Submitted URL: https://www.imleagues.com/School/ViewMCMessage.aspx?SchId=ae6dfe7f46634b3f9c6076c71e0555e8&MessageId=9532fc765e5f4e07ba36f...
Effective URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSc...
Submission: On October 20 via manual from US — Scanned from DE

Summary

This website contacted 108 IPs in 12 countries across 82 domains to perform 362 HTTP transactions. The main IP is 50.22.3.50, located in Dallas, United States and belongs to SOFTLAYER, US. The main domain is www.imleagues.com. The Cisco Umbrella rank of the primary domain is 82278.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 25th 2022. Valid for: a year.
This is the only time www.imleagues.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 56 50.22.3.50 36351 (SOFTLAYER)
4 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:214... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2600:9000:205... 16509 (AMAZON-02)
2 34.95.69.49 396982 (GOOGLE-CL...)
9 2a00:1450:400... 15169 (GOOGLE)
3 65.9.71.118 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f11... 32934 (FACEBOOK)
1 2606:4700:303... 13335 (CLOUDFLAR...)
10 18.156.195.47 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
5 3.121.89.8 16509 (AMAZON-02)
1 104.18.19.126 13335 (CLOUDFLAR...)
2 3 147.75.85.234 54825 (PACKET)
1 3 72.251.249.14 32475 (SINGLEHOP...)
1 52.58.97.150 16509 (AMAZON-02)
1 34.250.112.177 16509 (AMAZON-02)
7 2602:803:c004... 26667 (RUBICONPR...)
1 44.210.14.134 14618 (AMAZON-AES)
5 159.89.246.130 14061 (DIGITALOC...)
1 185.64.189.112 62713 (AS-PUBMATIC)
12 34.246.170.209 16509 (AMAZON-02)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
6 9 37.252.173.62 29990 (ASN-APPNEX)
1 185.255.84.151 200271 (IGUANE-)
1 213.19.147.43 26120 (RHYTHMONE)
1 7 35.244.159.8 15169 (GOOGLE)
1 69.166.1.9 27630 (AS-XFERNET)
2 99.86.3.236 16509 (AMAZON-02)
1 23.206.210.112 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 141.95.98.68 16276 (OVH)
1 2001:41d0:701... 16276 (OVH)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 54.146.133.189 14618 (AMAZON-AES)
1 162.19.138.118 16276 (OVH)
1 54.82.150.226 14618 (AMAZON-AES)
3 2a03:2880:f02... 32934 (FACEBOOK)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 52.0.175.47 14618 (AMAZON-AES)
1 23.36.162.82 20940 (AKAMAI-ASN1)
2 143.204.215.58 16509 (AMAZON-02)
3 5 2620:116:800d... 16509 (AMAZON-02)
2 6 2600:9000:206... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 10 151.101.2.137 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:205... 16509 (AMAZON-02)
1 34.250.198.162 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 5 185.29.134.248 30419 (MEDIAMATH...)
9 52.223.40.198 16509 (AMAZON-02)
2 3 54.77.35.16 16509 (AMAZON-02)
2 3 69.192.160.219 16625 (AKAMAI-AS)
1 2a04:4e42::300 54113 (FASTLY)
7 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 185.29.132.246 30419 (MEDIAMATH...)
4 5 69.173.144.165 26667 (RUBICONPR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 138.201.63.164 24940 (HETZNER-AS)
1 2.18.233.201 16625 (AKAMAI-AS)
4 2a00:1450:400... 15169 (GOOGLE)
2 173.194.76.156 15169 (GOOGLE)
2 151.101.130.137 54113 (FASTLY)
6 23.205.235.133 16625 (AKAMAI-AS)
1 104.18.12.76 13335 (CLOUDFLAR...)
1 18.66.97.52 16509 (AMAZON-02)
5 23.35.236.201 16625 (AKAMAI-AS)
1 151.101.129.108 54113 (FASTLY)
1 99.86.4.81 16509 (AMAZON-02)
1 13.248.245.213 16509 (AMAZON-02)
2 2 37.157.2.238 198622 (ADFORM)
6 10 142.250.185.66 15169 (GOOGLE)
1 18.203.5.183 16509 (AMAZON-02)
2 51.89.9.253 16276 (OVH)
1 2 185.86.137.122 201081 (SMARTADSE...)
5 9 104.18.18.126 13335 (CLOUDFLAR...)
2 2 23.203.77.3 16625 (AKAMAI-AS)
2 6 69.173.144.139 26667 (RUBICONPR...)
2 2 216.52.2.30 32475 (SINGLEHOP...)
1 1 138.197.50.103 14061 (DIGITALOC...)
3 3 213.19.147.44 3356 (LEVEL3)
1 1 193.0.160.129 54312 (ROCKETFUEL)
2 69.166.1.12 27630 (AS-XFERNET)
6 6 3.126.56.137 16509 (AMAZON-02)
3 3 34.226.26.172 14618 (AMAZON-AES)
2 3 3.75.3.113 16509 (AMAZON-02)
1 8.2.111.121 46636 (NATCOWEB)
1 198.47.127.19 3257 (GTT-BACKB...)
2 2 37.252.172.123 29990 (ASN-APPNEX)
1 15 34.247.205.196 16509 (AMAZON-02)
8 8 18.184.37.1 16509 (AMAZON-02)
2 2 3.121.191.244 16509 (AMAZON-02)
3 4 70.42.32.191 13789 (INTERNAP-...)
1 1 52.5.242.57 14618 (AMAZON-AES)
1 2 2a05:d018:d29... 16509 (AMAZON-02)
1 1 3.217.159.252 14618 (AMAZON-AES)
1 150.136.25.38 31898 (ORACLE-BM...)
1 169.197.150.8 398989 (DEEPINTENT)
2 2 50.31.142.159 23352 (SERVERCEN...)
2 2 99.81.70.153 16509 (AMAZON-02)
1 1 198.148.27.139 19189 (PULSEPOINT)
3 4 151.101.2.49 54113 (FASTLY)
1 1 124.146.215.44 2514 (INFOSPHER...)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 3 52.95.125.22 16509 (AMAZON-02)
4 7 52.46.128.147 16509 (AMAZON-02)
1 4 185.86.137.131 201081 (SMARTADSE...)
1 52.28.129.28 16509 (AMAZON-02)
2 2 35.210.53.219 15169 (GOOGLE)
2 9 185.80.39.216 27381 (CASALE-MEDIA)
1 1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 72.251.241.204 32475 (SINGLEHOP...)
1 1 3.73.168.247 16509 (AMAZON-02)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 104.18.13.76 13335 (CLOUDFLAR...)
1 8.43.72.98 26667 (RUBICONPR...)
362 108
Apex Domain
Subdomains
Transfer
57 imleagues.com
www.imleagues.com — Cisco Umbrella Rank: 82278
sli.imleagues.com — Cisco Umbrella Rank: 135152
876 KB
27 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 492
token.rubiconproject.com — Cisco Umbrella Rank: 682
eus.rubiconproject.com — Cisco Umbrella Rank: 596
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 929
pixel.rubiconproject.com — Cisco Umbrella Rank: 347
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 852
44 KB
26 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
bid.g.doubleclick.net — Cisco Umbrella Rank: 444
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
231 KB
19 googlesyndication.com
4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
tpc.googlesyndication.com — Cisco Umbrella Rank: 147
245 KB
19 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 519
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 439
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 542
dsum.casalemedia.com — Cisco Umbrella Rank: 1311
16 KB
18 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 895
ups.analytics.yahoo.com — Cisco Umbrella Rank: 294
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 426
3 KB
16 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1430
usersync.gumgum.com — Cisco Umbrella Rank: 2144
5 KB
15 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 313
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 534
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1205
s.amazon-adsystem.com — Cisco Umbrella Rank: 296
56 KB
13 google.com
apis.google.com — Cisco Umbrella Rank: 112
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 78
accounts.google.com — Cisco Umbrella Rank: 83
134 KB
13 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1663
public.servenobid.com — Cisco Umbrella Rank: 3473
8 KB
12 connatix.com
cd.connatix.com — Cisco Umbrella Rank: 3576
cds.connatix.com — Cisco Umbrella Rank: 3681
capi.connatix.com — Cisco Umbrella Rank: 3938
ins.connatix.com — Cisco Umbrella Rank: 5170
capi-tier-2-us-east-2.connatix.com Failed
vid.connatix.com — Cisco Umbrella Rank: 4548
img.connatix.com — Cisco Umbrella Rank: 4272
488 KB
12 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 232
acdn.adnxs.com — Cisco Umbrella Rank: 618
secure.adnxs.com — Cisco Umbrella Rank: 438
27 KB
9 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 356
2 KB
9 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 44
imasdk.googleapis.com — Cisco Umbrella Rank: 435
258 KB
8 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 303
3 KB
8 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 462
tags.mathtag.com — Cisco Umbrella Rank: 3355
pixel.mathtag.com — Cisco Umbrella Rank: 993
5 KB
8 liadm.com
b-code.liadm.com — Cisco Umbrella Rank: 3527
rp.liadm.com — Cisco Umbrella Rank: 1652
rp4.liadm.com — Cisco Umbrella Rank: 7432
idx.liadm.com — Cisco Umbrella Rank: 2587
i.liadm.com — Cisco Umbrella Rank: 586
i6.liadm.com Failed
20 KB
7 adroll.com
s.adroll.com — Cisco Umbrella Rank: 2474
d.adroll.com — Cisco Umbrella Rank: 1484
21 KB
7 openx.net
teachingaids-d.openx.net — Cisco Umbrella Rank: 14052
eu-u.openx.net — Cisco Umbrella Rank: 1878
us-u.openx.net — Cisco Umbrella Rank: 409
2 KB
7 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 470
ads.pubmatic.com — Cisco Umbrella Rank: 495
image6.pubmatic.com — Cisco Umbrella Rank: 671
29 KB
6 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 863
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 640
2 KB
6 serverbid.com
e.serverbid.com — Cisco Umbrella Rank: 3621
sync.serverbid.com — Cisco Umbrella Rank: 7757
x.serverbid.com — Cisco Umbrella Rank: 8510
3 KB
6 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 998
match.sharethrough.com — Cisco Umbrella Rank: 554
826 B
6 admetricspro.com
qd.admetricspro.com — Cisco Umbrella Rank: 12890
378 KB
5 gstatic.com
www.gstatic.com
csi.gstatic.com Failed
fonts.gstatic.com
97 KB
5 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 948
pixel.quantserve.com — Cisco Umbrella Rank: 516
cms.quantserve.com — Cisco Umbrella Rank: 729
12 KB
5 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 599
ce.lijit.com — Cisco Umbrella Rank: 918
3 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 578
1 KB
4 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 832
1 KB
4 google.de
www.google.de — Cisco Umbrella Rank: 6045
adservice.google.de — Cisco Umbrella Rank: 8724
1 KB
4 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 1362
sync.1rx.io — Cisco Umbrella Rank: 543
2 KB
3 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 1055
550 B
3 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1707
1022 B
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 214
3 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
91 KB
3 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 1501
sync.go.sonobi.com — Cisco Umbrella Rank: 983
2 KB
3 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 924
687 B
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2105
mp.4dex.io — Cisco Umbrella Rank: 2186
24 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
3 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
20 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 193
120 KB
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 4673
756 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 657
700 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 681
623 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 560
1 KB
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2293
1 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 777
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 627
924 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 608
cdn.indexww.com — Cisco Umbrella Rank: 1375
2 KB
2 addthis.com
x.dlx.addthis.com — Cisco Umbrella Rank: 1189
1 KB
2 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 876
5 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 156
2 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1358
lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1440
563 B
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1193
id5-sync.com — Cisco Umbrella Rank: 471
17 KB
2 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 1980
casale-match.dotomi.com — Cisco Umbrella Rank: 2662
929 B
2 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 585
eb2.3lift.com — Cisco Umbrella Rank: 373
728 B
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 1373
15 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 6700
419 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 6060
322 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1435
283 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 9937
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 375
925 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1201
693 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 538
388 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 504
755 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 891
44 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1204
293 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 934
465 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 723
590 B
1 colossusssp.com
sync.colossusssp.com — Cisco Umbrella Rank: 1925
20 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 740
735 B
1 yieldlift.com
x.yieldlift.com — Cisco Umbrella Rank: 3611
276 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 888
476 B
1 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 43646
hal90004.redintelligence.net — Cisco Umbrella Rank: 263007 Failed
3 KB
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 697
376 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1340
17 KB
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4187
1 KB
1 yellowblue.io
hb.yellowblue.io — Cisco Umbrella Rank: 4137
407 B
1 postrelease.com
exchange.postrelease.com — Cisco Umbrella Rank: 5153
394 B
1 workers.dev
pioeg.admetricspro.workers.dev — Cisco Umbrella Rank: 30121
680 B
1 cloudfront.net
d1sle6ww94m2ue.cloudfront.net
43 KB
0 2mdn.net Failed
gcdn.2mdn.net Failed
362 82
Domain Requested by
56 www.imleagues.com 1 redirects www.imleagues.com
d1sle6ww94m2ue.cloudfront.net
15 usersync.gumgum.com 1 redirects g2.gumgum.com
12 ads.servenobid.com qd.admetricspro.com
public.servenobid.com
g2.gumgum.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
10 cm.g.doubleclick.net 6 redirects eu-u.openx.net
g2.gumgum.com
www.imleagues.com
10 c2shb.pubgw.yahoo.com qd.admetricspro.com
9 ssum-sec.casalemedia.com 5 redirects public.servenobid.com
js-sec.indexww.com
ssum-sec.casalemedia.com
9 tpc.googlesyndication.com 4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com
www.imleagues.com
9 match.adsrvr.org i.liadm.com
eu-u.openx.net
public.servenobid.com
sync.serverbid.com
g2.gumgum.com
www.imleagues.com
ssum-sec.casalemedia.com
9 ib.adnxs.com 6 redirects qd.admetricspro.com
acdn.adnxs.com
9 securepubads.g.doubleclick.net d1sle6ww94m2ue.cloudfront.net
www.googletagservices.com
securepubads.g.doubleclick.net
www.imleagues.com
8 x.bidswitch.net 8 redirects
7 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
7 s.amazon-adsystem.com 4 redirects www.imleagues.com
ssum-sec.casalemedia.com
7 fastlane.rubiconproject.com qd.admetricspro.com
6 ups.analytics.yahoo.com 6 redirects
6 pixel.rubiconproject.com 2 redirects public.servenobid.com
www.imleagues.com
eus.rubiconproject.com
6 eus.rubiconproject.com d1sle6ww94m2ue.cloudfront.net
public.servenobid.com
eus.rubiconproject.com
g2.gumgum.com
6 pagead2.googlesyndication.com d1sle6ww94m2ue.cloudfront.net
www.imleagues.com
4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com
pagead2.googlesyndication.com
6 cds.connatix.com www.imleagues.com
d1sle6ww94m2ue.cloudfront.net
6 s.adroll.com 2 redirects d1sle6ww94m2ue.cloudfront.net
www.imleagues.com
6 qd.admetricspro.com www.imleagues.com
qd.admetricspro.com
5 ads.pubmatic.com d1sle6ww94m2ue.cloudfront.net
public.servenobid.com
sync.serverbid.com
g2.gumgum.com
5 token.rubiconproject.com 4 redirects 4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com
5 imasdk.googleapis.com 4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com
www.imleagues.com
5 sync.mathtag.com 4 redirects www.imleagues.com
5 btlr.sharethrough.com qd.admetricspro.com
4 rtb-csync.smartadserver.com 1 redirects ssbsync.smartadserver.com
4 sync-tm.everesttech.net 3 redirects g2.gumgum.com
4 sync.outbrain.com 3 redirects g2.gumgum.com
4 fonts.gstatic.com fonts.googleapis.com
4 4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com d1sle6ww94m2ue.cloudfront.net
4 www.google.com www.imleagues.com
4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com
4 apis.google.com d1sle6ww94m2ue.cloudfront.net
4 fonts.googleapis.com www.imleagues.com
4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com
3 aax-eu.amazon-adsystem.com 2 redirects www.imleagues.com
3 cs.emxdgt.com 2 redirects sync.serverbid.com
3 x.serverbid.com sync.serverbid.com
3 ssp.disqus.com 3 redirects
3 sync.1rx.io 3 redirects
3 us-u.openx.net 1 redirects eu-u.openx.net
3 cms.quantserve.com 3 redirects
3 eu-u.openx.net d1sle6ww94m2ue.cloudfront.net
eu-u.openx.net
3 googleads.g.doubleclick.net www.imleagues.com
3 dpm.demdex.net 2 redirects ssum-sec.casalemedia.com
3 accounts.google.com d1sle6ww94m2ue.cloudfront.net
www.imleagues.com
www.gstatic.com
3 i.liadm.com d1sle6ww94m2ue.cloudfront.net
i.liadm.com
3 connect.facebook.net d1sle6ww94m2ue.cloudfront.net
3 ap.lijit.com 1 redirects qd.admetricspro.com
public.servenobid.com
3 prebid.a-mo.net 2 redirects qd.admetricspro.com
3 www.facebook.com www.imleagues.com
d1sle6ww94m2ue.cloudfront.net
3 www.google-analytics.com d1sle6ww94m2ue.cloudfront.net
www.google-analytics.com
3 c.amazon-adsystem.com d1sle6ww94m2ue.cloudfront.net
c.amazon-adsystem.com
3 www.googletagservices.com www.imleagues.com
d1sle6ww94m2ue.cloudfront.net
4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 pool.admedo.com 2 redirects
2 creativecdn.com 2 redirects
2 ad.360yield.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 pr-bh.ybp.yahoo.com 1 redirects g2.gumgum.com
2 a.sportradarserving.com 2 redirects
2 secure.adnxs.com 2 redirects
2 sync.go.sonobi.com public.servenobid.com
sync.serverbid.com
2 ce.lijit.com 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 ssbsync.smartadserver.com 1 redirects public.servenobid.com
2 onetag-sys.com public.servenobid.com
sync.serverbid.com
2 c1.adform.net 2 redirects
2 img.connatix.com www.imleagues.com
2 bid.g.doubleclick.net imasdk.googleapis.com
2 tags.mathtag.com 4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com
www.imleagues.com
2 x.dlx.addthis.com 1 redirects i.liadm.com
2 rules.quantcount.com d1sle6ww94m2ue.cloudfront.net
2 adservice.google.com d1sle6ww94m2ue.cloudfront.net
www.imleagues.com
2 adservice.google.de d1sle6ww94m2ue.cloudfront.net
www.imleagues.com
2 www.google.de www.imleagues.com
2 sb.scorecardresearch.com d1sle6ww94m2ue.cloudfront.net
www.imleagues.com
2 stats.g.doubleclick.net www.google-analytics.com
2 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
2 e.serverbid.com qd.admetricspro.com
sync.serverbid.com
2 script.4dex.io d1sle6ww94m2ue.cloudfront.net
2 i.clean.gg d1sle6ww94m2ue.cloudfront.net
2 b-code.liadm.com www.imleagues.com
d1sle6ww94m2ue.cloudfront.net
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 s.company-target.com 1 redirects
1 sonata-notifications.taptapnetworks.com 1 redirects
1 cm.adgrx.com ssum-sec.casalemedia.com
1 ad4m.at ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 match.sharethrough.com ssbsync.smartadserver.com
1 px.ads.linkedin.com www.imleagues.com
1 tg.socdm.com 1 redirects
1 bh.contextweb.com 1 redirects
1 stags.bluekai.com 1 redirects
1 match.deepintent.com g2.gumgum.com
1 sync.technoratimedia.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 sync.colossusssp.com sync.serverbid.com
1 p.rfihub.com 1 redirects
1 x.yieldlift.com 1 redirects
1 g2.gumgum.com public.servenobid.com
1 eb2.3lift.com d1sle6ww94m2ue.cloudfront.net
1 public.servenobid.com d1sle6ww94m2ue.cloudfront.net
1 acdn.adnxs.com d1sle6ww94m2ue.cloudfront.net
1 sync.serverbid.com d1sle6ww94m2ue.cloudfront.net
1 js-sec.indexww.com d1sle6ww94m2ue.cloudfront.net
1 vid.connatix.com cd.connatix.com
1 partner.googleadservices.com www.imleagues.com
1 ins.connatix.com cd.connatix.com
1 pixel.mathtag.com www.imleagues.com
1 hal9000.redintelligence.net www.imleagues.com
1 capi.connatix.com cd.connatix.com
1 trc.taboola.com i.liadm.com
1 www.gstatic.com accounts.google.com
1 pixel.quantserve.com www.imleagues.com
1 d.adroll.com d1sle6ww94m2ue.cloudfront.net
1 cd.connatix.com 1 redirects
1 secure.quantserve.com d1sle6ww94m2ue.cloudfront.net
1 sli.imleagues.com www.imleagues.com
1 idx.liadm.com b-code.liadm.com
1 id5-sync.com cdn.id5-sync.com
1 rp4.liadm.com www.imleagues.com
1 rp.liadm.com 1 redirects
1 lbs.eu-1-id5-sync.com cdn.id5-sync.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 cdn.id5-sync.com d1sle6ww94m2ue.cloudfront.net
1 secure.cdn.fastclick.net d1sle6ww94m2ue.cloudfront.net
1 apex.go.sonobi.com qd.admetricspro.com
1 teachingaids-d.openx.net qd.admetricspro.com
1 tag.1rx.io qd.admetricspro.com
1 hb-api.omnitagjs.com qd.admetricspro.com
1 web.hb.ad.cpe.dotomi.com qd.admetricspro.com
1 mp.4dex.io qd.admetricspro.com
1 hbopenbid.pubmatic.com qd.admetricspro.com
1 hb.yellowblue.io qd.admetricspro.com
1 exchange.postrelease.com qd.admetricspro.com
1 tlx.3lift.com qd.admetricspro.com
1 htlb.casalemedia.com qd.admetricspro.com
1 pioeg.admetricspro.workers.dev qd.admetricspro.com
1 d1sle6ww94m2ue.cloudfront.net www.imleagues.com
0 gcdn.2mdn.net Failed www.imleagues.com
0 capi-tier-2-us-east-2.connatix.com Failed cd.connatix.com
0 hal90004.redintelligence.net Failed 4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com
0 csi.gstatic.com Failed imasdk.googleapis.com
0 i6.liadm.com Failed i.liadm.com
362 147

