https://www.leducrep.com/
Origin
https://www.leducrep.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:03 GMT
content-encoding
gzip
via
1.1 37b29078d1c7132540ca31b9482ea1c6.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
LHR61-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
11
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 22 Dec 2023 09:40:45 GMT
server
cloudflare
etag
W/"44ac276b251e58c5c7f65bad76e76963"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
timing-allow-origin
*
cf-ray
841a20826c4a3df9-SIN
x-amz-cf-id
o12hAOxUBehaDJ00z6TwSya85PbLKzAaahYFQquKUBIlQa_iIGuEkw==
dw-check.html
experiences.mrf.io/marfeelpass/statics/ Frame BF67 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://experiences.mrf.io/marfeelpass/statics/dw-check.html?v=5
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9fa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fc487a75eea98b11319aafde13f978f28438e37cd8bcf0fca3ac4f86812a607

Request headers

Referer
https://www.leducrep.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5251
alt-svc
h3=":443"; ma=86400
cache-control
max-age=86400, s-maxage=2592000
cf-cache-status
HIT
cf-ray
841a20820bc365f9-AMS
content-encoding
gzip
content-type
text/html
date
Sun, 07 Jan 2024 06:26:03 GMT
last-modified
Thu, 23 Nov 2023 12:08:24 GMT
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
x-envoy-upstream-service-time
2
activeview
pagead2.googlesyndication.com/pcs/ Frame 7007 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssArYvD6hPx_Y90Q9Vx2j7pMqbD0FoM2NbdYpYgGiJA3JSDb5Efoyk5klUonYZWy48gGba3XUEcHDpUGVBC7RbNjyRoa0tBy2JfAp9ojzknAf7m3PfniA&sig=Cg0ArKJSzEELK8acMx_QEAE&id=lidar2&mcvt=1000&p=109,436,199,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240104&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=376532002&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704608762157&rpt=88&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=44809772
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ Frame B31C 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=650774323&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3MIJ1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-tGYyp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-3VB%2FRG4580cdYQ%3D%3D&sc=1&os=1-vQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.leducrep.com&id=0&ii=2&f=1&j=https%3A%2F%2F53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com&lp=https%3A%2F%2Fwww.leducrep.com&t=1704608762375&de=298194605874&cu=1704608762375&m=1212&ar=cc84ca2002d-clean&iw=34392e3&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&lf=188&lg=1&lh=15&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A162%3A162%3A494%3A238&aa=1&ad=1092&cn=83&gn=1&gk=1092&gl=83&ik=1092&ic=1092&ez=1&co=1092&cp=1002&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1002&cd=29&ah=1002&am=29&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=30000567%3A50006134%3A60028487%3A70017798&bo=53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com&bd=728x90&gw=travel198849194933&zMoatOrigSlicer1=53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com&zMoatOrigSlicer2=728x90&zMoatDomain=leducrep.com&zMoatSubdomain=leducrep.com&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=1n5SGr3JJt09kJiAlYEB5Gqq8odzhGWkk_aGPA&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=4&jm=-1&tc=0&fs=206701&na=830079225&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-133.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Sun, 07 Jan 2024 06:26:03 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 07 Jan 2024 06:26:03 GMT
pixel.gif
travel198849194933.s.moatpixel.com/ Frame B31C 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1002&tet=1092&fi=1&apd=1203&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=leducrep.com&L1id=30000567&L2id=50006134&L3id=60028487&L4id=70017798&S1id=53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com&S2id=728x90&ord=1704608762375&r=298194605874&t=iv&os=1&fi2=0&div1=1&ait=0&zMoatSubdomain=leducrep.com&zMoatIMPID=1n5SGr3JJt09kJiAlYEB5Gqq8odzhGWkk_aGPA&bedc=1&nosend&q=5&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.225.114 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-225-114.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:03 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 07 Jan 2024 06:26:03 GMT
pixel.gif
px.moatads.com/ Frame B31C 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=650774323&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3MIJ1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-tGYyp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-3VB%2FRG4580cdYQ%3D%3D&sc=1&os=1-vQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.leducrep.com&id=0&ii=2&f=1&j=https%3A%2F%2F53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com&lp=https%3A%2F%2Fwww.leducrep.com&t=1704608762375&de=298194605874&cu=1704608762375&m=1213&ar=cc84ca2002d-clean&iw=34392e3&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&lf=188&lg=1&lh=15&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A162%3A162%3A494%3A238&aa=1&ad=1092&cn=1092&gn=1&gk=1092&gl=1092&ik=1092&ic=1092&ez=1&co=1092&cp=1002&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1002&cd=1002&ah=1002&am=1002&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=30000567%3A50006134%3A60028487%3A70017798&bo=53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com&bd=728x90&gw=travel198849194933&zMoatOrigSlicer1=53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com&zMoatOrigSlicer2=728x90&zMoatDomain=leducrep.com&zMoatSubdomain=leducrep.com&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=1n5SGr3JJt09kJiAlYEB5Gqq8odzhGWkk_aGPA&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=4&jm=-1&tc=0&fs=206701&na=1484180103&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-133.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Sun, 07 Jan 2024 06:26:03 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 07 Jan 2024 06:26:03 GMT
pixel.gif
px.moatads.com/ Frame B31C 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=650774323&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3MIJ1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-tGYyp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-3VB%2FRG4580cdYQ%3D%3D&sc=1&os=1-vQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.leducrep.com&id=0&ii=2&f=1&j=https%3A%2F%2F53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com&lp=https%3A%2F%2Fwww.leducrep.com&t=1704608762375&de=298194605874&cu=1704608762375&m=1213&ar=cc84ca2002d-clean&iw=34392e3&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&lf=188&lg=1&lh=15&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A162%3A162%3A494%3A238&aa=1&ad=1092&cn=1092&gn=1&gk=1092&gl=1092&ik=1092&ic=1092&ez=1&co=1092&cp=1002&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1002&cd=1002&ah=1002&am=1002&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=30000567%3A50006134%3A60028487%3A70017798&bo=53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com&bd=728x90&gw=travel198849194933&zMoatOrigSlicer1=53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com&zMoatOrigSlicer2=728x90&zMoatDomain=leducrep.com&zMoatSubdomain=leducrep.com&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=1n5SGr3JJt09kJiAlYEB5Gqq8odzhGWkk_aGPA&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=4&jm=-1&tc=0&fs=206701&na=271398167&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-133.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Sun, 07 Jan 2024 06:26:03 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 07 Jan 2024 06:26:03 GMT
rfv.php
compassdata.mrf.io/ 		27 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://compassdata.mrf.io/rfv.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
57.128.96.92 Sartrouville, France, ASN16276 (OVH, FR),
Reverse DNS
haproxy06.cl11.ovh.mrf.io
Software
istio-envoy /
Resource Hash
79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryBUyHkOuNuYoAmgiy

Response headers

date
Sun, 07 Jan 2024 06:26:04 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.leducrep.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
42
multimedia.php
events.newsroom.bi/ 		12 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/multimedia.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/e0a4db8779dc244a772e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
57.128.96.93 Sartrouville, France, ASN16276 (OVH, FR),
Reverse DNS
haproxy05.cl11.ovh.mrf.io
Software
istio-envoy /
Resource Hash

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 07 Jan 2024 06:26:04 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.leducrep.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
12
events
api.permutive.com/v2.0/batch/ 		101 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
8988e52a8beb9d587a6ed82ce745bed9d2f3213d32c44dba106769f6920e5958

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 07 Jan 2024 06:26:04 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.leducrep.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
p
sb.scorecardresearch.com/ 		43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=19&c2=10276888&ns_ap_an=unknown&ns_ap_pn=js&ns_ap_pv=5&c12=_&name=foreground&ns_ap_ec=1&ns_ap_ev=start&ns_ap_device=Win32&ns_ap_id=1704608766050&ns_ap_csf=1&ns_ap_bi=unknown&ns_ap_pfm=webbrowser&ns_ap_pfv=Chrome%20120.0.6099.129&ns_ap_ver=unknown&ns_ap_sv=7.7.0%2B211006&ns_ap_bv=7.7.0%2B211006&ns_ap_smv=6.4&ns_type=view&ns_ap_gs=1704608761048&ns_ts=1704608761048&ns_ap_cfg=1110101-110-3C-7D0-A-1F-1E-1E-12C-A&ns_ap_env=0-0-2&ns_ap_ut=60000&ns_ap_ar=unknown&ns_ap_cs=1&ns_ap_fg=1&ns_ap_dft=0&ns_ap_dbt=0&ns_ap_dit=0&ns_ap_as=1&ns_ap_das=0&ns_ap_usage=0&ns_radio=unknown&ns_ap_install=1704608761048&ns_ap_ft=0&ns_ap_bt=0&ns_ap_it=0&ns_ap_res=1600x1200&ns_ap_sd=1600x1200&ns_ap_po=0x0&ns_ap_lang=en-US&ns_ap_jb=unknown&ns_c=UTF-8&c7=https%3A%2F%2Fwww.leducrep.com%2F&c8=Home%20%7C%20Leduc%20Representative&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-72.fra60.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.leducrep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:06 GMT
via
1.1 2b92d172bc628dd9c34a8c262218ac02.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P5
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
p98wpAWcA0radaEXBSd707ytv0VjJUW1F3yy2uJOOJXo16Q8pRS0QA==
envelope
lexicon.33across.com/v1/ 		49 B
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a0000344KfnAAE&gdpr=0&src=pbjs&ver=8.23.0&coppa=0
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 07 Jan 2024 06:26:06 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.leducrep.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
pd
postmedia-d.openx.net/w/1.0/ Frame DB48 		199 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://postmedia-d.openx.net/w/1.0/pd
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer
https://www.leducrep.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
151
content-type
text/html
date
Sun, 07 Jan 2024 06:26:06 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8EE6 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.96.187 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-96-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.leducrep.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=116101
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sun, 07 Jan 2024 06:26:06 GMT
expires
Mon, 08 Jan 2024 14:41:07 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame C3F2 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.leducrep.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 07 Jan 2024 06:26:06 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame A73C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.104.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-104-211.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.leducrep.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 07 Jan 2024 06:26:06 GMT
ETag
"623de86a-cf34"
Expires
Mon, 08 Jan 2024 06:26:08 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
beacon
eu-inap.vap.lijit.com/ Frame FBF1
Redirect Chain
  • https://ap.lijit.com/beacon?informer=13402707
  • https://eu-inap.vap.lijit.com/beacon?informer=13402707
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-inap.vap.lijit.com/beacon?informer=13402707
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.leducrep.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Sun, 07 Jan 2024 06:26:06 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap7ams1

Redirect headers

content-length
110
content-type
text/html
date
Sun, 07 Jan 2024 06:26:06 GMT
location
https://eu-inap.vap.lijit.com:443/beacon?informer=13402707
server
awselb/2.0
ixmatch.html
js-sec.indexww.com/um/ Frame 71C6 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.leducrep.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
240
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
841a20968dca383d-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 07 Jan 2024 06:26:06 GMT
expires
Sun, 07 Jan 2024 10:26:06 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame C3F2 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
094400fb43c70285180192f21c9f677821824153b56f4d886169102c35ecb443

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sun, 07 Jan 2024 06:26:06 GMT
Content-Encoding
gzip
Last-Modified
Sat, 06 Jan 2024 22:07:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=56439
Connection
keep-alive
Content-Length
13174
Expires
Sun, 07 Jan 2024 22:06:45 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 8EE6 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=45510408&p=160305&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:05 GMT
content-length
0
usermatch
ssum-sec.casalemedia.com/ Frame D467 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.leducrep.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
452f266ab8cb0cc0a495888db157d2c4b776e70784813f55be354073033a460a

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
841a2096b9203719-FRA
content-encoding
br
content-type
text/html
date
Sun, 07 Jan 2024 06:26:06 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eHOB%2BMI6M5hn4c0lGhgNYjuMn8alGsLxMeQjMZJ4JyRfLKv4uqh4V%2FYoMrsrRn%2FudU5JKJi94nwSclPDLqchDdZfi1K1UM9LXFlQYg2mcsOQXhrv57XXvgZE1cOZ%2FIBNUsjL9vofM4tE4g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
khaos.json
token.rubiconproject.com/ Frame C3F2 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
usermatchredir
ssum-sec.casalemedia.com/ Frame D467
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZZpD-vmU1qINiwdd3mODlAAACIYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGEz3Q8WyFLPhvPEecRNLw4&google_cver=1
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGEz3Q8WyFLPhvPEecRNLw4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.leducrep.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8mKi3xWq95eiNkpfY8iAkLEI%2F4kOBY5DRM8Db3uIbNtwRchDz4dkD7nF5UGcGzbKgA2isv9AL%2F%2FWajJ7NmAJl3LUjXuJdBeZwgN1O47HLBO5oTaBTnUwkAEArkdwVGc%2FLVJoD0RjXSfdDw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
841a2096f93f3719-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGEz3Q8WyFLPhvPEecRNLw4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
501709.gif
idsync.rlcdn.com/ Frame D467
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZZpD.vmU1qINiwdd3mODlAAA%262182&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=e798796f-5cb5-48e0-8c7e-b2a7863cc338
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=bb638564-b724-4ffe-9140-9811aba76a16%3A1704608766.7673628&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dbb638564-b724-4ffe-9140-9811aba...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685631731839877&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dbb638564-b724-4ffe-91...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=bb638564-b724-4ffe-9140-9811aba76a16%3A1704608766.7673628&_=1704608766.7704964
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/501709.gif?partner_uid=bb638564-b724-4ffe-9140-9811aba76a16%3A1704608766.7673628&_=1704608766.7704964
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.leducrep.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
35.244.174.68 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:07 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