This site contains no links.

Subject Issuer Validity Valid
www.imleagues.com
Go Daddy Secure Certificate Authority - G2
2022-08-25 -
2023-09-26
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
*.cloudfront.net
Amazon
2022-02-01 -
2023-01-31
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-07-11 -
2023-07-10
a year crt.sh
*.liadm.com
Amazon
2022-01-31 -
2023-03-01
a year crt.sh
i.clean.gg
GTS CA 1D4
2022-10-04 -
2023-01-02
3 months crt.sh
c.amazon-adsystem.com
Amazon
2022-05-09 -
2023-04-18
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-07-29 -
2022-10-27
3 months crt.sh
*.admetricspro.workers.dev
E1
2022-08-31 -
2022-11-29
3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-08-02 -
2023-01-25
6 months crt.sh
*.sharethrough.com
Amazon
2022-07-14 -
2023-08-12
a year crt.sh
*.a-mo.net
R3
2022-09-05 -
2022-12-04
3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2022-06-27 -
2023-06-05
a year crt.sh
*.3lift.com
Amazon
2022-05-13 -
2023-06-11
a year crt.sh
*.postrelease.com
Amazon
2022-02-17 -
2023-03-18
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-08 -
2023-04-04
a year crt.sh
*.yellowblue.io
Amazon
2022-04-23 -
2023-05-22
a year crt.sh
*.consumableaudio.com
R3
2022-10-03 -
2023-01-01
3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2022-06-13 -
2023-07-14
a year crt.sh
ads.servenobid.com
Amazon
2022-05-29 -
2023-06-27
a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018
2022-05-31 -
2023-07-02
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA
2022-06-21 -
2023-07-21
a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA
2022-06-28 -
2023-07-29
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2
2021-12-08 -
2023-01-09
a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon
2022-06-15 -
2023-06-15
a year crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA
2022-01-15 -
2023-01-17
a year crt.sh
*.eu-1-id5-sync.com
R3
2022-08-18 -
2022-11-16
3 months crt.sh
*.id5-sync.com
R3
2022-08-18 -
2022-11-16
3 months crt.sh
*.apis.google.com
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh
sli.imleagues.com
R3
2022-10-05 -
2023-01-03
3 months crt.sh
*.google.com
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh
*.scorecardresearch.com
Amazon
2022-01-29 -
2023-02-27
a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2022-08-09 -
2023-09-09
a year crt.sh
s.adroll.com
Amazon
2022-07-03 -
2023-08-01
a year crt.sh
www.google.com
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh
www.google.de
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
*.google.de
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
accounts.google.com
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
adroll.mgr.consensu.org
Amazon
2022-08-10 -
2023-09-08
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2021-11-28 -
2022-12-29
a year crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2
2022-08-22 -
2023-09-23
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh
*.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1
2022-04-18 -
2023-04-25
a year crt.sh
redintelligence.net
R3
2022-10-04 -
2023-01-02
3 months crt.sh
pixel.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1
2022-07-05 -
2023-07-05
a year crt.sh
*.googleadservices.com
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
sync.serverbid.com
Amazon
2022-04-04 -
2023-05-03
a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1
2022-03-11 -
2023-04-11
a year crt.sh
*.servenobid.com
Amazon
2022-02-06 -
2023-03-07
a year crt.sh
*.gumgum.com
Amazon
2022-05-06 -
2023-06-04
a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-10 -
2023-01-03
a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-25 -
2023-01-25
a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2
2022-05-18 -
2023-06-19
a year crt.sh
*.colossusssp.com
Go Daddy Secure Certificate Authority - G2
2021-11-07 -
2022-11-07
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-06-14 -
2022-12-07
6 months crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-09-15 -
2023-09-15
a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2
2022-05-02 -
2023-06-03
a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon
2022-02-15 -
2023-03-16
a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1
2022-02-03 -
2023-03-07
a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA
2022-03-01 -
2023-03-28
a year crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1
2022-09-26 -
2023-10-27
a year crt.sh

This page contains 41 frames:

Primary Page: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Frame ID: DDF5ED54DB8636385F603221D20F4434
Requests: 157 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2FIMLeagues&width&layout=button&action=like&show_faces=true&share=false&height=80
Frame ID: C1793BA47305A0327E2AA27A0C7A1F5C
Requests: 1 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-01de?s=&cim=&ps=true&ls=true&duid=e61ac6b72cda--01gfsk7aprkp6ahxvwhf66fzz3&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Frame ID: CD2B7B5A8C669E4658C566094325F2FE
Requests: 8 HTTP requests in this frame

Frame: https://cds.connatix.com/p/191837/connatix.player.dc.js
Frame ID: 113999519202DD0143760B11CB8D9F24
Requests: 12 HTTP requests in this frame

Frame: https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9D6766B9788AA29AA3AFA5C3CA1AFD04
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 15CCC32D0A4ED3646C5EB8BC5298897E
Requests: 4 HTTP requests in this frame

Frame: https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FACD4A6DBEECF95A83F72AFBB6426FB7
Requests: 20 HTTP requests in this frame

Frame: https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3C91E9419A1E1E8566A9219269563619
Requests: 19 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsunFujW-gbaTIk_7RTGqvTYvEw2Jcv2gUIIvVEQwN_MGdesYhgc75OsQb6uUNzQ-D2iwXMBPyXwN8PC049Tfwp_b7HTXXkM-IRqGpLo0sHYN67jXBLLdhaihI2tTCK5ifrzBVRSooDCAkgdW2bBWB_kkOngJpBYZH_oITRs8av3HxbWI_8iGhEzlk5tHWkTTQlm8HlTByicYOMxWlpOon5r1vg_2tXOb2y_a5T394EFuSxYfj1ci9OQqdhfKN8pm_zEwnDjhsWBM1rR2ePRfmHeSDL9a-G1m0z-Fv_qN9m6a84VM90fz9i_Q-Vxu62zLARKNwauzQBdIpejECMwe9ZUow&sai=AMfl-YRCgcLwnuMQDmjzBjbBJr2W5qKRLGblaxilVW85rGI8LPoW6Oi-GPUk7h3YkVBio060rSnB9Qe5tAVysEZfFACw8UvAf1WqGC5rpp_dmCZgDwjw8BNn6T3fRr9WXHYFYUAD&sig=Cg0ArKJSzE5-9CozzwlbEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 66E1598224FE3DB257E6EF7CE9B33A22
Requests: 13 HTTP requests in this frame

Frame: https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 63A359A4A7B1DD4185A21BB18EC4FE52
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221018/r20190131/zrt_lookup.html
Frame ID: 9569EB384A5FFE10B50E00382D24C0ED
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-1752690355379860&output=html&adk=1812271804&adf=3279755405&lmt=1666232595&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.imleagues.com%2Fspa%2Faccount%2Flogin%3Fredirecturl%3Dhttps%3A%252F%252Fwww.imleagues.com%252FSchool%252FViewMCMessage.aspx%253FSchId%253Dae6dfe7f46634b3f9c6076c71e0555e8%2526MessageId%253D9532fc765e5f4e07ba36fa17ab037eb8&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666232595521&bpp=3&bdt=312&idt=280&shv=r20221018&mjsv=m202210110101&ptt=9&saldr=aa&cookie=ID%3D2d2fb44953f594e2-224b1b8651ce0003%3AT%3D1666232594%3AS%3DALNI_MYYwzghvJ8rnmTsU105T0o707nLPg&gpic=UID%3D00000b75981a84f1%3AT%3D1666232594%3ART%3D1666232594%3AS%3DALNI_MYuLm_oiNWQjFEz_cwdhDYv68q7Ng&nras=1&correlator=1596372447455&frm=23&ife=4&pv=2&ga_vid=1514818731.1666232593&ga_sid=1666232596&ga_hid=1771893069&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=728&ish=90&ifk=410253922&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706&oid=2&pvsid=3171344166930078&tmod=807477497&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.nqc0fwbmxljn&fsb=1&dtd=302
Frame ID: 386B1CC2196D6101243F805F811CE0AC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-1752690355379860&output=html&h=90&slotname=2091879476&adk=931657744&adf=3173046724&pi=t.ma~as.2091879476&w=728&lmt=1666232595&format=728x90&url=https%3A%2F%2Fwww.imleagues.com%2Fspa%2Faccount%2Flogin%3Fredirecturl%3Dhttps%3A%252F%252Fwww.imleagues.com%252FSchool%252FViewMCMessage.aspx%253FSchId%253Dae6dfe7f46634b3f9c6076c71e0555e8%2526MessageId%253D9532fc765e5f4e07ba36fa17ab037eb8&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666232595521&bpp=1&bdt=312&idt=285&shv=r20221018&mjsv=m202210110101&ptt=9&saldr=aa&cookie=ID%3D2d2fb44953f594e2-224b1b8651ce0003%3AT%3D1666232594%3AS%3DALNI_MYYwzghvJ8rnmTsU105T0o707nLPg&gpic=UID%3D00000b75981a84f1%3AT%3D1666232594%3ART%3D1666232594%3AS%3DALNI_MYuLm_oiNWQjFEz_cwdhDYv68q7Ng&prev_fmts=0x0&nras=1&correlator=1596372447455&frm=23&ife=4&pv=1&ga_vid=1514818731.1666232593&ga_sid=1666232596&ga_hid=1771893069&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=437&ady=1107&biw=1600&bih=1200&isw=728&ish=90&ifk=410253922&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706&oid=2&pvsid=3171344166930078&tmod=807477497&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.meg9fnhy9te3&fsb=1&dtd=310
Frame ID: 39DB94ECF0F2D65DA4BB2A8530556F2C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: 1017F1625A60E13B4B3742379F658F57
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 104EA7B0D4EBF6E2D5C2B2936AB067A9
Requests: 1 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2000891.html
Frame ID: 84D384FC27B5917A9A6854D0AF48B705
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Frame ID: 2512856DEB49CA775F3DF872BFD2112F
Requests: 2 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Frame ID: F9E2EC8D3A6F4074E65CA37E29372318
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 43740E4E179CBC74CFE73FA09ED1408C
Requests: 3 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 1890A7E998D9BA97E5269BA31C286166
Requests: 13 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 2BF0AE6EA9F3F8A4436F2511F168C831
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Frame ID: 8733E6D27EF5B9CE286E17E8C6C7E43B
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 9AB0403B11867D5F4F758929FD4AD5BF
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 69E189547C99DDA08FD6FC548B1FFEAA
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: DC3BD8093FC6272A3A6F966DA85D7F35
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Frame ID: FC7F4CDAE93B9BEF3A57C2F4E47D06B8
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: FEFEE424F7B56727C615F7388104BD2A
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: B22F44881F381FEE2533E49E39E27229
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6c68086c0c61793
Frame ID: F0F15B7ABCA35E1B755CEF68E8FC773C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Frame ID: 421124A619188164325B5CC7A0810D9A
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.imleagues.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 8397A17894193D4372EC6481AC057CEA
Requests: 10 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=e75e6350-b113-4b00-8f8c-a45e6b3c4ecb&gdpr=0&gdpr_consent=
Frame ID: 1DC530956CA93D3D83EF07FF94F567E5
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y1CxFgAAAa38sAAO
Frame ID: 8694D86C07E05BAD59B3F2F07BC50E1D
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85YjdkZTVjYS01NTg2LTQ4NzctYTMxNy1jMzAyYjZkZTBmOGY=&gdpr=0&gdpr_consent=
Frame ID: 0C329DC8746D2137F23F778DF576DC31
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 7DF4F96E0D56E1F06D1B84C9FE0DF548
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 720DC43E05C8D0E101F70D26D33186E6
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=emx&i=898287034406155548brt57491666232598735632f1
Frame ID: 96659BF1876C117AC6E85A23733441B2
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y1CxF8Co8XgAANcpvNEAAAAA
Frame ID: 488CCDC1DE1FE558848E55EDBC69C6D6
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y1CxFmojwUrzL0Uvyvj-qgAA%261193
Frame ID: DFE5193F4B0477A4BBC9556A0ED00B31
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=E0TRgd4U75RHcm7nGACS&pi=gumgum&tc=1
Frame ID: DDB2C163A63D9D5D3A28AFD0C2142F1C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 1BE40AAF094E7C182E00D44B5F55883F
Requests: 3 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://www.imleagues.com/School/ViewMCMessage.aspx?SchId=ae6dfe7f46634b3f9c6076c71e0555e8&MessageId=9... HTTP 302
    https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fVie... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/material(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • \bangular.{0,32}\.js

Overall confidence: 100%
Detected patterns
  • handlebars(?:\.runtime)?(?:-v([\d.]+?))?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • require.*\.js

Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

362
Requests

78 %
HTTPS

30 %
IPv6

82
Domains

147
Subdomains

108
IPs

12
Countries

3296 kB
Transfer

10498 kB
Size

107
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.imleagues.com/School/ViewMCMessage.aspx?SchId=ae6dfe7f46634b3f9c6076c71e0555e8&MessageId=9532fc765e5f4e07ba36fa17ab037eb8 HTTP 302
    https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 95
  • https://rp.liadm.com/j?dtstmp=1666232593233&aid=a-01de&se=e30&duid=e61ac6b72cda--01gfsk7aprkp6ahxvwhf66fzz3&tna=v2.5.0&pu=https%3A%2F%2Fwww.imleagues.com%2Fspa%2Faccount%2Flogin%3Fredirecturl%3Dhttps%253a%252f%252fwww.imleagues.com%252fSchool%252fViewMCMessage.aspx%253fSchId%253dae6dfe7f46634b3f9c6076c71e0555e8%2526MessageId%253d9532fc765e5f4e07ba36fa17ab037eb8&us_privacy=1---&wpn=lc-bundle&gdpr=0&c=PHRpdGxlIG5nLWJpbmQ9InRpdGxlIiB0cmFuc2xhdGUtbmFtZXNwYWNlPSJ0ZW1wbGF0ZS5hY2NvdW50IiB0cmFuc2xhdGU9Ii5QYWdlVGl0bGUiIHRyYW5zbGF0ZS1rZWVwLWNvbnRlbnQ9IiI-SU1MZWFndWVzPC90aXRsZT48aDEgYXJpYS1sYWJlbD0iaGlkZGVuIiBzdHlsZT0iZGlzcGxheTpub25lIiB0aXRsZT0iSGlkZGVuIj5IaWRkZW48L2gxPg HTTP 302
  • https://rp4.liadm.com/j?dtstmp=1666232593233&aid=a-01de&se=e30&duid=e61ac6b72cda--01gfsk7aprkp6ahxvwhf66fzz3&tna=v2.5.0&pu=https%3A%2F%2Fwww.imleagues.com%2Fspa%2Faccount%2Flogin%3Fredirecturl%3Dhttps%253a%252f%252fwww.imleagues.com%252fSchool%252fViewMCMessage.aspx%253fSchId%253dae6dfe7f46634b3f9c6076c71e0555e8%2526MessageId%253d9532fc765e5f4e07ba36fa17ab037eb8&us_privacy=1---&wpn=lc-bundle&gdpr=0&c=PHRpdGxlIG5nLWJpbmQ9InRpdGxlIiB0cmFuc2xhdGUtbmFtZXNwYWNlPSJ0ZW1wbGF0ZS5hY2NvdW50IiB0cmFuc2xhdGU9Ii5QYWdlVGl0bGUiIHRyYW5zbGF0ZS1rZWVwLWNvbnRlbnQ9IiI-SU1MZWFndWVzPC90aXRsZT48aDEgYXJpYS1sYWJlbD0iaGlkZGVuIiBzdHlsZT0iZGlzcGxheTpub25lIiB0aXRsZT0iSGlkZGVuIj5IaWRkZW48L2gxPg&i6=MmEwMTo0YTA6MTMzODo5Mjo6MTE%3D&n3pc=true
Request Chain 140
  • https://cd.connatix.com/connatix.player.js HTTP 302
  • https://cds.connatix.com/p/191837/connatix.player.dc.js
Request Chain 151
  • https://s.adroll.com/j/exp/7O4IOMNVQZESLH4D3ZBIBV/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js
Request Chain 152
  • https://s.adroll.com/j/pre/7O4IOMNVQZESLH4D3ZBIBV/FCLKMOSMJJCGDNBQPRCAKE/fpconsent.js HTTP 302
  • https://s.adroll.com/j/pre/index.js
Request Chain 162
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https://i.liadm.com/s/e/a-01de/0/9c82b84634a645b28d23a71de52ce382?mpid%3D7156%26muid%3D%5BMM_UUID%5D&b7fc8b16-e54a-40b1-ac94-458d49ec3b7a&us_privacy=1--- HTTP 302
  • https://i.liadm.com/s/e/a-01de/0/9c82b84634a645b28d23a71de52ce382?mpid=7156&muid=e75e6350-b113-4b00-8f8c-a45e6b3c4ecb
Request Chain 164
  • https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=b7fc8b16-e54a-40b1-ac94-458d49ec3b7a&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=b7fc8b16-e54a-40b1-ac94-458d49ec3b7a&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D&us_privacy=1--- HTTP 302
  • https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=cf7671d6-cf73-4b95-ab8e-d50161d59cfa HTTP 303
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=b7fc8b16-e54a-40b1-ac94-458d49ec3b7a HTTP 302
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=liveintent&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=liveintent&&user_id=p4IkPfOAID-81HQ0p9Q8PaDXcDq81XRuqYL7xXms HTTP 302
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=cf7671d6-cf73-4b95-ab8e-d50161d59cfa HTTP 303
  • https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=cf7671d6-cf73-4b95-ab8e-d50161d59cfa
Request Chain 165
  • https://dpm.demdex.net/ibs:dpid=127444&dpuuid=b7fc8b16-e54a-40b1-ac94-458d49ec3b7a&redir=https:%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-01de%2F0%2F9c82b84634a645b28d23a71de52ce382%3Fmpid=82775&muid=$%7BDD_UUID%7D?us_privacy=1--- HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=b7fc8b16-e54a-40b1-ac94-458d49ec3b7a&redir=https:%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-01de%2F0%2F9c82b84634a645b28d23a71de52ce382%3Fmpid=82775&muid=$%7BDD_UUID%7D HTTP 302
  • https://i.liadm.com/s/e/a-01de/0/9c82b84634a645b28d23a71de52ce382?mpid=82775
Request Chain 166
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=b7fc8b16-e54a-40b1-ac94-458d49ec3b7a&us_privacy=1--- HTTP 302
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=b7fc8b16-e54a-40b1-ac94-458d49ec3b7a&us_privacy=1---&rd=Y
Request Chain 168
  • https://b1sync.zemanta.com/usersync/liveintent/?cb=//i.liadm.com/s/35004?bidder_id%3D98254%26bidder_uuid%3D__ZUID__&us_privacy=1--- HTTP 302
  • https://stags.bluekai.com/site/23178?id=t8LQZGd0y9I-DDXDn6tR&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DF4XWSLTMNFQWI3JOMNXW2L3TF4ZTKMBQGQ7WE2LEMRSXEX3JMQ6TSOBSGU2CMYTJMRSGK4S7OV2WSZB5OQ4EYUK2I5SDA6JZJEWUIRCYIRXDM5CSEZSXQY3IMFXGOZJ5NRUXMZLJNZ2GK3TUEZ2XGX3QOJUXMYLDPE6TCLJNFU&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=F4XWSLTMNFQWI3JOMNXW2L3TF4ZTKMBQGQ7WE2LEMRSXEX3JMQ6TSOBSGU2CMYTJMRSGK4S7OV2WSZB5OQ4EYUK2I5SDA6JZJEWUIRCYIRXDM5CSEZSXQY3IMFXGOZJ5NRUXMZLJNZ2GK3TUEZ2XGX3QOJUXMYLDPE6TCLJNFU HTTP 302
  • https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=t8LQZGd0y9I-DDXDn6tR&us_privacy=1---
Request Chain 221
  • https://hal90004.redintelligence.net/request.php?zone=s5p1ff0cz8rl&nw=20&renderingType=javascript&namespace=5058e42b7d&subid=&uid=757f05034b172840&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D4f64b74f6bfa8596833a2c3bac00e1020f957e6f%26mt_aid%3D1734860103864312726%26mt_id%3D11050099%26mt_adid%3D215543%26mt_sid%3D12460949%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3De75e6350-b113-4b00-8f8c-a45e6b3c4ecb%26mt_cid%3De75e6350-b113-4b00-8f8c-a45e6b3c4ecb%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F641d8acb-840e-4e73-9908-9210ce6dec36%2F%26redirect%3D&documentReferer=https%3A%2F%2Fwww.imleagues.com%2F&ancestorOrigins=https%3A%2F%2Fwww.imleagues.com&random=9673684474074&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90004.redintelligence.net/request.php?zone=s5p1ff0cz8rl&nw=20&renderingType=javascript&namespace=5058e42b7d&subid=&uid=757f05034b172840&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D4f64b74f6bfa8596833a2c3bac00e1020f957e6f%26mt_aid%3D1734860103864312726%26mt_id%3D11050099%26mt_adid%3D215543%26mt_sid%3D12460949%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3De75e6350-b113-4b00-8f8c-a45e6b3c4ecb%26mt_cid%3De75e6350-b113-4b00-8f8c-a45e6b3c4ecb%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F641d8acb-840e-4e73-9908-9210ce6dec36%2F%26redirect%3D&documentReferer=https%3A%2F%2Fwww.imleagues.com%2F&ancestorOrigins=https%3A%2F%2Fwww.imleagues.com&random=9673684474074&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 265
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e75e6350-b113-4b00-8f8c-a45e6b3c4ecb
Request Chain 266
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=YT8k_zU9IP16aXT2YWk8_2ZqcPh6aHSsbz9Yrtkf
Request Chain 267
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2266870839298379810
Request Chain 270
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESED6roAUx7BIWZQg80wgZ0HE&google_cver=1
Request Chain 275
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Request Chain 276
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 279
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526uid%253D%2524UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=8752257161968039172
Request Chain 280
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=FgpvpBZHVWlzaSomRKSISevE
Request Chain 282
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID HTTP 301
  • https://ads.servenobid.com/sync?pid=314&uid=5275f076-8650-4629-a0ad-f499832a54dc
Request Chain 283
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1666232598643 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5071786325
Request Chain 284
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5107433824908013401
Request Chain 286
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=001dcc18-e9f7-4476-84db-81d37d5a8b27&gdpr=0&gdpr_consent=&us_privacy=1YN-
Request Chain 287
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-i8YSsZRE2uFy99biFiCEAvFmXXXm1W8f_fc03RI-~A
Request Chain 288
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0zYzM0N2E4Yy0zNzgxLTM3NjktYjI4MC1jZTc0YzZmNjU5MzQqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtM2MzNDdhOGMtMzc4MS0zNzY5LWIyODAtY2U3NGM2ZjY1OTM0MgIGDDgB%26buyeruid%3D HTTP 302
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS0zYzM0N2E4Yy0zNzgxLTM3NjktYjI4MC1jZTc0YzZmNjU5MzQqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtM2MzNDdhOGMtMzc4MS0zNzY5LWIyODAtY2U3NGM2ZjY1OTM0MgIGDDgB&buyeruid=0de72829-64a3-473c-9a61-5aaab40e93d4&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ce.lijit.com/merge?pid=279534&3pid=ua-3c347a8c-3781-3769-b280-ce74c6f65934&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS0zYzM0N2E4Yy0zNzgxLTM3NjktYjI4MC1jZTc0YzZmNjU5MzQqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtM2MzNDdhOGMtMzc4MS0zNzY5LWIyODAtY2U3NGM2ZjY1OTM0MgIGDDgC HTTP 302
  • https://ssp.disqus.com/match?bidder=12&buyeruid=FgpvpBZHVWlzaSomRKSISevE&r=Cid1YS0zYzM0N2E4Yy0zNzgxLTM3NjktYjI4MC1jZTc0YzZmNjU5MzQqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtM2MzNDdhOGMtMzc4MS0zNzY5LWIyODAtY2U3NGM2ZjY1OTM0MgIGDDgC HTTP 302
  • https://ads.servenobid.com/sync?pid=346&uid=ua-3c347a8c-3781-3769-b280-ce74c6f65934
Request Chain 289
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58632/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-i8YSsZRE2uFy99biFiCEAvFmXXXm1W8f_fc03RI-~A
Request Chain 290
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 294
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID HTTP 307
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=FgpvpBZHVWlzaSomRKSISevE
Request Chain 296
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1 HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y1CxFsUqTWEyZ-0PLjd2SAAA%261139
Request Chain 298
  • https://ups.analytics.yahoo.com/ups/58671/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58671/occ?verify=true HTTP 302
  • https://e.serverbid.com/usersync?cn=732&ttt=1&dpui=y-i8YSsZRE2uFy99biFiCEAvFmXXXm1W8f_fc03RI-~A
Request Chain 299
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.serverbid.com%252Fusersync%253Fttt%253D1%2526src%253D2%2526cspi%253D0%2526cn%253D5551%2526spui%253D%2526dpui%253D%2524UID HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=898287034406155548
Request Chain 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.imleagues.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.imleagues.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 304
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=898287034406155548
Request Chain 305
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_9b7de5ca-5586-4877-a317-c302b6de0f8f&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=732f7c20-1ac6-4854-adc4-fcc2dbbb4fc2&ssp=gumgum2 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=cf7671d6-cf73-4b95-ab8e-d50161d59cfa
Request Chain 306
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28GO93Nuz2UcqeOvh55YkdfrmKxY51zeqewrvT4POQjYQzJAmnjTjP-xh9uJvynwVb%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28GO93Nuz2UcqeOvh55YkdfrmKxY51zeqewrvT4POQjYQzJAmnjTjP-xh9uJvynwVb%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_9b7de5ca-5586-4877-a317-c302b6de0f8f&obuid=ENC(GO93Nuz2UcqeOvh55YkdfrmKxY51zeqewrvT4POQjYQzJAmnjTjP-xh9uJvynwVb) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://x.bidswitch.net/sync?ssp=outbrain&user_id=GO93Nuz2UcqeOvh55YkdfrmKxY51zeqewrvT4POQjYQzJAmnjTjP-xh9uJvynwVb HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Doutbrain%26bsw_param%3Dcf7671d6-cf73-4b95-ab8e-d50161d59cfa&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=e75e6350-b113-4b00-8f8c-a45e6b3c4ecb&expires=30&ssp=outbrain&bsw_param=cf7671d6-cf73-4b95-ab8e-d50161d59cfa&gdpr=&gdpr_consent= HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=cf7671d6-cf73-4b95-ab8e-d50161d59cfa&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 307
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=66401331-9d3e-00c1-05a8-3d8ecbec1824
Request Chain 308
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-6df8b332-5990-43e9-662f-cd699ffb8d11$ip$80.255.7.102
Request Chain 310
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=e5b788be-af31-4674-bcf1-22288ed1aa42
Request Chain 313
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_9b7de5ca-5586-4877-a317-c302b6de0f8f&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=t8LQZGd0y9I-DDXDn6tR&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT25BYJRIVUR3EGB4TSSJNIRCFQRDOGZ2FEJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT25BYJRIVUR3EGB4TSSJNIRCFQRDOGZ2FEJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=t8LQZGd0y9I-DDXDn6tR&us_privacy=1---
Request Chain 314
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=7b31fc37-18f4-492e-9a35-06603bbaeddd
Request Chain 315
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8812856564
Request Chain 316
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=tYLVFy2ti9lD&ev=1&pid=558355
Request Chain 317
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=4430541649927139192
Request Chain 319
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=e75e6350-b113-4b00-8f8c-a45e6b3c4ecb&gdpr=0&gdpr_consent=
Request Chain 320
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y1CxFgAAAa38sAAO
Request Chain 324
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=898287034406155548&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
  • https://usersync.gumgum.com/usersync?b=emx&i=898287034406155548brt57491666232598735632f1
Request Chain 325
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Y1CxF8Co8XgAANcpvNEAAAAA
Request Chain 326
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Y1CxFmojwUrzL0Uvyvj-qgAA%261193
Request Chain 327
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=E0TRgd4U75RHcm7nGACS&pi=gumgum&tc=1
Request Chain 328
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 330
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlHRlY1NUctMUMtS09DNA==&gdpr=0
Request Chain 331
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/tChPr7mqezt9_WUa5ZHvAMn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1807790860628135824
Request Chain 332
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESELPDC0Or1h2ZT8patwOExHw&google_cver=1
Request Chain 333
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9GFV55G-1C-KOC4&gdpr=0
Request Chain 334
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=rZ6bRi9mTDed1TWm_Vs_kA&rk=usync-other&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=rZ6bRi9mTDed1TWm_Vs_kA&gdpr=0
Request Chain 335
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTJjOTg0NThiMTk2Y2Q3MzM5YjdiNmRhOWU1NjY4OGFlMGRjYzUxMQ&gdpr=0
Request Chain 336
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ok0E7y7_Rs6PUXGiWqxj_w&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ok0E7y7_Rs6PUXGiWqxj_w&gdpr=0
Request Chain 338
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=KYVsDH2HaA4y0zwFKdN0DC7QOAsy0jxfJ4Vmyy91
Request Chain 339
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y1CxFgAAAC6idwA7 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y1CxFgAAAC6idwA7&gdpr=0&gdpr_consent=&_test=Y1CxFgAAAC6idwA7
Request Chain 340
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=4430541649927139192&gdpr=0&gdpr_consent=
Request Chain 341
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=smartadserver&bsw_custom_parameter=cf7671d6-cf73-4b95-ab8e-d50161d59cfa HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=smartadserver&bsw_custom_parameter=cf7671d6-cf73-4b95-ab8e-d50161d59cfa HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=6b79fcca-59db-48af-ad6f-a78b77821761&user_group=1&ssp=smartadserver&bsw_param=cf7671d6-cf73-4b95-ab8e-d50161d59cfa HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=cf7671d6-cf73-4b95-ab8e-d50161d59cfa&gdpr=&gdpr_consent=
Request Chain 342
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y1CxFmojwUrzL0Uvyvj_qgAABKkAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEH6FkX1W8HwoGAzli_Oq2wI&google_cver=1
Request Chain 343
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1CxFmojwUrzL0Uvyvj_qgAABKkAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1CxFmojwUrzL0Uvyvj_qgAABKkAAAAB&dcc=t
Request Chain 345
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y1CxFo5a3BNX5zymciNL-wAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEC10Eqp6-cfLfAyM3SPew-s&google_cver=1
Request Chain 346
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=zoQR-5qGFfnV0kHyztIJ-8nRRfzV00GowITbvg3x
Request Chain 347
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1666318998
Request Chain 349
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=898287034406155548
Request Chain 352
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y1CxFo5a3BNX5zymciNL-wAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEC10Eqp6-cfLfAyM3SPew-s&google_cver=1
Request Chain 353
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y1CxFo5a3BNX5zymciNL_wAAFCUAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEH6FkX1W8HwoGAzli_Oq2wI&google_cver=1
Request Chain 354
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1CxFo5a3BNX5zymciNL_wAAFCUAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1CxFo5a3BNX5zymciNL_wAAFCUAAAIB&dcc=t
Request Chain 356
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=index&bsw_custom_parameter=cf7671d6-cf73-4b95-ab8e-d50161d59cfa&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=index&user_id=csonata_d52dbf82-1ffb-4663-adaa-0554bd9bbb3d&bsw_param=cf7671d6-cf73-4b95-ab8e-d50161d59cfa&expires=10 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=cf7671d6-cf73-4b95-ab8e-d50161d59cfa
Request Chain 357
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1681957398&external_user_id=b1c55f3e-dc1f-4dcb-ac0a-ad3b1d64e115