date
Sun, 07 Jan 2024 06:26:07 GMT
via
1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
server
lighttpd/1.4.69
x-amz-cf-pop
PRG50-C1
vary
Cookie
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/501709.gif?partner_uid=bb638564-b724-4ffe-9140-9811aba76a16%3A1704608766.7673628&_=1704608766.7704964
content-length
447
x-amz-cf-id
eXHm3sHueY3oIm4SEdz_Ki_D4JUfI6tZHYjQVFYs0zI5t15CFcaapw==
crum
dsum-sec.casalemedia.com/ Frame D467
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D46%26external_user_id%3D%24UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1123439579403283424
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1123439579403283424
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.leducrep.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qRHqdx4pkq3JNeubiT02Jdoq0%2BmWbt01f4RuP1kEQlaXAyHffi4l5234eyesphIuE5Igq1IXOwhAnXvUYonhCFxSSLvSlQm3m32A1M9tUXB5Qb8NnlNpCRP7pA6aFFd0%2F%2FwPE%2FE2Pv5GPw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
841a2097094b3719-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:06 GMT
an-x-request-uuid
add8bab2-08cf-464c-84ed-7c93f223e42c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1123439579403283424
x-proxy-origin
45.141.152.77; 45.141.152.77; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame D467
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACjbU7LNIgAABQYmeQyjQ&expiration=1705818366
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACjbU7LNIgAABQYmeQyjQ&expiration=1705818366
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.leducrep.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0KeaKJL1lqw5neh8Oqn79wR5qNk9Yo%2F5OwF8x%2Fqx1Oz0l42xkFj8%2Fy2bRseTNLMzGEgX5p12odnetIEprPuhJS%2BT3%2Bp2b356Xn0SU0K6OHXE2TojEXcPc%2Bw05E9YMGHauY%2BURI9alST%2FIw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
841a2097d9933719-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACjbU7LNIgAABQYmeQyjQ&expiration=1705818366
Date
Sun, 07 Jan 2024 06:26:06 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
sync
ssbsync.smartadserver.com/api/ Frame D467 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.leducrep.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.171 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:06 GMT
content-length
0
CookieIndex
rtb.adentifi.com/ Frame D467 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.leducrep.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.69.99 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:06 GMT
tp_out
d.adroll.com/cm/index/ Frame D467 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.leducrep.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe04:c41a:5957:6088:70f7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:06 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame D467
Redirect Chain
  • https://match.adsby.bidtheatre.com/indexmatch?gpdr=&gdpr_consent=&us_privacy=&user_id=ZZpD.vmU1qINiwdd3mODlAAA%262182
  • https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=fdd6797b-8bea-4a93-87d3-a5ea18b85065
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=fdd6797b-8bea-4a93-87d3-a5ea18b85065
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.leducrep.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jv2%2F74Xkh7HIyWYN88dst9EW3ZjnF5WmKZSAUSRYkH4Nf6wzHvLUPwYNyEDLQqGsVi5DEDvPexBmS8dJz1NIXkZfNrtZegB45gxV0kH5uyg15fMJaZDpNs2l49Qeke4xLz4YeomxQF7J2A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
841a209749623719-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=fdd6797b-8bea-4a93-87d3-a5ea18b85065
Date
Sun, 07 Jan 2024 06:26:06 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
htw-pixel.gif
cdn.indexww.com/ht/ Frame D467 		43 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZZpD.vmU1qINiwdd3mODlAAA%262182
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.leducrep.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 06:26:06 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
74570
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
841a2096ddec383d-FRA
content-length
43
expires
Mon, 08 Jan 2024 06:26:06 GMT
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.175.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-175-190.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.leducrep.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Sun, 07 Jan 2024 06:26:06 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ 		0
125 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.175.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-175-190.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.leducrep.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
*
date
Sun, 07 Jan 2024 06:26:06 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
async_usersync
ib.adnxs.com/ Frame A73C 		0
763 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:06 GMT
an-x-request-uuid
bd4818ba-bd6d-4d92-8b3e-59792440037c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
45.141.152.77; 45.141.152.77; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel.gif
travel198849194933.s.moatpixel.com/ Frame B31C 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1002&tet=4900&fi=1&apd=5011&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=leducrep.com&L1id=30000567&L2id=50006134&L3id=60028487&L4id=70017798&S1id=53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com&S2id=728x90&ord=1704608762375&r=298194605874&t=page5&os=1&fi2=1&div1=1&ait=0&zMoatSubdomain=leducrep.com&zMoatIMPID=1n5SGr3JJt09kJiAlYEB5Gqq8odzhGWkk_aGPA&bedc=1&nosend&q=6&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.225.114 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-225-114.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:07 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 07 Jan 2024 06:26:07 GMT
pixel.gif
px.moatads.com/ Frame B31C 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=650774323&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3MIJ1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-tGYyp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-3VB%2FRG4580cdYQ%3D%3D&sc=1&os=1-vQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.leducrep.com&id=0&ii=2&f=1&j=https%3A%2F%2F53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com&lp=https%3A%2F%2Fwww.leducrep.com&t=1704608762375&de=298194605874&cu=1704608762375&m=5220&ar=cc84ca2002d-clean&iw=34392e3&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&lf=188&lg=1&lh=15&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A162%3A162%3A494%3A238&aa=1&ad=5100&cn=1092&gn=1&gk=5100&gl=1092&ik=5100&ic=5100&ez=1&co=1092&cp=1002&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5011&cd=1002&ah=5011&am=1002&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=30000567%3A50006134%3A60028487%3A70017798&bo=53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com&bd=728x90&gw=travel198849194933&zMoatOrigSlicer1=53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com&zMoatOrigSlicer2=728x90&zMoatDomain=leducrep.com&zMoatSubdomain=leducrep.com&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=1n5SGr3JJt09kJiAlYEB5Gqq8odzhGWkk_aGPA&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=6&jm=-1&tc=0&fs=206701&na=1154519144&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-133.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Sun, 07 Jan 2024 06:26:07 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 07 Jan 2024 06:26:07 GMT
async_usersync
ib.adnxs.com/ Frame A73C 		0
763 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 06:26:07 GMT
an-x-request-uuid
8025ea17-56f7-4021-8df5-c3d7ab860f07
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
45.141.152.77; 45.141.152.77; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
player-event
events.qortex.ai/api/v1/ 		0
0
player-event
events.qortex.ai/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:13e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.leducrep.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
841a209debf0927a-FRA
date
Sun, 07 Jan 2024 06:26:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gEKJw1rsxOEn1UmdyzuTXlX7F4HIgplGqYotvp1Pi7oGqVPCyvmKJF8obypkjRhBUiRJSCmjqxFHX%2BagpGyVxFE%2B90ntJqcGdMZP95v2LyzqISSrkWE6ALSuKahagufTPfz5bGe0oAATJi658Mk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
pixel.gif
px.moatads.com/ Frame B31C 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=650774323&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3MIJ1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-tGYyp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-3VB%2FRG4580cdYQ%3D%3D&sc=1&os=1-vQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=6&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.leducrep.com&id=0&ii=2&f=1&j=https%3A%2F%2F53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com&lp=https%3A%2F%2Fwww.leducrep.com&t=1704608762375&de=298194605874&cu=1704608762375&m=5421&ar=cc84ca2002d-clean&iw=34392e3&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&lf=188&lg=1&lh=15&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A162%3A162%3A494%3A238&aa=1&ad=5301&cn=5100&gn=1&gk=5301&gl=5100&ik=5301&ic=5301&ez=1&co=1092&cp=1002&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5211&cd=5011&ah=5211&am=5011&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=30000567%3A50006134%3A60028487%3A70017798&bo=53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com&bd=728x90&gw=travel198849194933&zMoatOrigSlicer1=53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com&zMoatOrigSlicer2=728x90&zMoatDomain=leducrep.com&zMoatSubdomain=leducrep.com&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=1n5SGr3JJt09kJiAlYEB5Gqq8odzhGWkk_aGPA&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=6&jm=-1&tc=0&fs=206701&na=352509163&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-133.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Sun, 07 Jan 2024 06:26:07 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 07 Jan 2024 06:26:07 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
events.qortex.ai
URL
https://events.qortex.ai/api/v1/player-event

Verdicts & Comments Add Verdict or Comment

164 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| documentPictureInPicture function| setNptTechAdblockerCookie object| script object| modern_script_elem object| legacy_script_elem object| ytAdTargetingLoadEvent function| script_onload string| locSrc object| ytVideoAdTargetingConfig object| webpackJsonpFrontEndModules object| tp object| __iasPET object| FrontEndModules object| googletag object| permutive object| apstag object| pbjs object| diagPixSentCodes object| __iasAdRefreshConfig object| _aps boolean| apstagLOADED object| apscustom object| pbjsChunk object| _pbjsGlobals object| mnet object| ggeac object| google_tag_data object| google_js_reporting_queue object| jwpServices object| jwplacements object| _comscore object| PublisherCommonId object| LRNameSpace object| LoginRadiusDefaults function| LoginRadiusUtility function| LoginRadiusApiFramework function| setLoginRadiusDefaultSchema function| setLoginRadiusModuleFunctions function| LoginRadiusHooksModel function| SetLoginRadiusCommonFunctions function| LoginRadiusControllers function| LoginRadiusV2 function| FormValidator object| hash function| handleLiveTapResponse undefined| google_measure_js_timing object| COMSCORE object| ns_p object| webpackChunkdjango_content_services object| htmx object| __permutive object| BlockAdBlock object| blockAdBlock object| ms object| Sailthru function| __spreadArray function| CXBootstrapLoader function| identifyRootURL function| generateDebugLog object| Criteo function| CXBootstrapper object| ns_ object| _33across string| iasScores object| jwDefaults object| webpackChunkjwplayer function| jwplayer object| jwpb object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| closure_lm_802775 function| WebVTT object| closure_lm_482745 object| cast number| google_unique_id object| gaGlobal object| GoogleGcLKhOms object| vf object| vfQ boolean| femCePnIdReadyTriggered object| dataLayer object| mParticle object| gtm_data_layer object| mpOneTrustKit object| GoogleTagManagerKit function| OptanonWrapper object| dl_mparticle object| google_tag_manager object| mpartical function| postscribe object| google_tag_manager_external function| onYouTubeIframeAPIReady object| Ribn string| GoogleAnalyticsObject function| ga function| e function| t object| marfeel function| fbq function| _fbq object| PARSELY function| autotrack function| gtag object| _vfP boolean| vfLoaded function| setImmediate function| clearImmediate object| viafoura object| gaplugins object| gaData function| _ga_originalSendHitTask function| _typeof object| __connect object| google_image_requests object| __IntegralASExec object| System function| __extends function| __awaiter function| __generator function| __sc_import_cx_overlay object| gsapVersions boolean| cxsyncadded-202271 object| owpbjsChunk object| owpbjs object| PWT object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_139 object| Criteo_prebid_139 object| webpackChunk_marfeel_marfeel_sdk object| __mrfCompass

59 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: Cg8KBQgKEPUWCgYIogEQ9RY
.leducrep.com/ Name: pbjs_sharedId
Value: 370dc814-ee65-4135-bdd1-991aac461b96
.leducrep.com/ Name: pbjs_sharedId_cst
Value: zix7LPQsHA%3D%3D
.leducrep.com/ Name: permutive-id
Value: 68346cd5-d3d7-498d-a8bc-8f9b5b4f0bdc
www.leducrep.com/ Name: sailthru_pageviews
Value: 1
www.leducrep.com/ Name: __adblocker
Value: false
www.leducrep.com/ Name: political-ad-opt-out
Value: {"data":false,"exp":604800000,"ts":1704608761060,"mac":1630179339}
www.leducrep.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
www.leducrep.com/ Name: sailthru_visitor
Value: aea4c59e-db5a-4329-924a-f9fcd28ce336
.rubiconproject.com/ Name: khaos
Value: LR341LV3-19-BB77
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qqag8btJlS5VyAkF7RiBdb4AgvEG2sPPZqRoUZOq/XfJiJEoktXKJaKfRGw5RT0YDEpUNv5RQd+cUgcdj94p/Mz45kPiGkI7V0ijy0RC4Zd8SKPLRELhl3xpmvllXEtYN4=
www.leducrep.com/ Name: x-id
Value: {"data":{"adLight":false,"adLightDisabled":true,"id":"4wur91rvsl3ykbubwzg4kngbbjmpj89i","updated":1704608761683},"exp":604800000,"ts":1704608761683,"mac":1978478503}
fem.gprod.postmedia.digital/ Name: x-id
Value: {"data":{"adLight":false,"adLightDisabled":true,"id":"4wur91rvsl3ykbubwzg4kngbbjmpj89i","updated":1704608761683},"exp":604800000,"ts":1704608761688,"mac":1978478658}
.leducrep.com/ Name: _gcl_au
Value: 1.1.1099212943.1704608762
.leducrep.com/ Name: _gid
Value: GA1.2.1885440670.1704608762
.leducrep.com/ Name: _gat_UA-213173459-6
Value: 1
.leducrep.com/ Name: _ga
Value: GA1.1.612804346.1704608762
.leducrep.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.leducrep.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1704608761939%2C%22slts%22:0}
.leducrep.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=d4d5abce-dadf-4c11-b2d8-2fb32a319c0b%22%2C%22session_count%22:1%2C%22last_session_ts%22:1704608761939}
.leducrep.com/ Name: mprtcl-v4_4662F03F
Value: {'gs':{'ie':1|'dt':'us1-99b65fde89a1a145894d2d51d283cc83'|'av':'1.0.0'|'cgid':'32331e95-b5c8-47a9-85ab-f6a373dcfca0'|'das':'1e120999-f301-4dfc-8451-a763b1d22e80'|'csm':'WyI1MDAzMTk2OTAzMDkyMzk2ODE5Il0='|'sid':'7711D29F-DC0E-4B30-1777-E2F983B96BD3'|'les':1704608762088|'ssd':1704608761730}|'l':1|'5003196903092396819':{'fst':1704608761944|'ui':'eyIwIjoiNHd1cjkxcnZzbDN5a2J1Ynd6ZzRrbmdiYmptcGo4OWkifQ=='}|'cu':'5003196903092396819'}
.leducrep.com/ Name: _fbp
Value: fb.1.1704608762099.1172638786
.leducrep.com/ Name: __gads
Value: ID=1ab54be02e7dd339:T=1704608761:RT=1704608761:S=ALNI_MbeBo07WyL3hQY2KkLwcqcYE-AXGw
.leducrep.com/ Name: __gpi
Value: UID=00000d3bec7cbf87:T=1704608761:RT=1704608761:S=ALNI_Ma9FMFkwGGM2F6z3XrNRfeVr0y6gw
.leducrep.com/ Name: _ga_72QH41ZTMR
Value: GS1.1.1704608761.1.0.1704608762.59.0.0
.leducrep.com/ Name: _ga_60TQYJ3HTT
Value: GS1.1.1704608761.1.0.1704608762.59.0.0
.doubleclick.net/ Name: IDE
Value: AHWqTUkl_OOI7Prl1fmFbPmeBrvx2WGriiAiMeHUWoVrheGMvXs8sB_2KOfUS-SBYKo
.travelaudience.com/ Name: _tracker
Value: %7B%22pb%22%3A%2290000%22%2C%22UUID%22%3A%22C5197F1F-47FD-48EB-B0F0-091234F6668C%22%7D
.casalemedia.com/ Name: CMID
Value: ZZpD.vmU1qINiwdd3mODlAAA
.casalemedia.com/ Name: CMPS
Value: 2182
.casalemedia.com/ Name: CMPRO
Value: 2182
.creativecdn.com/ Name: u
Value: adPYT74PKAL3qTwI2JsP
.creativecdn.com/ Name: g
Value: adPYT74PKAL3qTwI2JsP_1704608762468
.creativecdn.com/ Name: ts
Value: 1704608762
.viafoura.co/ Name: VfSess
Value: ti7v81tt66md71k7okpt90euk0
.viafoura.co/ Name: vfThirdpartyCookiesEnabled
Value: true
.yahoo.com/ Name: A3
Value: d=AQABBPpDmmUCEL9fxWGAgfAP_piF0se8oEIFEgEBAQGVm2WkZQAAAAAA_eMAAA&S=AQAAAnnEQCETkxL81tZ6vTFBmfc
www.leducrep.com/ Name: _vfz
Value: www%2Eleducrep%2Ecom.00000000-0000-4000-8000-3837620382f5.1704608763.1.medium=direct|source=|sharer_uuid=|terms=
.leducrep.com/ Name: _vfa
Value: www%2Eleducrep%2Ecom.00000000-0000-4000-8000-3837620382f5.2cda7a77-fe54-485a-9f26-924b9f8843c8.1704608763.1704608763.1704608763.1
.leducrep.com/ Name: _vfb
Value: www%2Eleducrep%2Ecom.00000000-0000-4000-8000-3837620382f5.2..1704608763....
.liadm.com/ Name: lidid
Value: e798796f-5cb5-48e0-8c7e-b2a7863cc338
.amazon-adsystem.com/ Name: ad-id
Value: A4QVdKxiTkWwpplccfIv0r0
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.viafoura.co/ Name: vfDeviceId
Value: 75687011-d095-4550-883c-db9f027d73b7
.criteo.com/ Name: uid
Value: f82b62b8-ae8e-4917-9d98-6121f52a1d9a
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.leducrep.com/ Name: ___nrbic
Value: %7B%22previousVisit%22%3A1704608763%2C%22currentVisitStarted%22%3A1704608763%2C%22sessionId%22%3A%22b04b5d5f-836c-4750-b439-d34461eb9142%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//www.leducrep.com/%22%2C%22referrer%22%3A%22%22%7D
.leducrep.com/ Name: ___nrbi
Value: %7B%22firstVisit%22%3A1704608763%2C%22userId%22%3A%22a1d6d9a4-20d5-4a6c-9607-2bbdca0157a0%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1704608763%2C%22timesVisited%22%3A1%7D
.leducrep.com/ Name: compass_uid
Value: a1d6d9a4-20d5-4a6c-9607-2bbdca0157a0
.leducrep.com/ Name: cto_bundle
Value: 3OLgz19Wa05ZVjU4U0lGOUJPc0tEOWdTYVMwY09acU12OVkySTFmR2VsQjMlMkZsbFpwU1N5bWt4T0RNaTM5VUlCb3R4MyUyRlNHeVBnNTRwTVZvVks0ajgzUjk1WG5nTlFLeUN2Smt3ZmVydVprSVlkN1pSOCUyRmJHVmloM0ZUSzZkdUtUcFZJcEFQWWk3OENtRG5ITmlCWWFkTUR5a0ElM0QlM0Q
events.newsroom.bi/ Name: 1528_u
Value: a1d6d9a4-20d5-4a6c-9607-2bbdca0157a0
events.newsroom.bi/ Name: 1528_s
Value: b04b5d5f-836c-4750-b439-d34461eb9142
events.newsroom.bi/ Name: 1528_lv
Value: null
events.newsroom.bi/ Name: 1528_ut
Value: 0
.ads.pubmatic.com/ Name: KCCH
Value: YES
.adnxs.com/ Name: uuid2
Value: 1123439579403283424
.adsby.bidtheatre.com/ Name: __kuid
Value: fdd6797b-8bea-4a93-87d3-a5ea18b85065.473822766
.adnxs.com/ Name: XANDR_PANID
Value: 2QypD41clB6cH7Mo8dYTLeUUbzMJXwoLP4z8hQ02Z3DCg5NKfH3dha-wp1WDlO3YOIQoge4zGPcF4ChYz8pXdFUn9CX16SO3_cFnqr4u3y8.
.bidr.io/ Name: bito
Value: AACjbU7LNIgAABQYmeQyjQ
.bidr.io/ Name: bitoIsSecure
Value: ok