362 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login
www.imleagues.com/spa/account/
Redirect Chain
  • https://www.imleagues.com/School/ViewMCMessage.aspx?SchId=ae6dfe7f46634b3f9c6076c71e0555e8&MessageId=9532fc765e5f4e07ba36fa17ab037eb8
  • https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa...
40 KB
40 KB
Document
General
Full URL
https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1bbd9854ec6d7e035bee5559fe766248df0b911405f01c668d4f8dd6cfcd39d4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
41212
content-type
text/html
date
Thu, 20 Oct 2022 02:23:10 GMT
etag
"53959457adfd81:0"
last-modified
Fri, 14 Oct 2022 03:08:44 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET

Redirect headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
cache-control
private
content-length
324
content-type
text/html; charset=utf-8
date
Thu, 20 Oct 2022 02:23:10 GMT
location
https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
css
fonts.googleapis.com/
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,300,700
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7a695d75ed5265fb2f07d7f73e41ffe4acea9b5c5f6573294038d5ef560a0086
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 20 Oct 2022 02:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 00:54:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 20 Oct 2022 02:23:12 GMT
font-awesome.min.css
www.imleagues.com/spa/lib/fontawesome/css/
26 KB
6 KB
Stylesheet
General
Full URL
https://www.imleagues.com/spa/lib/fontawesome/css/font-awesome.min.css?v=229
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:10 GMT
content-encoding
gzip
last-modified
Thu, 23 Aug 2018 06:36:55 GMT
server
Microsoft-IIS/10.0
etag
"809df9aeab3ad41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
6020
animate.css
www.imleagues.com/spa/css/newDesign/
72 KB
4 KB
Stylesheet
General
Full URL
https://www.imleagues.com/spa/css/newDesign/animate.css?v=229
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2c95f29944fa0699c7ab3d1631fa8c988ab05488b2e8a669bd6cbd19d908e616

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:10 GMT
content-encoding
gzip
last-modified
Fri, 14 Oct 2022 03:08:39 GMT
server
Microsoft-IIS/10.0
etag
"8015c7417adfd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
4309
bootstrap_flatly.min.css
www.imleagues.com/spa/css/newDesign/
126 KB
20 KB
Stylesheet
General
Full URL
https://www.imleagues.com/spa/css/newDesign/bootstrap_flatly.min.css?v=229
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
50678dd4079c3a0866e318c176c375828ca440d9ac9c185e27dbb229023813a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:10 GMT
content-encoding
gzip
last-modified
Fri, 14 Oct 2022 03:08:39 GMT
server
Microsoft-IIS/10.0
etag
"8015c7417adfd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
20795
bootstrap-select.min.css
www.imleagues.com/spa/lib/bootstrap-select/dist/css/
6 KB
1 KB
Stylesheet
General
Full URL
https://www.imleagues.com/spa/lib/bootstrap-select/dist/css/bootstrap-select.min.css?v=229
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6c0f2823d157f2142c2301c867bcb461c64e28b2fdc218fcac621ee0633a29eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:10 GMT
content-encoding
gzip
last-modified
Thu, 23 Aug 2018 06:36:57 GMT
server
Microsoft-IIS/10.0
etag
"80ca2ab0ab3ad41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
1406
material.min.css
www.imleagues.com/spa/css/newDesign/
193 KB
24 KB
Stylesheet
General
Full URL
https://www.imleagues.com/spa/css/newDesign/material.min.css?v=229
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
729d02b7fddb6fb2c63a7e02a5ae9c0cd8bafeb8add6ba085b1355b81aaf4d11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:10 GMT
content-encoding
gzip
last-modified
Fri, 14 Oct 2022 03:08:39 GMT
server
Microsoft-IIS/10.0
etag
"8015c7417adfd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
24048
iml-account-layout.css
www.imleagues.com/spa/css/account/
11 KB
3 KB
Stylesheet
General
Full URL
https://www.imleagues.com/spa/css/account/iml-account-layout.css?v=229
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ce28c609d32879ba011fed63bfd9217734e07b7e10de5788a0ff60eacfc66c73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:10 GMT
content-encoding
gzip
last-modified
Fri, 14 Oct 2022 03:08:35 GMT
server
Microsoft-IIS/10.0
etag
"80bb643f7adfd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
2779
iml-account-layout-responsive.css
www.imleagues.com/spa/css/account/
1 KB
1 KB
Stylesheet
General
Full URL
https://www.imleagues.com/spa/css/account/iml-account-layout-responsive.css?v=229
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
cc967fb3020c05b132d08b053acdeef44e2fe291ef953ff11293ac9a89cc506e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:10 GMT
last-modified
Fri, 14 Oct 2022 03:08:35 GMT
server
Microsoft-IIS/10.0
etag
"2e56e53f7adfd81:0"
x-powered-by
ASP.NET
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
1402
iframeResizer.contentWindow.min.js
www.imleagues.com/js/iframeResizer/
13 KB
5 KB
Script
General
Full URL
https://www.imleagues.com/js/iframeResizer/iframeResizer.contentWindow.min.js?v=229
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
845cb07ba0ce2f732c266214a435fadd995c0c620f16e8d3fa9c2fe2e59d5482

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:10 GMT
content-encoding
gzip
last-modified
Fri, 26 Apr 2019 05:28:55 GMT
server
Microsoft-IIS/10.0
etag
"8085b9f0f0fbd41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
5094
embedIframeCommon.js
www.imleagues.com/spa/scripts/external/fullembed/
2 KB
3 KB
Script
General
Full URL
https://www.imleagues.com/spa/scripts/external/fullembed/embedIframeCommon.js?v=229
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
57b296c8d6c1abfc7e9eb5464fda9ea1be2d7246f503c545a81cfdeadd10caa2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:10 GMT
last-modified
Fri, 14 Oct 2022 03:08:45 GMT
server
Microsoft-IIS/10.0
etag
"a27a74457adfd81:0"
x-powered-by
ASP.NET
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
2553
script.js
d1sle6ww94m2ue.cloudfront.net/
125 KB
43 KB
Script
General
Full URL
https://d1sle6ww94m2ue.cloudfront.net/script.js
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:d600:11:977f:f980:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9210ab0619f501c6add5042637c9fec6b524b70192ac01707c089a956c8f3984

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
2zucXHpt2G.778rpfNX7Mw4kONIeBPtx
content-encoding
gzip
via
1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
date
Thu, 20 Oct 2022 02:23:12 GMT
last-modified
Wed, 19 Oct 2022 15:24:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
310
etag
W/"f72b613bb8d223c7701d3b17e65f58a1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600,public,must-revalidate
x-amz-cf-id
dldDRMXrdXn2MiZDcG_bbbFeQq6KyQuIm4vXk5klvQ2z6gQJT-Py5g==
gpt.js
www.googletagservices.com/tag/js/
79 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc73ee1f199fe3ef6cfc02a16fa95c229c6f625e429c58ca6f41965b3642efba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27633
x-xss-protection
0
server
sffe
etag
"1369 / 450 of 1000 / last-modified: 1666217300"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 20 Oct 2022 02:23:12 GMT
new-home-layout.js
qd.admetricspro.com/js/imleagues/
26 KB
4 KB
Script
General
Full URL
https://qd.admetricspro.com/js/imleagues/new-home-layout.js
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c7870034a94ab73f6900e486d3ef95a27a0cb8a9cc500e6c2be9abfb7111dc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 17 Oct 2022 17:57:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
222
etag
W/"683a-5eb3eb680d702-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eqtZyA%2Fgs0kvpWdwvblcyE3PUd80ELdXL2%2BoRhdYcmO0gQBVh197JgeG7KsK3eTYFpnZM6CFfUDZSn67wGvlopxQL89sIQIgkcUmpZgGcUKZ0AOb3K4GZ%2FVVsoT%2BhqU4dsxYMjjrdT2vReY0qykPoo8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
75ce4a44df539183-FRA
expires
Thu, 20 Oct 2022 02:22:11 GMT
cmp.js
qd.admetricspro.com/js/imleagues/
310 KB
90 KB
Script
General
Full URL
https://qd.admetricspro.com/js/imleagues/cmp.js
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
519815bc4a3dd9a571cb56f57c7c6abfbda2b4e2de8c4b884a7535a1705438f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 01 Jun 2021 14:47:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"4d957-5c3b56abf6028-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LfCRlZl%2Fjp4YT4F%2FK9kCFDwRKstWOf686azriTzrO2H07%2B7SlS0ku4AU1FJ%2FrxoEMjBSQtMDQuRlWs9lb2zqbKpY6PWEmrjKMJ9efNelm0ALL6AkR1Lu8czNdUc3Iu1nspzgnAXenpKKixU5gl6bO5c%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
75ce4a44df549183-FRA
expires
Thu, 20 Oct 2022 02:32:10 GMT
uspcmp.js
qd.admetricspro.com/js/imleagues/
169 KB
80 KB
Script
General
Full URL
https://qd.admetricspro.com/js/imleagues/uspcmp.js
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9605a4f459115afb66e520662f4b626b43674dfdee5fdca02056043b035c331