6 Console Messages

Source Level URL
Text
rendering warning URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js(Line 9)
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 503)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
violation error URL: https://z.moatads.com/travel198849194933/moatad.js(Line 139)
Message:
Permissions policy violation: accelerometer is not allowed in this document.
javascript warning URL: https://z.moatads.com/travel198849194933/moatad.js(Line 139)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
network error URL: https://idsync.rlcdn.com/501709.gif?partner_uid=bb638564-b724-4ffe-9140-9811aba76a16%3A1704608766.7673628&_=1704608766.7704964
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co
53ef2ec5714bef41ed26558ccb83a7df.safeframe.googlesyndication.com
aax.amazon-adsystem.com
acdn.adnxs.com
ads.pubmatic.com
ads.rubiconproject.com
ads.travelaudience.com
ak.sail-horizon.com
ap.lijit.com
api.fouanalytics.com
api.permutive.com
api.sail-personalize.com
api.viafoura.co
assets-jpcust.jwpsrv.com
assets.ribn.com
auth.lrcontent.com
bidder.criteo.com
btlr.sharethrough.com
c.amazon-adsystem.com
c2shb.pubgw.yahoo.com
cdn-ima.33across.com
cdn.adsafeprotected.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.jwplayer.com
cdn.parsely.com
cdn.permutive.com
cdn.viafoura.net
cm.g.doubleclick.net
compassdata.mrf.io
config.aps.amazon-adsystem.com
config.lrcontent.com
connect.facebook.net
creativecdn.com
d.adroll.com
dcs-static.gprod.postmedia.digital
demand.qortex.ai
dsum-sec.casalemedia.com
dt.adsafeprotected.com
edge-auth.microsoft.com
entitlements.jwplayer.com
eu-inap.vap.lijit.com
eus.rubiconproject.com
events.newsroom.bi
events.qortex.ai
experiences.mrf.io
fastlane.rubiconproject.com
fem.gprod.postmedia.digital
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
i.viafoura.co
ib.adnxs.com
identity.mparticle.com
idsync.rlcdn.com
image6.pubmatic.com
imasdk.googleapis.com
js-sec.indexww.com
jssdkcdns.mparticle.com
jssdks.mparticle.com
leducrep.com
lexicon.33across.com
live.rezync.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
mb.moatads.com
micro.rubiconproject.com
mug.criteo.com
onetag-geo.s-onetag.com
p.rfihub.com
p1.parsely.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.adsafeprotected.com
placement-prd.jwpltx.com
postmedia-d.openx.net
postmedia.hub.loginradius.com
pr-bh.ybp.yahoo.com
prd.jwpltx.com
prebid-a.rubiconproject.com
prebid-server.rubiconproject.com
prebid.media.net
prod.tahoe-analytics.publishers.advertising.a2z.com
px.moatads.com
region1.analytics.google.com
rtb.adentifi.com
rtb.ads.travelaudience.com
rtb.openx.net
s.amazon-adsystem.com
s0.2mdn.net
sb.scorecardresearch.com
sdk.mrf.io
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
smartcdn.gprod.postmedia.digital
ssbsync.smartadserver.com
ssl.p.jwpcdn.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
static.travelaudience.com
stats.g.doubleclick.net
storage.googleapis.com
sync.adkernel.com
tags.catapultx.com
token.rubiconproject.com
tpc.googlesyndication.com
travel198849194933.s.moatpixel.com
videos-cloudfront-usp.jwpsrv.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.leducrep.com
www.npttech.com
x.bidswitch.net
z.moatads.com
events.qortex.ai
104.18.36.155
104.79.89.214
108.138.1.25
13.107.6.158
13.32.27.33
141.147.81.223
142.250.181.226
143.204.98.68
152.199.22.243
172.64.149.180
172.64.152.89
18.158.175.190
18.159.21.114
18.185.12.185
18.245.60.72
18.66.112.41
18.66.112.84
184.30.17.133
184.30.211.26
185.184.8.90
185.64.189.112
185.64.190.78
185.89.210.153
188.166.17.21
193.0.160.130
2.18.96.187
2.19.104.211
2001:4860:4802:34::36
216.52.2.39
23.197.120.249
23.36.225.114
2600:1f13:800:7781:d4b7:4b0a:dd42:a73b
2600:1f18:44f0:4847:e5f9:63eb:8cb4:6f23
2600:9000:2127:8000:8:2ae1:d740:93a1
2600:9000:2127:9c00:1:a3fa:7cc0:93a1
2600:9000:2127:f400:2:cecb:23c0:93a1
2600:9000:223e:ec00:1b:6b7c:c940:93a1
2600:9000:223f:9200:8:48e:53c0:93a1
2600:9000:2250:8e00:15:2b26:f200:93a1
2602:803:c003:200::61
2606:4700:20::681a:13e
2606:4700:20::ac43:44eb
2606:4700:3030::6815:4222
2606:4700:3033::6815:325a
2606:4700:3033::ac43:9fa2
2606:4700:4400::ac40:91b1
2606:4700:4400::ac40:9256
2606:4700::6810:5714
2606:4700::6811:7611
2606:4700::6812:5eb
2606:4700:e2::ac40:8714
2a00:1450:4001:802::2003
2a00:1450:4001:806::200a
2a00:1450:4001:808::2001
2a00:1450:4001:809::200a
2a00:1450:4001:80b::201b
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2004
2a00:1450:4001:811::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2006
2a00:1450:400c:c00::9c
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:400::626
2a04:4e42:600::626
2a04:4e42:600::645
2a04:4e42::645
2a05:d018:cc3:fe04:c41a:5957:6088:70f7
2a05:d018:d29:3601:8461:1fe4:b475:56d7
3.217.69.99
3.33.220.150
3.65.234.7
34.107.254.252
34.111.249.109
34.111.67.160
34.117.54.29
34.120.63.153
34.149.157.221
34.253.16.244
34.98.64.218
35.186.253.211
35.187.184.108
35.190.0.66
35.241.9.51
35.244.170.237
35.244.174.68
35.244.193.51
44.213.227.236
44.215.232.18
44.237.26.143
52.17.99.225
52.209.113.22
52.214.121.166
52.28.203.152
52.46.128.147
57.128.96.92
57.128.96.93
65.9.93.173
65.9.95.44
65.9.95.71
65.9.95.83
65.9.97.61
69.173.144.137
69.173.144.165
75.2.40.13
77.245.57.72
81.17.55.171
98.98.134.243
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06f8b14586f865f6d1520c73a05b3ef0d0517c1aed3f35280933766402567570
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08e5a6db06d84ec26e14d8fb6b440780431a22b7620b35ea5a8f1723385d12a8
094400fb43c70285180192f21c9f677821824153b56f4d886169102c35ecb443
0a633cd18a8ef38d694ec323dfd22731854e161f2ebee27b2eb9870a7df78980
0bc0805d442ae7ead864b82381c168035e8d70535e6f6acea31f4f1caf65ae58
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0e935e79b3b0221c5baaed71640b023404a24bacc5e945c8a2fcc820ea0437c7
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f9945a9cc4ac9d713c6d5df5bdb9ffe7594df079b8bc61158f15c8eaef1ab15
102879bcdf1bb8d7079cbf09cd33581139013f7a0b109c64fd2a8f9511f3cbf7
104a0949326837e3aa7a8647a06c3a81abea87676eae5e991dd2b9a40f6b2f1d
10bab8fa8b44619c030dfc898a90c7fecd3cfff62ae2a38088f8251fa2d8ae00
1185218883cb5ec765c3292aaaccf15869b99c089b1c938266134666608a6ba1
11c95da30f62422cc9bb2322252b27e3b2910e5e06de7b5493229209571f2556
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
14ba20da4270913a8f69587c89df25272dbfbc0e3f9d21b7bce299ec7564d102
179c493864283938999b1e6cfb14839f78f9b25d1ec30faabbf9ea18216b23e5
182a88dd80fc17b2cb7cb02216c95ef579776905c6a1c3f5260b69e292394d9d
185113239a6613ca82207e73bb41dcc84ce2274da2732f6ece828c207f2f060c
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1de634db007c4bfe020367356aba354767210a14b849b7189db4ca600b3904fe
1e0b48703e6b552217f94c3d2de4454e244562d87992eaca4aed36bd2402c276
1e11545f37f9b79411db316051568e9232e4306b7b86a1fc28195596d21a8839
20a0d5600a54c94ed84d8e4ce889e5bbe96bd8682a348aa8fd5357fa76f5f94b
20a39509ff26bec9d43ff25d908d8a241688382f4c7b6822691463bd5ecd92d8
2131050f59d7a75989ab42208ae48f17cea879636d8f8e645921a36a20eeed46
2196688d207f9a82188db611ae912978d9c8216c2b4315784871bce6d42846d8
2264a47c142662847172ff157d15c920fd0896e2fbd7b9b10b341f3641d2afb4
22f2060365e34c12dd716fcfb19b771866ad57259178c974deebb5fa30f31095
235dae23f3a7ff07cfdec67e039fcf9ac87130f7c0b9f539eb143c83b506327f
23914ae0bc48f7f54ddfc03cf737a6bb5414afdd129c73cdf16e3af0833ab679
24e2db472b47c82ae28a7dfeb21ee6133e43bdd4ff9adfc8f8e4d1096508ac6b
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd
276b5244682738d09b1f2ea556faf7d6d967c844fa95c762c121a0957ebe4503
27935a472399d9f95aa1624556308ed45f45bef82f3000fd0409cd2ae826c126
27be1de049dc19e26b79f1c38d57b2c6aab6c8a22e22a0d482cf4069daa7d15e
27e80871c8e74e873a0e85fd9e0027e1917b9bcb3ace3641d8b553578a45e9a1
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63
2aa7779577c8f4ff268d5bbd5b13b7d577930c1824b43b4b5442d4c92a695154
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b07fe7247fc6cee7cd074645d1227522c3dbd5491fa5001fcc4705a7cd3fa90
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78
2befc1bd045716da14e16df592a9887948de7a99bafca66af09be7feee0a4e17
2f28c008f0ce667d697ccc95a07377e8562c0c28dd910f864724a265f75671e4
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
30f25e81c256d0985a5bf21776bfae5456e07f49c400790a58b51cc29bc559e3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
323500d40f8f9b2cde39bc8cf232ade4b0564be3f1a08560bbeb78c7eeaad5ee
34ed8105edbfc97fbadb9a12c489607da5bb361fde365244752626ea59e3f297
385a051b07e00b731b5ee93df0ada3f76eec9420130d044174fd47f8a7541110
394edd50c5623ba8fa694e243977128557aec9857b38a296658b5f0aba221d8e
3a71fb1dfb93ed408b42996e23db255f4170ad23fb4a3b9cc6265c14681a3dee
3b4ebe5a87b2f945344d06699a230b5b880061b554786d6c6a4d3a876973ecc1
3cba60887300fdac6e03d9b0a464c9d5534b43c83d0309c010e8fb1ac07c8eb3
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e72ffa59a0684c988173f4ea0d75435f8ff50995c92974aa316288efe96a539
3e9bdf1243d78b069392b4019c5dcd920b3c03ad85d0c8271435789a04ae9fb0
3fde76cacc186420d0405496f66f9cd00a7c14a38a9ffa4b626a09affe83cc2a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42716b1e53a7779105575276cedc2e75677bc64e77b0a712bc0d48e2479abd98
4304f4b3bcc93f16c6e21fd0f404aeb4c65f4b607ac935f63bf12f4d0606aee1
43a42702c59bc37d11cb776ffd904de25fe945c6028ef290dabfd0e977a88366
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44215842e9738ff6ad6a932740d630db3c29d7d5095468e1371eac7468b9dbf8
452f266ab8cb0cc0a495888db157d2c4b776e70784813f55be354073033a460a
45de24604c43426267ec183e2f863a96df243d4d1ece043b616561ad6e67832b
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46fca6dc6e672a29d25c9bf87c1402e9ba22990aa214ab0d8c848fdc40862df6
481d77f5d1a9c24f102bb6af246ecbff595011e0d73e70b652c39d702565d47d
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48b9895453eb4996387ccde6d84d611e405ba43149746e6a9266cebbbf95ee2b
4aa2c0885ae07456f3a2ec269262f0e3a322066526fd82092cb18360ab195aa1
4c1cfb7c6e2365e418e97e060ba0fa6fb277fadda1b54d156010a7edf60b1064
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c
4da325f33603cea1c0fb888724333710a30f485bd6bacd5bb5c3cf094c1048f2
4dcf78b31f69c1674cb5a75cd5fd5744538b50eaf34076396d9cf54acebee6e4
4e164a6eeb4844482d5036d0f2f4b1fd7f42b39007f512ef071a3f3fec1dfa97
4f35e77e01d46b80ad2a4181e62ed592745ad4e1c8df5665104ad7fba4c57ff0
528b1fcf765700fd9e52bd28345a232ef96a39128163236e78732912ca0985a1
531dd530899d5c89c1c766c0ca463c5e319a84044ebde699ec95b633807025a5
540b5453d3d1ffd76c8c9832b7be631fadc7773ed618add2ab247b18aa6e5bd9
5427e10c23520fbca480e8750c7e03dc2858eee594081879ea72a559bbd9fa81