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 06 Sep 2022 20:57:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2a41c-5e80872b87448-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2BOTF1%2BT9ZjYXkDOu30uT0U9O3hxSt0U5CogIB3lGRKg0yBGlcAGIwW5vzhzqNPa%2FjTE27IUYIYsp9%2F3sokJFQnpqFaRzBeNUarYg7ltjQI%2BgT6Qnnb0A%2FNrta5mccsBCBY%2FUUqIeiQutUK7u%2B%2BKx5I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
75ce4a44df569183-FRA
expires
Thu, 20 Oct 2022 02:32:10 GMT
prebid.js
qd.admetricspro.com/js/imleagues/
459 KB
131 KB
Script
General
Full URL
https://qd.admetricspro.com/js/imleagues/prebid.js
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a7e2f2daef118825ab8bb58bc3cd9dbb3c83cb84772a08f6c5758d706fef173

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 02 May 2022 16:56:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"72c32-5de0a46b45676-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e93gybHBQhQut4cKB%2BUv06jZLuCYGpZ9vq8SSK0kAltx%2F2VcnHzGWmCpc%2Fvue4crAWZmxodza036rQblG1WLjUS3jOgjkTNJj1vqbfpCElidS%2FVYD%2FFL9asKruBj4H3%2FKjvVGSzuVSOolIXwyvqEgKg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
75ce4a44df579183-FRA
expires
Thu, 20 Oct 2022 02:32:16 GMT
engine.js
qd.admetricspro.com/js/imleagues/
140 KB
33 KB
Script
General
Full URL
https://qd.admetricspro.com/js/imleagues/engine.js
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db0c77b5dd0762b3e941724158585302e3608832c1c13646cb5bbecfd95213ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 16 Oct 2022 23:59:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"22ff5-5eb2fa7f3ac1a-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZGMRYKAceGpBBerfjSFGmomML9%2B7CLro%2FQ1MkYWLMDEw4AEHZS%2FLRLI%2B%2FzOpN%2FwhIYZ7sHf8Tlo9ubXGbD8XdHsu6isUBDhFn0GGYX6qWGUpFhnvXIddjWE%2F%2BijCEk5KVl5oCPAgsLOs3xtgXHx3SN8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
75ce4a44df589183-FRA
expires
Thu, 20 Oct 2022 02:32:16 GMT
app_store.png
www.imleagues.com/FrontPagesWithNewStyle/ui/images/
6 KB
6 KB
Image
General
Full URL
https://www.imleagues.com/FrontPagesWithNewStyle/ui/images/app_store.png
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ded9898aebddefe826cd641f41acf2bd9d0bbbf6e1a1650d17c8f1f7517952be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:11 GMT
last-modified
Tue, 09 Feb 2016 06:49:30 GMT
server
Microsoft-IIS/10.0
etag
"f3dcde6663d11:0"
x-powered-by
ASP.NET
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
5697
google_play.png
www.imleagues.com/FrontPagesWithNewStyle/ui/images/
6 KB
6 KB
Image
General
Full URL
https://www.imleagues.com/FrontPagesWithNewStyle/ui/images/google_play.png
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bc8cf116117ccb12f083a921fd88518f83b3285e08963c2f5b7ba679ce1f2a46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:11 GMT
last-modified
Tue, 09 Feb 2016 06:49:30 GMT
server
Microsoft-IIS/10.0
etag
"bab1e06663d11:0"
x-powered-by
ASP.NET
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
6437
imlappLogo.png
www.imleagues.com/FrontPagesWithNewStyle/ui/images/
4 KB
4 KB
Image
General
Full URL
https://www.imleagues.com/FrontPagesWithNewStyle/ui/images/imlappLogo.png
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
eaac877a8f03232144c07a9804b6fc327877968f55b621b03e55cfba076affde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:11 GMT
last-modified
Tue, 22 Aug 2017 17:10:08 GMT
server
Microsoft-IIS/10.0
etag
"a758b181691bd31:0"
x-powered-by
ASP.NET
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
4253
require.js
www.imleagues.com/spa/lib/requirejs/
82 KB
20 KB
Script
General
Full URL
https://www.imleagues.com/spa/lib/requirejs/require.js?v=229
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
adc602c395e26f42c5b9d397d238443547cd5dc4949e1bd9f0c669e7bc08387f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:11 GMT
content-encoding
gzip
last-modified
Thu, 23 Aug 2018 06:36:55 GMT
server
Microsoft-IIS/10.0
etag
"809df9aeab3ad41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
20556
jquery.min.js
www.imleagues.com/spa/lib/jquery/dist/
82 KB
29 KB
Script
General
Full URL
https://www.imleagues.com/spa/lib/jquery/dist/jquery.min.js?v=229
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:11 GMT
content-encoding
gzip
last-modified
Thu, 23 Aug 2018 06:36:55 GMT
server
Microsoft-IIS/10.0
etag
"809df9aeab3ad41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
29619
a-01de.min.js
b-code.liadm.com/
28 KB
11 KB
Script
General
Full URL
https://b-code.liadm.com/a-01de.min.js
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:be00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2fdacf7149b5bbca8bc4e65218aa6848d8d3e1cc2ed07a7b52883a1edddab2be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 03:19:47 GMT
content-encoding
gzip
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
83006
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=86400
x-amz-cf-id
wQV_ZYQkMCDiKz2F0uURUXJWwjHsuQI83C2Gr2jejSCRNFc1F79png==
css
fonts.googleapis.com/
2 KB
501 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,400italic
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/css/newDesign/bootstrap_flatly.min.css?v=229
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
635a067512ee3bb9724e69b005302a3caaef1284f7d134b9b773f3085548d1e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 20 Oct 2022 02:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 00:32:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 20 Oct 2022 02:23:12 GMT
1a
i.clean.gg/ Frame
0
0
Preflight
General
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.imleagues.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Thu, 20 Oct 2022 02:23:12 GMT
server
nginx/1.21.6
via
1.1 google
1a
i.clean.gg/
0
15 B
XHR
General
Full URL
https://i.clean.gg/1a
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.imleagues.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 20 Oct 2022 02:23:12 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pubads_impl_2022101701.js
securepubads.g.doubleclick.net/gpt/
379 KB
128 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101701.js
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4a419095aa8f87ac838a7c0f52fa682bc635aa4d1927b9c058d547fc67dd5ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.imleagues.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 17 Oct 2022 10:46:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
229016
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130931
x-xss-protection
0
last-modified
Mon, 17 Oct 2022 08:34:36 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 17 Oct 2023 10:46:16 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
403 B
817 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.imleagues.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5cdddf031e8c941a6240d6c6923805630ff1d9e3970d37e4e43d4f0682115c09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
181
x-xss-protection
0
expires
Thu, 20 Oct 2022 02:23:12 GMT
vendor-list.json
qd.admetricspro.com/js/cmp2/
318 KB
42 KB
XHR
General
Full URL
https://qd.admetricspro.com/js/cmp2/vendor-list.json
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/imleagues/cmp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1030fc8851425c20e532acd288aa03d709507bcd3d55367f980d55de309ead68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 03 May 2022 16:25:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
214
etag
W/"4f6fe-5de1df3ffe732"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ji38SmK7%2FIYDt2aQZbZNKEtMkwBYd00TIqoqICAonJLHp8PyzvgYPGoCohVgzuZtX0PSlt3EDOAVtbih0cymPBjGSUIY8QmxCM1Lh3VhgKP3qEc9AFP%2B9iQowfGaWuF0KLglujZHpYjHG32I2sZpLaw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
75ce4a490fca9a35-FRA
expires
Thu, 20 Oct 2022 02:24:35 GMT
apstag.js
c.amazon-adsystem.com/aax2/
177 KB
44 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a752ea20296d4beeb826b29be8e0bc967422defba3b1fb18ef910422270830c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 01:37:02 GMT
content-encoding
gzip
via
1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront), 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
last-modified
Wed, 19 Oct 2022 20:24:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-C1
age
2771
etag
W/"325ba14a3555ca64958500cbd00f9a35"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
GSXmwmu19H-F5Mi_KCp0dOidqiD44yeTpISkbyXyFVgNPnHRr56Afg==
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Oct 2022 01:01:59 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
4873
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 20 Oct 2022 03:01:59 GMT
like.php
www.facebook.com/plugins/ Frame C179
0
3 KB
Document
General
Full URL
https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2FIMLeagues&width&layout=button&action=like&show_faces=true&share=false&height=80
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.imleagues.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 20 Oct 2022 02:23:12 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=3,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options
nosniff
x-fb-debug
Lb2tGai6pCFoDYa63jJYp8ZeCYsMjiNCS0gP8aTpoOGKtCJd7ExrwTFt+fGriat+oKRI0WHc3sqaUq8ZcrntMw==
x-xss-protection
0
main.js
www.imleagues.com/spa/
3 KB
973 B
Script
General
Full URL
https://www.imleagues.com/spa/main.js?v=229
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2e2cf65be2360524c07f04c86fbd862c63bfc974189fb520726897084598fa30

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:11 GMT
content-encoding
gzip
last-modified
Fri, 14 Oct 2022 03:08:20 GMT
server
Microsoft-IIS/10.0
etag
"0ea73367adfd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
889
/
pioeg.admetricspro.workers.dev/
196 B
680 B
XHR
General
Full URL
https://pioeg.admetricspro.workers.dev/
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/imleagues/uspcmp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8a3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7005079fd0cc1bc81f0461125b0146daebaa998851afc017fdd2ca4407184eaf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2BE9oK9OEZOpGLzl25PxMTSvXxLznlCps%2BrDS89Ntgep7qSIVeVPh%2BYMLCbtp3H8LWFOHdHC%2BNApHspoWj7HBAsEqKkTd2xs7oGyznHsbyx8VATbrpFYOaGhfF6Qh4dXGpv0dhMLP2spaYkq4i6aisdS8Bxa2bxjpx4AK90%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/text;charset=UTF-8
access-control-allow-origin
*
cf-ray
75ce4a498e039ba0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
196
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.imleagues.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.imleagues.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 20 Oct 2022 02:23:13 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.imleagues.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.imleagues.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 20 Oct 2022 02:23:13 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.imleagues.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.imleagues.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 20 Oct 2022 02:23:13 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.imleagues.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.imleagues.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 20 Oct 2022 02:23:13 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.imleagues.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.imleagues.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 20 Oct 2022 02:23:13 GMT
server
ATS/9.1.10.25
localstore.js
script.4dex.io/
483 B
867 B
Script
General
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:12 GMT
x-amz-version-id
1664789525099463
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
txf2c1c1a859b647e389586-00633aac4d
age
1443011
x-amz-id-2
txf2c1c1a859b647e389586-00633aac4d
last-modified
Mon, 03 Oct 2022 09:32:05 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FJC%2F%2Ff%2F2sk3Bf1qydFcI4omnhYOaGXj5iihzZF9IfHf8Lcs7OvZgxaRGkUQI%2Fm5yep7BLnsF6lbp9uLeYktv1HjRBayPp4Lu26em4u4vnRupNxw4RwBuSIWlTYaa1gD8olu8AqUVO6sa5y40"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
75ce4a4a1df4bbda-FRA
v1
btlr.sharethrough.com/universal/
0
158 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/imleagues/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.89.8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-89-8.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.imleagues.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.imleagues.com
date
Thu, 20 Oct 2022 02:23:13 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
159 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/imleagues/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.89.8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-89-8.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.imleagues.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.imleagues.com
date
Thu, 20 Oct 2022 02:23:13 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
158 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/imleagues/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.89.8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-89-8.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.imleagues.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.imleagues.com
date
Thu, 20 Oct 2022 02:23:13 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
158 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/imleagues/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.89.8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-89-8.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.imleagues.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.imleagues.com
date
Thu, 20 Oct 2022 02:23:13 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
158 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/imleagues/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.89.8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-89-8.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.imleagues.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.imleagues.com
date
Thu, 20 Oct 2022 02:23:13 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
cygnus
htlb.casalemedia.com/
36 B
562 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=530194&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%227c532786674333%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.imleagues.com%2Fspa%2Faccount%2Flogin%3Fredirecturl%3Dhttps%253a%252f%252fwww.imleagues.com%252fSchool%252fViewMCMessage.aspx%253fSchId%253dae6dfe7f46634b3f9c6076c71e0555e8%2526MessageId%253d9532fc765e5f4e07ba36fa17ab037eb8%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.imleagues.com%2Fspa%2Faccount%2Flogin%3Fredirecturl%3Dhttps%253a%252f%252fwww.imleagues.com%252fSchool%252fViewMCMessage.aspx%253fSchId%253dae6dfe7f46634b3f9c6076c71e0555e8%2526MessageId%253d9532fc765e5f4e07ba36fa17ab037eb8%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A3%2C%22msi%22%3A3%2C%22mfu%22%3A0%2C%22bu%22%3A5%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A5%2C%22ren%22%3Afalse%2C%22version%22%3A%226.22.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2286d7761a3ee625%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22530194%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C1090918%2Fimleagues-300x250-ATF%22%2C%22gpid%22%3A%22%2F22404337467%2C1090918%2Fimleagues-300x250-ATF%22%7D%7D%2C%7B%22id%22%3A%2299ae6766546773%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22530195%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C1090918%2Fimleagues-300x250-ATF2%22%2C%22gpid%22%3A%22%2F22404337467%2C1090918%2Fimleagues-300x250-ATF2%22%7D%7D%2C%7B%22id%22%3A%2210cb352279489ca%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22530199%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22530199%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22530199%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22530199%22%2C%22sid%22%3A%22728x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C1090918%2Fimleagues-728x90-ATF%22%2C%22gpid%22%3A%22%2F22404337467%2C1090918%2Fimleagues-728x90-ATF%22%7D%7D%2C%7B%22id%22%3A%22111e251c9fecc0b%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22530200%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C1090918%2Fimleagues-728x90-BTF%22%2C%22gpid%22%3A%22%2F22404337467%2C1090918%2Fimleagues-728x90-BTF%22%7D%7D%2C%7B%22id%22%3A%2212cf9e9ad010a34%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22634071%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C1090918%2Fimleagues-728x90-Sticky%22%2C%22gpid%22%3A%22%2F22404337467%2C1090918%2Fimleagues-728x90-Sticky%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22admetricspro.com%22%2C%22sid%22%3A%22593%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/imleagues/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1031686ba23e0bf2d4cf7eebba60e5cb8a13ede618bb0a02a9c6f6779e6d8c7

Request headers

Referer
https://www.imleagues.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 02:23:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zEkesRz5ZgDviHrg6fRbHM9yzVdB98SCP9lGGZivY81OuLmLpR6bdNrmg8pLAmq3x1Tf691FlSWF9ijlr3r0hr2YJxJZvzFyOMjUDQ0fNnLUbMeS7npAnvTnK3PRanev3v%2BrTq2s"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.imleagues.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
75ce4a4a3a849a0b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
c
prebid.a-mo.net/a/
0
277 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/imleagues/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.imleagues.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.imleagues.com
date
Thu, 20 Oct 2022 02:23:12 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
75
server
envoy
vary
origin, Accept-Encoding
bid
ap.lijit.com/rtb/
25 B
647 B
XHR
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.22.0
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/imleagues/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
ade00ad8ef2a630078e490e30cfd90aec8f3b0874c140e210e425a1dbe234bb7