547fc84dc54d9df451c2d97795e6a93ce45509c53da3e3dc2dcc3c543d11551f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c5609d7a5f1ebb4c8a7358f34b94708e5c0394fb5f0053b945a83908295ad4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57833e1361b15142f6ead5d7841d896101fe394eda2786f89ff24331ed7ad69b
585985fe93261331d637a0012035ceaaccabb8e56bf8d9ffcb72115df267ef0e
5a856b73c57935552e18e95b896eaedd77342acfa6087ea0d393c5d46c6786ab
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
5c74b7e2fe1764c28eee273797d8a3996cf050346568ac1050bddc085138911f
5d09cb7ee7ca0b5197e35281a401882b36f2be6a08dc219adcad051d3111b1fe
5d410b4aea9f38a035bdc4323315891f9e798d297e3e3db8d000f6e63f54cb51
5ec87eba0bf7e1bc1c3b3bf1acadcc50f0fa85800566e996b0bc0000697ae8ca
5f0ebbcfa8e8f6e51ed27788c59d0e7cb59f37e96c5c07624fd510e49182e690
5f2976c5a7b275ea2c2b9051dbd1067f4646e19867183e8e38a66e7908eac586
60b6fb471b6448d4aafebe6c871af63ea4f78422eab86c2f872bb8cb4e78f4ff
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
63680c6a3dd302c0eaa4d475e9b6f360e6d1eba0b23943f6b4eeead3eda8b270
655734836f6a9da92a5d7b9ff5437b609ad3011201cde5651259e8205176bb71
659a39402e1d81bf940a4a59d323fa097b671fb45b1e75251cf15e41ec20d6cf
65e5c4a834f77fb4a15f777193dcf2cf5395bacadf7cb29179562881b309f45d
6841d7c15644d3ea1f34a63596f54c7eed39540848bdca3e106ee3ba518f6382
6a9ba343788496fcb13c92a1e1b939ad5ab4b83ec12beccb749c331ea37d703b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b8f827ee28fad62699352bcbd1533f8dbe1cb0264833dd2dcc5561e43234a0c
6be53e044a8e84e3c66d8eb5d2f359feba5b32c072ef3456830f32acedb163a0
6f733263ba0d482063be46904102884233d3e14ebc2818968db52579a7bdaf83
708f03b8f94e179099cc45c3df7b1ceb3ba1da9275c882c8b06f9afad04eca9b
70bf3d5b5f237c256e6b83d5f3dd5937c270ed5350f428daf753c704a7691af9
72242e4acc05b52056c9370496f443e3c56ef196ad3aee13739d149726f517f2
73eaad97d5ace6f59c68a793121ebd456f976e02a9f07181c25d5a5a4a3c8a5a
73f89d0eb1274b78dc025849b01db92e71c7f991a754206374a8e2fc1263c732
77f014b24f1d51b9e8feb12df701a957c14c0be286d6c914975afd019d15a79a
79dee0042597950493e8956e9090ddc47c3decbfd1df6331349296d96ea51c0d
79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7
7a25b27d50d632cc61ca8844ef91bc00d4efc36c37a318c35fd5c76c6dbcec17
7a4b1009ac3724d5746eb472941bc0124e0b7524c02165f746db53c8fdf39af5
7a52b6338179ab8d85a30457700b3cb5bab64097f82780fedd1c3aab42aede7b
7b502a398a244c00330a82b70add336131d05e6f5fece9679ebc7b51ec88e082
7c8f24757683d5fece3f8af5853e19b1432c3d9110c3f6307b1ea434807eb4c7
7fdeb1c6fd18e0f486055ae90b9c37c166cd1b455157daa7de08f4271ac696ce
80c9671594b35dca109b7ecf4d7ca12db35663ba90b6e591fee421a3d3a6816a
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
81cf291ccaf872d43857c8eab5b4b373c3b1be53f44fec148b9b98849dc0b950
826d7d7528787f06e20fa0352caee25a542acc68342488821087c25105d4113e
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
83b364da532114e22d7892132d887574762b0c4da2397fec8da79b208ca0abd5
84a1251c3dcbb36d527efa7cbf47b5036b85f012eacf4f4d56ee90032bfbbef5
84b13e4d71773ee8ab573e2ac4567892ca8a76aa65c69fae8d5a83cb66a31ed4
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7
858497369947d8f01ffdd894d7e59c0eeff34ab8cc2ee1f8bd3d242972285353
87b85c256b170188318d0d8c695f43153651f18ee7a4788101b65da65ae0b85d
889701e4cb98cd11ef7cd807a7051acd4df7a4cb3c99d035253d8c4b4c1a4069
8923b4f2bb98765736f23c71a08a37e09f44734e5ebff0bd587f4db5ab1c9c8a
8988e52a8beb9d587a6ed82ce745bed9d2f3213d32c44dba106769f6920e5958
89df7ffe58aabc66f0aacf387a87c81dcb17141ded528d0d92280ea9165795a6
8acc1f1025dcaf26f8f860f726b3a05a701b77eb685301d4f25bc8339bbf891f
8c43aae3bb216780a6443ade8f02bd7c8e69812821ef67bc40e89cf19366c50c
8c47de12bf55371acecb47047d7b71a06cdb6bf7d71f736ae4e24a189d130eba
8d3d191d44b6a042adb3ac86d403f8eaa0f7d28056ce74fb3ec3bc65aff5178f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8e7efb6ae6f9571dd815db7eee285ce5288648414d2ce024f97135625180c6af
8ed1c626af66981552aac1e9cd693fb3bbf73411f1af5ad340723545258fab7e
943030a2bb4a69de7b031fefa25844e7cfd27154a2ba1f4b05d180a55273ab21
9461fdd0163c83e35d3e9f878ce7034700c5f616b8df87c6cc5858022928bbb8
9514372ab8ac313ea8019966fdcfe91b201c3aa69f92de8346ab34af461bbad2
96136a8fe593c37b7742c8cc402cf9a81d0b26cd8d6a11bc46a63f04aead885b
96de2ed282bea0459c138b9b6b71e3a9ea63c06240582f58c7c5962f218e0b8d
978782ab21a5dd5e6c36b58d24151abcfa0d4439dfcbe7f14adbe0c661f3ceb3
97cd2b1b2840136e52370255998fb38b3b539e5cc5159dbeb13e58d50ae11915
97d2d059b018df2d5e0dedab47f242e427c537c972c2bd3b013e44b6ec569f00
9d19ef863185b36bc5021745cf4d850057f4788b7ab71e0b2b30d5857d568173
9e6c302aec8ad80630935c7fef57d6e6a6094a2ce0fbc884c13b25edc2feb3a2
9edd5080ba31477d99e1ea20b721b25107635f954e55b74d6519d37e9f939f29
9fba1b0797e04bb4e94dffcf9068f89e75b4fa5569dc9efcb5aa72275435457b
9fc487a75eea98b11319aafde13f978f28438e37cd8bcf0fca3ac4f86812a607
a075f92744836d04b6d6baea13c646a1376afa236c13827f37e52420050b3a64
a153cbfb7c219b19ed8f17c88bcae1bd2509fcb926bb99c2bfad3bc492e3f333
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
a32a2fa64f4b452903c13ddeb624d92e606e12774bd93047247018347336b019
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6a936bf89e1100e04af426880bbbbcdf995f6501eb58a5e7ca3382b0ce74ac3
a87dab54792ca3697212f10ca3a1504a38c2c6d609612d0e3954824d2726a172
ae3f77862bc0a6c2b82781a817c8ecebb27b848f0a9cb430fb2bad33934808dc
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af162dff6298ff4658ce0d470ac6d7f4bdbf4c9b37ff38ab2807e4e0ef2dc5e3