Request headers

Referer
https://www.imleagues.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 20 Oct 2022 02:23:13 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.imleagues.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
auction
tlx.3lift.com/header/
19 B
588 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.22.0&referrer=https%3A%2F%2Fwww.imleagues.com%2Fspa%2Faccount%2Flogin%3Fredirecturl%3Dhttps%253a%252f%252fwww.imleagues.com%252fSchool%252fViewMCMessage.aspx%253fSchId%253dae6dfe7f46634b3f9c6076c71e0555e8%2526MessageId%253d9532fc765e5f4e07ba36fa17ab037eb8&tmax=1200&gdpr=false
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/imleagues/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.97.150 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-97-150.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.imleagues.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 02:23:13 GMT
accept-ch
sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height
x-auction-status
12, 12, 12, 12, 12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.imleagues.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
exchange.postrelease.com/
0
394 B
XHR
General
Full URL
https://exchange.postrelease.com/prebid?ntv_gdpr_consent=undefined&ntv_ptd=1185071,1185072,1185075&ntv_pb_rid=33fc45994510a67&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoiZGl2LWdwdC1hZC0xNjE1NDM0NzQ3MTQ2LTAiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1szMDAsMjUwXV19fX0seyJhZFVuaXRDb2RlIjoiZGl2LWdwdC1hZC0xNjE1NDM0ODQzNDI5LTAiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1szMDAsMjUwXV19fX0seyJhZFVuaXRDb2RlIjoiZGl2LWdwdC1hZC0xNjE1NDM1MDY5MzA4LTAiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1s3MjgsOTBdLFs5NzAsOTBdLFs5NzAsMjUwXSxbNzI4LDI1MF1dfX19XX0=&ntv_dbr=eyJkaXYtZ3B0LWFkLTE2MTU0MzQ3NDcxNDYtMCI6MCwiZGl2LWdwdC1hZC0xNjE1NDM0ODQzNDI5LTAiOjAsImRpdi1ncHQtYWQtMTYxNTQzNTA2OTMwOC0wIjowfQ==&ntv_url=https%3A%2F%2Fwww.imleagues.com%2Fspa%2Faccount%2Flogin%3Fredirecturl%3Dhttps%253a%252f%252fwww.imleagues.com%252fSchool%252fViewMCMessage.aspx%253fSchId%253dae6dfe7f46634b3f9c6076c71e0555e8%2526MessageId%253d9532fc765e5f4e07ba36fa17ab037eb8
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/imleagues/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.112.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-112-177.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.imleagues.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 02:23:13 GMT
content-encoding
gzip
server
nginx/1.12.1
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.imleagues.com
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
523 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=332168&zone_id=1739656&size_id=15&p_pos=atf&gdpr=0&rp_schain=1.0,1!admetricspro.com,593,1,,,&rf=https%3A%2F%2Fwww.imleagues.com%2Fspa%2Faccount%2Flogin%3Fredirecturl%3Dhttps%253a%252f%252fwww.imleagues.com%252fSchool%252fViewMCMessage.aspx%253fSchId%253dae6dfe7f46634b3f9c6076c71e0555e8%2526MessageId%253d9532fc765e5f4e07ba36fa17ab037eb8&tg_i.ref=https%3A%2F%2Fwww.imleagues.com%2Fspa%2Faccount%2Flogin%3Fredirecturl%3Dhttps%253a%252f%252fwww.imleagues.com%252fSchool%252fViewMCMessage.aspx%253fSchId%253dae6dfe7f46634b3f9c6076c71e0555e8%2526MessageId%253d9532fc765e5f4e07ba36fa17ab037eb8&tg_i.pbadslot=%2F22404337467%2C1090918%2Fimleagues-300x250-ATF&tk_flint=pbjs_lite_v6.22.0&x_source.tid=84733912-6f88-4ecc-97ea-38f98ef51a94&l_pb_bid_id=3867a1c0c813096&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22404337467%2C1090918%2Fimleagues-300x250-ATF&slots=1&rand=0.6151724634931881
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/imleagues/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e428f8c23d721da9528710a4e3f4210ae3f1c7885ccbc92cdef3f42bfd7d7c90

Request headers

Referer
https://www.imleagues.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 20 Oct 2022 02:23:13 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://www.imleagues.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
523
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
524 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=332168&zone_id=1739658&size_id=15&p_pos=atf&gdpr=0&rp_schain=1.0,1!admetricspro.com,593,1,,,&rf=https%3A%2F%2Fwww.imleagues.com%2Fspa%2Faccount%2Flogin%3Fredirecturl%3Dhttps%253a%252f%252fwww.imleagues.com%252fSchool%252fViewMCMessage.aspx%253fSchId%253dae6dfe7f46634b3f9c6076c71e0555e8%2526MessageId%253d9532fc765e5f4e07ba36fa17ab037eb8&tg_i.ref=https%3A%2F%2Fwww.imleagues.com%2Fspa%2Faccount%2Flogin%3Fredirecturl%3Dhttps%253a%252f%252fwww.imleagues.com%252fSchool%252fViewMCMessage.aspx%253fSchId%253dae6dfe7f46634b3f9c6076c71e0555e8%2526MessageId%253d9532fc765e5f4e07ba36fa17ab037eb8&tg_i.pbadslot=%2F22404337467%2C1090918%2Fimleagues-300x250-ATF2&tk_flint=pbjs_lite_v6.22.0&x_source.tid=32a721b6-27e1-4607-8abb-60d3fc2ad3c2&l_pb_bid_id=3926c368562da8e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22404337467%2C1090918%2Fimleagues-300x250-ATF2&slots=1&rand=0.6024444215176381
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/imleagues/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c25d28bd591aa74d0931af662b96138ced1ee22d3271d30dbd0802d145ffb24a

Request headers

Referer
https://www.imleagues.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 20 Oct 2022 02:23:13 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://www.imleagues.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
524
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
544 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=332168&zone_id=1739656&size_id=2&alt_size_ids=55%2C57&p_pos=atf&gdpr=0&rp_schain=1.0,1!admetricspro.com,593,1,,,&rf=https%3A%2F%2Fwww.imleagues.com%2Fspa%2Faccount%2Flogin%3Fredirecturl%3Dhttps%253a%252f%252fwww.imleagues.com%252fSchool%252fViewMCMessage.aspx%253fSchId%253dae6dfe7f46634b3f9c6076c71e0555e8%2526MessageId%253d9532fc765e5f4e07ba36fa17ab037eb8&tg_i.ref=https%3A%2F%2Fwww.imleagues.com%2Fspa%2Faccount%2Flogin%3Fredirecturl%3Dhttps%253a%252f%252fwww.imleagues.com%252fSchool%252fViewMCMessage.aspx%253fSchId%253dae6dfe7f46634b3f9c6076c71e0555e8%2526MessageId%253d9532fc765e5f4e07ba36fa17ab037eb8&tg_i.pbadslot=%2F22404337467%2C1090918%2Fimleagues-728x90-ATF&tk_flint=pbjs_lite_v6.22.0&x_source.tid=3f120dd9-5045-4032-985a-8b7d72816c5c&l_pb_bid_id=406c68bc5a1468f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22404337467%2C1090918%2Fimleagues-728x90-ATF&slots=1&rand=0.23956873737619255
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/imleagues/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
cb4e65809e40363bde96002c44fa13378e2c335936dd8e68fe265f67e3f0a03b

Request headers

Referer
https://www.imleagues.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 20 Oct 2022 02:23:13 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://www.imleagues.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
544
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
544 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=332168&zone_id=1739656&size_id=2&alt_size_ids=55%2C57&p_pos=atf&gdpr=0&rp_schain=1.0,1!admetricspro.com,593,1,,,&rf=https%3A%2F%2Fwww.imleagues.com%2Fspa%2Faccount%2Flogin%3Fredirecturl%3Dhttps%253a%252f%252fwww.imleagues.com%252fSchool%252fViewMCMessage.aspx%253fSchId%253dae6dfe7f46634b3f9c6076c71e0555e8%2526MessageId%253d9532fc765e5f4e07ba36fa17ab037eb8&tg_i.ref=https%3A%2F%2Fwww.imleagues.com%2Fspa%2Faccount%2Flogin%3Fredirecturl%3Dhttps%253a%252f%252fwww.imleagues.com%252fSchool%252fViewMCMessage.aspx%253fSchId%253dae6dfe7f46634b3f9c6076c71e0555e8%2526MessageId%253d9532fc765e5f4e07ba36fa17ab037eb8&tg_i.pbadslot=%2F22404337467%2C1090918%2Fimleagues-728x90-ATF&tk_flint=pbjs_lite_v6.22.0&x_source.tid=3f120dd9-5045-4032-985a-8b7d72816c5c&l_pb_bid_id=417235d6713c4e6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22404337467%2C1090918%2Fimleagues-728x90-ATF&slots=1&rand=0.8734305468185186
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/imleagues/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9ae01a7f135caf16523f0689fba6588190f50b00336b901cdb8f522c54e1768c

Request headers

Referer
https://www.imleagues.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 20 Oct 2022 02:23:13 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://www.imleagues.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
544
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
544 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=332168&zone_id=1739656&size_id=2&alt_size_ids=55%2C57&p_pos=atf&gdpr=0&rp_schain=1.0,1!admetricspro.com,593,1,,,&rf=https%3A%2F%2Fwww.imleagues.com%2Fspa%2Faccount%2Flogin%3Fredirecturl%3Dhttps%253a%252f%252fwww.imleagues.com%252fSchool%252fViewMCMessage.aspx%253fSchId%253dae6dfe7f46634b3f9c6076c71e0555e8%2526MessageId%253d9532fc765e5f4e07ba36fa17ab037eb8&tg_i.ref=https%3A%2F%2Fwww.imleagues.com%2Fspa%2Faccount%2Flogin%3Fredirecturl%3Dhttps%253a%252f%252fwww.imleagues.com%252fSchool%252fViewMCMessage.aspx%253fSchId%253dae6dfe7f46634b3f9c6076c71e0555e8%2526MessageId%253d9532fc765e5f4e07ba36fa17ab037eb8&tg_i.pbadslot=%2F22404337467%2C1090918%2Fimleagues-728x90-ATF&tk_flint=pbjs_lite_v6.22.0&x_source.tid=3f120dd9-5045-4032-985a-8b7d72816c5c&l_pb_bid_id=4270a20addfedf8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22404337467%2C1090918%2Fimleagues-728x90-ATF&slots=1&rand=0.06784641164145588
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/imleagues/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f0df2f7e604c6d71f60482b581702b38eb70a7d9eb8fb1d06b860b360d7a897e

Request headers

Referer
https://www.imleagues.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 20 Oct 2022 02:23:13 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://www.imleagues.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
544
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
521 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=332168&zone_id=1739660&size_id=2&p_pos=btf&gdpr=0&rp_schain=1.0,1!admetricspro.com,593,1,,,&rf=https%3A%2F%2Fwww.imleagues.com%2Fspa%2Faccount%2Flogin%3Fredirecturl%3Dhttps%253a%252f%252fwww.imleagues.com%252fSchool%252fViewMCMessage.aspx%253fSchId%253dae6dfe7f46634b3f9c6076c71e0555e8%2526MessageId%253d9532fc765e5f4e07ba36fa17ab037eb8&tg_i.ref=https%3A%2F%2Fwww.imleagues.com%2Fspa%2Faccount%2Flogin%3Fredirecturl%3Dhttps%253a%252f%252fwww.imleagues.com%252fSchool%252fViewMCMessage.aspx%253fSchId%253dae6dfe7f46634b3f9c6076c71e0555e8%2526MessageId%253d9532fc765e5f4e07ba36fa17ab037eb8&tg_i.pbadslot=%2F22404337467%2C1090918%2Fimleagues-728x90-BTF&tk_flint=pbjs_lite_v6.22.0&x_source.tid=2934fba6-88a6-45ff-96b8-d61fdec7bb3c&l_pb_bid_id=4349d0aa968eeed&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22404337467%2C1090918%2Fimleagues-728x90-BTF&slots=1&rand=0.339717697440614
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/imleagues/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5060f0c5a3cdb304f2a849c8061300b35fcf3156942e4e5da368c71d34568fb2

Request headers

Referer
https://www.imleagues.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 20 Oct 2022 02:23:13 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://www.imleagues.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
521
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
524 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=332168&zone_id=1780988&size_id=2&p_pos=atf&gdpr=0&rp_schain=1.0,1!admetricspro.com,593,1,,,&rf=https%3A%2F%2Fwww.imleagues.com%2Fspa%2Faccount%2Flogin%3Fredirecturl%3Dhttps%253a%252f%252fwww.imleagues.com%252fSchool%252fViewMCMessage.aspx%253fSchId%253dae6dfe7f46634b3f9c6076c71e0555e8%2526MessageId%253d9532fc765e5f4e07ba36fa17ab037eb8&tg_i.ref=https%3A%2F%2Fwww.imleagues.com%2Fspa%2Faccount%2Flogin%3Fredirecturl%3Dhttps%253a%252f%252fwww.imleagues.com%252fSchool%252fViewMCMessage.aspx%253fSchId%253dae6dfe7f46634b3f9c6076c71e0555e8%2526MessageId%253d9532fc765e5f4e07ba36fa17ab037eb8&tg_i.pbadslot=%2F22404337467%2C1090918%2Fimleagues-728x90-Sticky&tk_flint=pbjs_lite_v6.22.0&x_source.tid=951aa311-e2e7-43c9-8acd-c1f4ed8ac8d9&l_pb_bid_id=44bfcb890d726bd&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22404337467%2C1090918%2Fimleagues-728x90-Sticky&slots=1&rand=0.4000324168036493
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/imleagues/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
76dd9d1205e3693f00086abf76155db1b5d706138f7363132c57ebd2b0b381b4

Request headers

Referer
https://www.imleagues.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 20 Oct 2022 02:23:13 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://www.imleagues.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
524
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bidRequest
c2shb.pubgw.yahoo.com/
66 B
96 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/imleagues/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
742146e5b811f1b6500f5a1a008e32d4a1d26bac830210526f52e4eaf3da7ede

Request headers

Referer
https://www.imleagues.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 20 Oct 2022 02:23:13 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.imleagues.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/
66 B
96 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/imleagues/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
b6d0ed5b67b47ed5b171424615b043927d3bb0b510b6c4ef2dd09df5cc60ac95

Request headers

Referer
https://www.imleagues.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 20 Oct 2022 02:23:13 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.imleagues.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/
66 B
298 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/imleagues/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
b2bcda17597201f1aa779a02ac895a432aa73a9003591363df543df090e269d4

Request headers

Referer
https://www.imleagues.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 20 Oct 2022 02:23:13 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.imleagues.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/
66 B
96 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/imleagues/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
16c145da5afa70f103ea0b370defd50c4261923286c5ea0e31b736ff064cdb7e

Request headers

Referer
https://www.imleagues.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 20 Oct 2022 02:23:13 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.imleagues.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/
66 B
96 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/imleagues/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
5f71ddd6c4d9e7b80134f932e23710533f5fa5186cc49d6769d82bf38eb2a46b

Request headers

Referer
https://www.imleagues.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 20 Oct 2022 02:23:13 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.imleagues.com
access-control-allow-credentials
true
content-length
66
hb-multi
hb.yellowblue.io/
105 B
407 B
XHR
General
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/imleagues/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.210.14.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-14-134.compute-1.amazonaws.com
Software
/
Resource Hash
9cd9834b1ddcf001c87398fcc1eeac651229f3652bfd03e29b0bd15b0d0d933a

Request headers

Referer
https://www.imleagues.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 20 Oct 2022 02:23:13 GMT
x-reason
maxmind anonymous
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.imleagues.com
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
v2
e.serverbid.com/api/
16 B
390 B
XHR
General
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/imleagues/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://www.imleagues.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 20 Oct 2022 02:23:13 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.imleagues.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
42
translator
hbopenbid.pubmatic.com/
0
117 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/imleagues/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.imleagues.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.imleagues.com
date
Thu, 20 Oct 2022 02:23:13 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
adreq
ads.servenobid.com/
1 KB
749 B
XHR
General
Full URL
https://ads.servenobid.com/adreq?cb=4862
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/imleagues/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.170.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-170-209.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3fe3b4529bd87ba4ad94eabd059e556bd0d45e31402d27d78f47e99c1b8d7ec1

Request headers

Referer
https://www.imleagues.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 20 Oct 2022 02:23:13 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.imleagues.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
prebid
mp.4dex.io/
114 B
605 B
XHR
General
Full URL
https://mp.4dex.io/prebid
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/imleagues/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:23c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64669242f6ec7a8e23f33d26470090703b5289eb137201addd10a2a84354f209

Request headers

Referer
https://www.imleagues.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

x-version
2.5.0-gcp-ams
date
Thu, 20 Oct 2022 02:23:13 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: div-gpt-ad-1615435069308-0
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.imleagues.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
75ce4a4a5f8a909a-FRA
expires
0
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/
561 B
747 B
XHR
General
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/imleagues/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2100 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
bbb6e8ac8521f663305b5394a2c6caf0e1917f711dd92014bdc2b1e49a3d6063

Request headers

Referer
https://www.imleagues.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 02:23:13 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://www.imleagues.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
561
expires
0
prebid
ib.adnxs.com/ut/v3/
19 B
709 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/imleagues/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.imleagues.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 20 Oct 2022 02:23:13 GMT
AN-X-Request-Uuid
5db9ea7b-e8b3-42b5-a860-a1d439708044
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.imleagues.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.102; 80.255.7.102; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/
892 B
1 KB
XHR
General
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.imleagues.com%2Fspa%2Faccount%2Flogin%3Fredirecturl%3Dhttps%253a%252f%252fwww.imleagues.com%252fSchool%252fViewMCMessage.aspx%253fSchId%253dae6dfe7f46634b3f9c6076c71e0555e8%2526MessageId%253d9532fc765e5f4e07ba36fa17ab037eb8&PublisherDomain=https%3A%2F%2Fwww.imleagues.com
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/imleagues/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
e36e667bb41343bf7da4afa2a74664eed33fbc6f5c3d0757afa1ce5fb1013977
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.imleagues.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 02:23:12 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.imleagues.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
12
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
892
expires
0
mvo
tag.1rx.io/rmp/211148/0/
0
165 B
XHR
General
Full URL
https://tag.1rx.io/rmp/211148/0/mvo?z=1r&hbv=6.22,2.1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/imleagues/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.imleagues.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.imleagues.com
pragma
no-cache
date
Thu, 20 Oct 2022 02:23:13 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
arj
teachingaids-d.openx.net/w/1.0/
174 B
592 B
XHR
General
Full URL
https://teachingaids-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.imleagues.com%2Fspa%2Faccount%2Flogin%3Fredirecturl%3Dhttps%253a%252f%252fwww.imleagues.com%252fSchool%252fViewMCMessage.aspx%253fSchId%253dae6dfe7f46634b3f9c6076c71e0555e8%2526MessageId%253d9532fc765e5f4e07ba36fa17ab037eb8&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=84733912-6f88-4ecc-97ea-38f98ef51a94%2C32a721b6-27e1-4607-8abb-60d3fc2ad3c2%2C3f120dd9-5045-4032-985a-8b7d72816c5c%2C3f120dd9-5045-4032-985a-8b7d72816c5c%2C3f120dd9-5045-4032-985a-8b7d72816c5c%2C2934fba6-88a6-45ff-96b8-d61fdec7bb3c%2C951aa311-e2e7-43c9-8acd-c1f4ed8ac8d9&nocache=1666232592915&gdpr=0&x_gdpr_f=1&schain=1.0%2C1!admetricspro.com%2C593%2C1%2Cf03e9776-51bb-43b1-88fd-3cf8769b1e6b%2C%2C&aus=300x250%7C300x250%7C728x90%2C970x90%2C970x250%2C728x250%7C728x90%2C970x90%2C970x250%2C728x250%7C728x90%2C970x90%2C970x250%2C728x250%7C728x90%7C728x90&divids=div-gpt-ad-1615434747146-0%2Cdiv-gpt-ad-1615434843429-0%2Cdiv-gpt-ad-1615435069308-0%2Cdiv-gpt-ad-1615435069308-0%2Cdiv-gpt-ad-1615435069308-0%2Cdiv-gpt-ad-1615435146865-0%2Cdiv-gpt-ad-1615435201945-0&aucs=%252F22404337467%252C1090918%252Fimleagues-300x250-ATF%2C%252F22404337467%252C1090918%252Fimleagues-300x250-ATF2%2C%252F22404337467%252C1090918%252Fimleagues-728x90-ATF%2C%252F22404337467%252C1090918%252Fimleagues-728x90-ATF%2C%252F22404337467%252C1090918%252Fimleagues-728x90-ATF%2C%252F22404337467%252C1090918%252Fimleagues-728x90-BTF%2C%252F22404337467%252C1090918%252Fimleagues-728x90-Sticky&auid=541127170%2C541127171%2C541127174%2C541127177%2C541127178%2C541127176%2C541167117
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/imleagues/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
c1f361ce990eadc5e76dc7edfcfd67e4a8be09d3acee6ba20af6f5342852c737

Request headers

Referer
https://www.imleagues.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 02:23:13 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.imleagues.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
expires
Mon, 26 Jul 1997 05:00:00 GMT
trinity.json
apex.go.sonobi.com/
30 B
787 B
XHR
General
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22113f097d7e4fc64e%22%3A%227d986712c77c2b01c15a%7C300x250%7Cgpid%3D%2F22404337467%2C1090918%2Fimleagues-300x250-ATF%22%2C%221142bd9c17878a68%22%3A%227d986712c77c2b01c15a%7C300x250%7Cgpid%3D%2F22404337467%2C1090918%2Fimleagues-300x250-ATF2%22%2C%22115e4c4ae7f15aa9%22%3A%227d986712c77c2b01c15a%7C728x90%2C970x90%2C970x250%2C728x250%7Cgpid%3D%2F22404337467%2C1090918%2Fimleagues-728x90-ATF%22%2C%221166ec3b743bd7fe%22%3A%227d986712c77c2b01c15a%7C728x90%7Cgpid%3D%2F22404337467%2C1090918%2Fimleagues-728x90-BTF%22%2C%22117243d095c74aaf%22%3A%227d986712c77c2b01c15a%7C728x90%7Cgpid%3D%2F22404337467%2C1090918%2Fimleagues-728x90-Sticky%22%7D&ref=https%3A%2F%2Fwww.imleagues.com%2Fspa%2Faccount%2Flogin%3Fredirecturl%3Dhttps%253a%252f%252fwww.imleagues.com%252fSchool%252fViewMCMessage.aspx%253fSchId%253dae6dfe7f46634b3f9c6076c71e0555e8%2526MessageId%253d9532fc765e5f4e07ba36fa17ab037eb8&s=923d4f25-6718-4868-ab02-0e1af27532ed&pv=fc008a87-1c7a-4e46-a103-e69b0a447de7&vp=desktop&lib_name=prebid&lib_v=6.22.0&us=8&fpd=%7B%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.imleagues.com%2Fspa%2Faccount%2Flogin%3Fredirecturl%3Dhttps%253a%252f%252fwww.imleagues.com%252fSchool%252fViewMCMessage.aspx%253fSchId%253dae6dfe7f46634b3f9c6076c71e0555e8%2526MessageId%253d9532fc765e5f4e07ba36fa17ab037eb8%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%7D&ius=1&gdpr=false&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22admetricspro.com%22%2C%22sid%22%3A%22593%22%2C%22hp%22%3A1%2C%22rid%22%3A%22f03e9776-51bb-43b1-88fd-3cf8769b1e6b%22%7D%5D%7D&coppa=0
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/imleagues/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.9 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
bb836331fe0a3d9389f632440a016296ae78df6a82a201728cb8d77d268bdb38
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.imleagues.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 02:23:13 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-119
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.imleagues.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
30
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
index.js
www.imleagues.com/spa/
166 KB
35 KB
Script
General
Full URL
https://www.imleagues.com/spa/index.js?v=229
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
864a7fd695c58f5bedc2e045457fbeb4df618f31f48815ce8c9f68b73570947a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:11 GMT
content-encoding
gzip
last-modified
Fri, 14 Oct 2022 03:08:20 GMT
server
Microsoft-IIS/10.0
etag
"0ea73367adfd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
35465
config
c.amazon-adsystem.com/cdn/prod/
662 B
1019 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.imleagues.com&pubid=cb8cfc89-e83e-44aa-a3a2-ff78eda781ef
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
Server /
Resource Hash
6493fe707262fb8d9bc0e4d487e319fc9ebe7de26ebe7e3b4f58a5d17f03a9ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 22:04:56 GMT
via
1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C1
age
15496
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.imleagues.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
662
x-amz-cf-id
XUxJ9cs3FkhKw5ogLjgrrYteqgcBWgcgnX4Cc-8F3XthX3TU-_8b8g==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/
64 B
503 B
XHR
General
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.imleagues.com%2Fspa%2Faccount%2Flogin%3Fredirecturl%3Dhttps%253a%252f%252fwww.imleagues.com%252fSchool%252fViewMCMessage.aspx%253fSchId%253dae6dfe7f46634b3f9c6076c71e0555e8%2526MessageId%253d9532fc765e5f4e07ba36fa17ab037eb8&pid=jyCY83wRLh1A5&cb=0&ws=1600x1200&v=22.10.131733&t=1200&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1615434747146-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22404337467%2C1090918%2Fimleagues-300x250-ATF%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1615434843429-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22404337467%2C1090918%2Fimleagues-300x250-ATF2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1615435069308-0%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x250%22%5D%2C%22sn%22%3A%22%2F22404337467%2C1090918%2Fimleagues-728x90-ATF%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1615435146865-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F22404337467%2C1090918%2Fimleagues-728x90-BTF%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1615435201945-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F22404337467%2C1090918%2Fimleagues-728x90-Sticky%22%7D%5D&pubid=cb8cfc89-e83e-44aa-a3a2-ff78eda781ef&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-236.fra6.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:13 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA6-C1
x-amz-rid
SM6GZ38FT16TM9WYRSWY
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.imleagues.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
xC1yKz5MMygw9dMG-PF9-NQSCY2iJvT-6f7lZq2azDHbkcchF5W6-g==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
YousslGi_alc9N7i1PBVBMNtdY1LkTzi
content-encoding
gzip
via
1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
date
Wed, 19 Oct 2022 07:24:09 GMT
x-amz-cf-pop
FRA56-C1
age
68344
x-cache
Hit from cloudfront
last-modified
Thu, 06 Oct 2022 01:32:47 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
TR_dsIik15GsquvWAKropNhGyxI28kCR0JnJcZBKEqDeIHNHutlCQw==
adagio.js
script.4dex.io/
73 KB
23 KB
Fetch
General
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
add45fdd8fbc8afe60d4a7c399a00990bdd1439f5a9b5002413bcc98acf6251d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:13 GMT
x-amz-version-id
1664789524544165
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
tx07eea9f1188e49fd9e434-00633aac55
age
1436371
x-amz-id-2
tx07eea9f1188e49fd9e434-00633aac55
last-modified
Mon, 03 Oct 2022 09:32:04 GMT
server
cloudflare
etag
W/"60065ce00862bc7ec608e62f1deac544"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tPGez148lpe8Wmz%2BCneMFqLXOHXBSfZ7Awc3kVXHTSKQLyqETGspuI6zE6vc%2F7Klp0e2ziarUNmdRo7CtYCYw5NPFb%2BgUoEqAm2i9UsgEskTTp7YdbDiVArPB6r9%2B1XyK16%2B4xp3mC0zwzhq"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=1800
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
75ce4a4aef7691cf-FRA
access-control-allow-headers
Authorization
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/
54 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.210.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-210-112.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d80b9ba4d9ed354519644fd9d90aa446ec818d52a9b98395c80a43159dc0e887

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:13 GMT
content-encoding
gzip
last-modified
Thu, 08 Sep 2022 20:10:31 GMT
server
Apache
etag
"d71e-5e830058020dd-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17404
expires
Thu, 20 Oct 2022 02:38:13 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/
56 KB
16 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:13 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Sep 2022 13:13:44 GMT
server
cloudflare
x-amz-request-id
BNJ6QE5JEPQ6QZQN
age
730
etag
W/"68154020ef14b5881614607902c7c21b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
75ce4a4b3c15997b-FRA
x-amz-id-2
hJmPwVJFjVRFjjxB02rGj7iGRK80JkfiG0N/xC3qR9uTKG4G8bnSsVqbVVPjooGi44s5hsva9Y4=
sync-container.js
b-code.liadm.com/
6 KB
6 KB
Script
General
Full URL
https://b-code.liadm.com/sync-container.js
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:be00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
WIo1DFPCLgnYZuB8yv1dFIDWe1bYBj2G
date
Tue, 04 Oct 2022 17:05:41 GMT
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1329453
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
5904
last-modified
Tue, 10 May 2022 11:48:07 GMT
server
AmazonS3
etag
"ae5e94de938b0387eda6df8f20da811a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=2592000
accept-ranges
bytes
x-amz-cf-id
R59zDZoWPb1Fq2wBN9z1zhmXo-w8xnwMqz1G2vFBxak0AtgZcu14SA==
uidatefilter.js
www.imleagues.com/spa/scripts/filters/
6 KB
2 KB
Script
General
Full URL
https://www.imleagues.com/spa/scripts/filters/uidatefilter.js?v=229
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
51b52aced265d4493b7c40033142f218f0c681fd7514258ed1ae35e5d321bb67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:11 GMT
content-encoding
gzip
last-modified
Fri, 14 Oct 2022 03:08:44 GMT
server
Microsoft-IIS/10.0
etag
"06c2447adfd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
1650
jquery-ui.min.js
www.imleagues.com/spa/lib/jqueryui/
235 KB
63 KB
Script
General
Full URL
https://www.imleagues.com/spa/lib/jqueryui/jquery-ui.min.js?v=229
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:11 GMT
content-encoding
gzip
last-modified
Thu, 23 Aug 2018 06:36:54 GMT
server
Microsoft-IIS/10.0
etag
"0761aeab3ad41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
64610
jquery.blockUI.js
www.imleagues.com/spa/lib/blockui/
20 KB
7 KB
Script
General
Full URL
https://www.imleagues.com/spa/lib/blockui/jquery.blockUI.js?v=229
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
28a71436ac0dc932da5f3bee332164e898ac890aba1e4ed9b6b7225e711fdd9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:11 GMT
content-encoding
gzip
last-modified
Thu, 23 Aug 2018 06:36:49 GMT
server
Microsoft-IIS/10.0
etag
"801666abab3ad41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
6640
bootstrap-tokenfield.min.js
www.imleagues.com/spa/scripts/external/bootstrap.tokenfield/
17 KB
5 KB
Script
General
Full URL
https://www.imleagues.com/spa/scripts/external/bootstrap.tokenfield/bootstrap-tokenfield.min.js?v=229
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
32c966137950be53f35de47e119011d771727ae721c6bdd7ca5091247bea9e22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:11 GMT
content-encoding
gzip
last-modified
Fri, 14 Oct 2022 03:08:45 GMT
server
Microsoft-IIS/10.0
etag
"809c5a457adfd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
4903
handlebars-v2.0.0.js
www.imleagues.com/spa/scripts/external/addresspicker/
102 KB
25 KB
Script
General
Full URL
https://www.imleagues.com/spa/scripts/external/addresspicker/handlebars-v2.0.0.js?v=229
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a7f6ad7fba7213c6e7180a709decd31813df53832956ecf6da3dc181be5607aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:11 GMT
content-encoding
gzip
last-modified
Fri, 14 Oct 2022 03:08:45 GMT
server
Microsoft-IIS/10.0
etag
"809c5a457adfd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
25307
ZeroClipboard.js
www.imleagues.com/spa/scripts/external/zeroclipboard/
25 KB
8 KB
Script
General
Full URL
https://www.imleagues.com/spa/scripts/external/zeroclipboard/ZeroClipboard.js?v=229
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
29766dd6b45ad09ded4d34fa8c2787b76c9fdebdd5588cb55da32a927e6724ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:11 GMT
content-encoding
gzip
last-modified
Fri, 14 Oct 2022 03:08:45 GMT
server
Microsoft-IIS/10.0
etag
"809c5a457adfd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
8277
imlLangLoader.js
www.imleagues.com/spa/scripts/services/
15 KB
3 KB
Script
General
Full URL
https://www.imleagues.com/spa/scripts/services/imlLangLoader.js?v=229
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
842f846c6666604429f34a254c1113757726ea0efe91012c1de75feebf27b285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:11 GMT
content-encoding
gzip
last-modified
Fri, 14 Oct 2022 03:08:45 GMT
server
Microsoft-IIS/10.0
etag
"809c5a457adfd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
2760
conversationservice.js
www.imleagues.com/spa/scripts/services/
5 KB
1 KB
Script
General
Full URL
https://www.imleagues.com/spa/scripts/services/conversationservice.js?v=229
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
858a95f400a65fe507913c7fb6647e0ca071d82d3b9602567bb531204d12d993