af5c29046b83ccf4ce7371d31702e118852796b685f9fb2d9d4a7e5858d4a295
af979786c73f4c25357e6528bb264f3dffae203ec6ff1adced8b57c3532f6d4b
afe1c499cb41ea225213f2143b7778426f56c4b94396bb7f6bfe3b5b55602186
b0a16378462c7afcb27d8e14cf50e2cd3a8980af2895d20622640b096920719e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15c40dd94433a3ceff1cb7b8d3984045b9287456c9f0a6497d96bcc0bf9f094
b1631a16b9a272828ad99cdb2ff9beb5ca3f1bcfe33741fc51fb9fb1e764e227
b193fe5a1bc72e9aec282949a96fbdaf1d764cfc9d89d5f05b446e69b8eabdbf
b2d2f5d052658ef5589fe450a8654dbeb88d97511ce36f21f1c3bb3b38fa3c24
b3587ccc786d72c7d352e3cd589f1c34a6d5f99944560a6c2e7f6f69f0a69b9a
b389731c27fd90c3a4eb2eeaa1f4cc76f27fdb3f09449b8d180de151ad7a0f24
b57052b064a6778aa693bda164f8fe253440d6dc9fe6a513218ab5ef3774e051
b5e8f82558e1cccf8248338fa8eb2c9ee4a52e2992bac3cf710bca04209f9d06
b6e3d179d834b1629e4aa452fc1a55911bf2dded83a97e80a4fb50a2b619728e
b7f6e2585f4bb89f9d5c4bf0bfdf2d8637fd97a0818ca76fe281eb7229e8fbf6
b8387cd3ed06725f227e8db35e6655cfaf05e9fad5bd74c7117ecda7accaba2d
b9d563addef16ac42c163e80f3e0dbcac7cd2bbddfdaaae55a764060a9be8e89
ba368330f6b3e74e8ced7bd659360a00fc61d5e970bc59e4881efeb54d8a6dca
ba7e0e72735ea304bac8a43e87c2da1b7ee2d6705e8548a2fde134beb08d7b48
baccf45a36486a2abc76291138c8661c88e8a2aa1ad74d279882ae80245e0fb4
baf101a8ee08c36ef8f7f95fab473b51076c36e249efb634971809594ad39343
bd5ecc5e3d9b886015cc38519046b9f2768aa22929c6a573ec6aebea90392653
c02ee41c89b1ce6d88c9550be457a739bc90c7fd9b320bfe68be551c41f9dd94
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2a7c80301032f20f90d00a75cef91a4af5a7fa04651eaac3281f66466c8e8dd
c3a1e19ae447c458c806cec0f399a8b654602801a1b68e7c0341562c22b90f7e
c615104d3516e49abe78a9102737c6aa04056c6a8090e5746a38921d3b3811ab
c69903a2a63a1b57e1b96899d3c2ae7ecbec6da577be70c7be8e59cc265c69c6
c707d5798e40035ef5aa307db04e295703514d654b1e65fa62b04492c687c255
c7b6358e3195ae355f2d6c00a89f23dec3d277919266ed815e06c592a4c49b8f
c7f79e643d59639711688423d683edebda3de58bde0ad1b6750ab2d137844790
c81cab8c63d469329c0e0724770c6c8622f0d5d1fb8b6f919b6d7dddfadba190
ca297b5cbb78735edd0715fb96f8a74a862e1153ad8fd7f17ce86b1e6b27a96d
ca373666561fb77808a1a3bd5be791db20bb8c79c3f06dc3329fe607111a8b05
ca8e011c30e88f7508e3aa362170192447703c3054a19d3df50335a6d9576640
cae693444d5c4b70988da3ee41b0c3809de3f7701f474183ed8a446be6c970a5
cb1a06802fe82d8bd24aeecf58f0cf8e09be5a5ee1c29e3e65e78205de26ab89
cd01e3c28e570955c3d32f0018d482b8a61a69107632421148e3dcaab84153a7
cf464f1e850b27ea7942f1fa638cb6f4789d36f4b0e1c564ac3a74cc0b62f823
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
d00b4c8953cdf25f549728ad667759e6f7650b5bf6146ecd3ec7c087bd3265b8
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d1072cddda29a2b99664822e61c1fb74dcfbacc2f49f9bc738c38e645c24b65a
d22c2b457592d1f744afe93fdca6657e1985e47f0fade89674ae45ebce1d6428
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d33c5987823e42d0e01b4f88ecba283d04d36292837cb858d74bb6cc3a7e866f
d44a48532023bfe105b175fb6392a3bb0a36c35ea113b75f1c77d418f32cf72d
d45c479463aa40d8cc04e503992d5d3a869671c96712570822417bc00405a17e
d956f854a7c0609071aa018bcc19c61fa77ca795509da7b7fa13be317ade5302
dac9ce6b163b009d3fae39abc37e728afa2476e5dd0b5e5ac9480a9969fbbe6f
dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c
dc9040810df8915022883b6323c27452a2658a2126b54ce10f70cc1429d875f0
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de60ce74dc51181fe850f249ae75cc015cbf18c96b9e44f5a40e9cc56b0ba85b
dfb64257053c860722e7afea50469492b5435d315a4f9078fde8250156083950
e13822da2ca587d1d53b050cb267bbfea098e785e496dfb833bf4ae38555a087
e2b613e5d77f16bcd1121b2d53389bf1e342d1f76387f2f2c1a61a3372885963
e347da8bbc9a616d51f762f10029ee3b9f24e1d183ae7e5ad63195fb6664658e
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c5ff38a6b645121ae055d1bb18885c2f185331f58f6229443c2f031684216f
e3f16a99683ec813507fab742f11167db01a3c2ced3fdaa6f1ea859d2f9f4fe2
e4f77d4fc1b2f6ef7ec75aefbb3a20147cf10afd2de2de2fcd484623afabb302
e6214b2559f67192d41d07d928357497936f068d2953d63646bbfe104b1d68c5
e7ae2c8996df7f30c9b79818a3b6e73826c8f84c4866cfc6a033eddf5f46e50c
eaa1fe6daa6d6efa271e07a942dd6cd521cf367b0f2a1470512f43dc315ad50c
eabb948157a870d9dff26a18614f365c3ba89560e0c4e8461287266c362261ce
ebd1b6e9d7e32fd1080d3510adc18f5111d882c980a668a77c1ef24328020c9f
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eeaedddf1e7c1786533bd591ab2f4c7b7581f4ecb1a304e33bc612bf1e7b12a0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4fdf290e2eb8d9f89d83c6d45733b8c152cd936bc7fed996e5221bff246002
efea12f2147c9eafe82af9d2d615a7bff841b7dd229c02c52d2a03154445dd97
f0a83b6becd906b85b94429b38e4a2211ee929a9b51cbb262328cb7b89c926c3
f2654743f0b7bf1156b194d4042782592bd9bd1aee295dc69c13ba121de253d3
f32ddb305976dfd2fb5841d97e6fd53f91bf0dcc9aa0a3fa15d646fd1fca097b
f3626395a3596984e23ef3c2e882eee1fe93e4830f6c6b90ba9aad5028d2b6c5
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
f8859622b014c35916f294efc76fdb684a5681149809636416851b765d4eaf39
f955bad4911e135ef8894618754dbed63059322adf7404c619734960cce6adc0
f9d9f5036d0bd2be56f58b96153837812b097932175127c8b0261eb0ba7b58de
fdd5eb5886d055428379d1938f01e5a186f7f8dbf3efc851ad9e04914302eb59
feb2160dccd8b0345096a272f9753c529fa2f32b843400805851dc714372d9d5
ff4e8e09c759d10bb5fbf7090fd1ce5a6cecee6e2e5038ef9ff2ddb310eab592
ffcb64c988daac65faa37050a32018092b8107999952e2b59114079c025b49fa