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:11 GMT
content-encoding
gzip
last-modified
Fri, 14 Oct 2022 03:08:45 GMT
server
Microsoft-IIS/10.0
etag
"809c5a457adfd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
1157
premiumBlockLoader.js
www.imleagues.com/spa/scripts/directives/
26 KB
4 KB
Script
General
Full URL
https://www.imleagues.com/spa/scripts/directives/premiumBlockLoader.js?v=229
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4bb2a3480ce0f0b944d7e412f1999c9675ae433a42a120b7c708b4dcb8f355f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:11 GMT
content-encoding
gzip
last-modified
Fri, 14 Oct 2022 03:08:43 GMT
server
Microsoft-IIS/10.0
etag
"806f29447adfd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
3602
urlfilter.js
www.imleagues.com/spa/scripts/filters/
594 B
658 B
Script
General
Full URL
https://www.imleagues.com/spa/scripts/filters/urlfilter.js?v=229
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
52823b5f08b0029d2a3e0d17416f126100699c64fe437e5b5bd5f7fc40ae390d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:11 GMT
last-modified
Fri, 14 Oct 2022 03:08:44 GMT
server
Microsoft-IIS/10.0
etag
"7a3b57457adfd81:0"
x-powered-by
ASP.NET
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
594
jquery.messagebox.js
www.imleagues.com/spa/scripts/external/jquery.messagebox/
7 KB
2 KB
Script
General
Full URL
https://www.imleagues.com/spa/scripts/external/jquery.messagebox/jquery.messagebox.js?v=229
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2a54a5d04d394143e443f6267822c2efba922615685878ad7615a59492eed530

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:11 GMT
content-encoding
gzip
last-modified
Fri, 14 Oct 2022 03:08:45 GMT
server
Microsoft-IIS/10.0
etag
"809c5a457adfd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
1954
angular.js
www.imleagues.com/spa/lib/angular/
970 KB
236 KB
Script
General
Full URL
https://www.imleagues.com/spa/lib/angular/angular.js?v=229
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
102113abf95e4b5fb061d8037d6da23c41386d8e4078b1218fe52c95e80115ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:11 GMT
content-encoding
gzip
last-modified
Thu, 21 May 2020 22:18:07 GMT
server
Microsoft-IIS/10.0
etag
"80b9bb4bd2fd61:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
241744
v1
lb.eu-1-id5-sync.com/lb/
33 B
331 B
XHR
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
23592acd48e28990d8cceb6ac1e4e7684719e39cb137110566be9745a4c2008d

Request headers

Referer
https://www.imleagues.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.imleagues.com
date
Thu, 20 Oct 2022 02:23:12 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lbs.eu-1-id5-sync.com/lbs/
54 B
232 B
XHR
General
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:701:1000::31d2 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
e52a1ca3a2ad3f54df0f043a56394e9028c35baab56857b03228cd1a4004f76a

Request headers

Referer
https://www.imleagues.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.imleagues.com
date
Thu, 20 Oct 2022 02:23:13 GMT
content-length
54
vary
Origin
content-type
application/json
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1666232593233&aid=a-01de&se=e30&duid=e61ac6b72cda--01gfsk7aprkp6ahxvwhf66fzz3&tna=v2.5.0&pu=https%3A%2F%2Fwww.imleagues.com%2Fspa%2Faccount%2Flogin%3Fredirecturl%3Dhtt...
  • https://rp4.liadm.com/j?dtstmp=1666232593233&aid=a-01de&se=e30&duid=e61ac6b72cda--01gfsk7aprkp6ahxvwhf66fzz3&tna=v2.5.0&pu=https%3A%2F%2Fwww.imleagues.com%2Fspa%2Faccount%2Flogin%3Fredirecturl%3Dht...
46 B
585 B
XHR
General
Full URL
https://rp4.liadm.com/j?dtstmp=1666232593233&aid=a-01de&se=e30&duid=e61ac6b72cda--01gfsk7aprkp6ahxvwhf66fzz3&tna=v2.5.0&pu=https%3A%2F%2Fwww.imleagues.com%2Fspa%2Faccount%2Flogin%3Fredirecturl%3Dhttps%253a%252f%252fwww.imleagues.com%252fSchool%252fViewMCMessage.aspx%253fSchId%253dae6dfe7f46634b3f9c6076c71e0555e8%2526MessageId%253d9532fc765e5f4e07ba36fa17ab037eb8&us_privacy=1---&wpn=lc-bundle&gdpr=0&c=PHRpdGxlIG5nLWJpbmQ9InRpdGxlIiB0cmFuc2xhdGUtbmFtZXNwYWNlPSJ0ZW1wbGF0ZS5hY2NvdW50IiB0cmFuc2xhdGU9Ii5QYWdlVGl0bGUiIHRyYW5zbGF0ZS1rZWVwLWNvbnRlbnQ9IiI-SU1MZWFndWVzPC90aXRsZT48aDEgYXJpYS1sYWJlbD0iaGlkZGVuIiBzdHlsZT0iZGlzcGxheTpub25lIiB0aXRsZT0iSGlkZGVuIj5IaWRkZW48L2gxPg&i6=MmEwMTo0YTA6MTMzODo5Mjo6MTE%3D&n3pc=true
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https:%2F%2Fwww.imleagues.com%2FSchool%2FViewMCMessage.aspx%3FSchId%3Dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3D9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H2
Server
54.146.133.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-146-133-189.compute-1.amazonaws.com
Software
/
Resource Hash
d7f471c93bfa88c775fd201e2a5b77d98aa3a9ada8f8ad18631c826d575fb47b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:14 GMT
x-pixel-event-id
fa57a734-011a-40a1-b5e4-4b17f04d5d37
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
DENY
vary
Origin
content-type
application/json
request-time
0
access-control-allow-origin
null
access-control-allow-credentials
true
trace-id
16eab4d34b56a111
content-length
46
x-xss-protection
1; mode=block

Redirect headers

date
Thu, 20 Oct 2022 02:23:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
vary
Origin
location
https://rp4.liadm.com/j?dtstmp=1666232593233&aid=a-01de&se=e30&duid=e61ac6b72cda--01gfsk7aprkp6ahxvwhf66fzz3&tna=v2.5.0&pu=https%3A%2F%2Fwww.imleagues.com%2Fspa%2Faccount%2Flogin%3Fredirecturl%3Dhttps%253a%252f%252fwww.imleagues.com%252fSchool%252fViewMCMessage.aspx%253fSchId%253dae6dfe7f46634b3f9c6076c71e0555e8%2526MessageId%253d9532fc765e5f4e07ba36fa17ab037eb8&us_privacy=1---&wpn=lc-bundle&gdpr=0&c=PHRpdGxlIG5nLWJpbmQ9InRpdGxlIiB0cmFuc2xhdGUtbmFtZXNwYWNlPSJ0ZW1wbGF0ZS5hY2NvdW50IiB0cmFuc2xhdGU9Ii5QYWdlVGl0bGUiIHRyYW5zbGF0ZS1rZWVwLWNvbnRlbnQ9IiI-SU1MZWFndWVzPC90aXRsZT48aDEgYXJpYS1sYWJlbD0iaGlkZGVuIiBzdHlsZT0iZGlzcGxheTpub25lIiB0aXRsZT0iSGlkZGVuIj5IaWRkZW48L2gxPg&i6=MmEwMTo0YTA6MTMzODo5Mjo6MTE%3D&n3pc=true
access-control-allow-origin
https://www.imleagues.com
request-time
0
access-control-allow-credentials
true
trace-id
e6e33bcdbdba47a4
content-length
0
x-xss-protection
1; mode=block
bootstrap.min.js
www.imleagues.com/spa/lib/bootstrap/dist/js/
36 KB
10 KB
Script
General
Full URL
https://www.imleagues.com/spa/lib/bootstrap/dist/js/bootstrap.min.js?v=229
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:12 GMT
content-encoding
gzip
last-modified
Thu, 23 Aug 2018 06:36:57 GMT
server
Microsoft-IIS/10.0
etag
"80ca2ab0ab3ad41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
9755
angularAMD.js
www.imleagues.com/spa/lib/angularAMD/
19 KB
5 KB
Script
General
Full URL
https://www.imleagues.com/spa/lib/angularAMD/angularAMD.js?v=229
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d7e305854f9238fc419fee051fc5cedeaeb76af3b6f4eeed30625bed23f868f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:12 GMT
content-encoding
gzip
last-modified
Thu, 23 Aug 2018 06:36:47 GMT
server
Microsoft-IIS/10.0
etag
"80e934aaab3ad41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
4804
angular-route.min.js
www.imleagues.com/spa/lib/angular-route/
4 KB
2 KB
Script
General
Full URL
https://www.imleagues.com/spa/lib/angular-route/angular-route.min.js?v=229
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a4c9e1d1951c0b4eaa68436a7f0c562ec58afc092188c94856a7653d703b06c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:12 GMT
content-encoding
gzip
last-modified
Thu, 23 Aug 2018 06:36:39 GMT
server
Microsoft-IIS/10.0
etag
"803570a5ab3ad41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
2062
angular-cache.min.js
www.imleagues.com/spa/lib/angular-cache/dist/
18 KB
5 KB
Script
General
Full URL
https://www.imleagues.com/spa/lib/angular-cache/dist/angular-cache.min.js?v=229
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1b880d9898e2a15c29cce26734623921753c26886b245d75fd75f667c5bf1c7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:12 GMT
content-encoding
gzip
last-modified
Thu, 23 Aug 2018 06:36:55 GMT
server
Microsoft-IIS/10.0
etag
"809df9aeab3ad41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
5048
angular-animate.min.js
www.imleagues.com/spa/lib/angular-animate/
25 KB
9 KB
Script
General
Full URL
https://www.imleagues.com/spa/lib/angular-animate/angular-animate.min.js?v=229
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a438165377c9a38fe1530f4faeb9e8a5b30e6ccb15b1a12c2aca5eac415eda3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:12 GMT
content-encoding
gzip
last-modified
Thu, 23 Aug 2018 06:36:29 GMT
server
Microsoft-IIS/10.0
etag
"80547a9fab3ad41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
9307
angular-cookie.min.js
www.imleagues.com/spa/lib/angular-cookie/
1 KB
2 KB
Script
General
Full URL
https://www.imleagues.com/spa/lib/angular-cookie/angular-cookie.min.js?v=229
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5ab8f91c728302971e8a4899ab7e8e23c81057a0a377714b07f32fc82be0a036

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:12 GMT
last-modified
Thu, 23 Aug 2018 06:36:33 GMT
server
Microsoft-IIS/10.0
etag
"117752a2ab3ad41:0"
x-powered-by
ASP.NET
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
1492
angular-translate.min.js
www.imleagues.com/spa/lib/angular-translate/
58 KB
15 KB
Script
General
Full URL
https://www.imleagues.com/spa/lib/angular-translate/angular-translate.min.js?v=229
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9c55177527a16c362fdd04ae68059de0b2253f04131d7d441cf1b3284f3697b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:12 GMT
content-encoding
gzip
last-modified
Thu, 23 Aug 2018 06:36:47 GMT
server
Microsoft-IIS/10.0
etag
"80e934aaab3ad41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
15191
724.json
id5-sync.com/g/v2/
216 B
627 B
XHR
General
Full URL
https://id5-sync.com/g/v2/724.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
e3670095bf4b73b0d19a3470dcdf94e3ac4004020b434822333bc3d2e18a5382
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.imleagues.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.imleagues.com
date
Thu, 20 Oct 2022 02:23:13 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
plugin.en.json
www.imleagues.com/spa/i18n/common/
288 B
383 B
XHR
General
Full URL
https://www.imleagues.com/spa/i18n/common/plugin.en.json?v=229
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/lib/angular/angular.js?v=229
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4ca5752c967016ef7e5ad5c0a1bfd500c4f8d8d222c17b9e3bacaa660c4eb03d

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https:%2F%2Fwww.imleagues.com%2FSchool%2FViewMCMessage.aspx%3FSchId%3Dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3D9532fc765e5f4e07ba36fa17ab037eb8
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:12 GMT
last-modified
Fri, 14 Oct 2022 03:08:22 GMT
server
Microsoft-IIS/10.0
etag
"25b8fc377adfd81:0"
x-powered-by
ASP.NET
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
288
global.en.json
www.imleagues.com/spa/i18n/common/
295 B
355 B
XHR
General
Full URL
https://www.imleagues.com/spa/i18n/common/global.en.json?v=229
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/lib/angular/angular.js?v=229
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
cf381183aa4800060d4650152d2f6c0396fc2baf84c962193253273d9148c4a1

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https:%2F%2Fwww.imleagues.com%2FSchool%2FViewMCMessage.aspx%3FSchId%3Dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3D9532fc765e5f4e07ba36fa17ab037eb8
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:12 GMT
last-modified
Fri, 14 Oct 2022 03:08:22 GMT
server
Microsoft-IIS/10.0
etag
"5a8fed377adfd81:0"
x-powered-by
ASP.NET
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
295
account.en.json
www.imleagues.com/spa/i18n/scripts/layouts/
4 KB
4 KB
XHR
General
Full URL
https://www.imleagues.com/spa/i18n/scripts/layouts/account.en.json?v=229
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/lib/angular/angular.js?v=229
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
154bf6290a0efad98e8ac7b47a8196b1263d3df826432b75f4e4612dfc9cae84

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https:%2F%2Fwww.imleagues.com%2FSchool%2FViewMCMessage.aspx%3FSchId%3Dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3D9532fc765e5f4e07ba36fa17ab037eb8
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:12 GMT
last-modified
Fri, 14 Oct 2022 03:08:45 GMT
server
Microsoft-IIS/10.0
etag
"d59171457adfd81:0"
x-powered-by
ASP.NET
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
3691
login.en.json
www.imleagues.com/spa/i18n/account/
2 KB
3 KB
XHR
General
Full URL
https://www.imleagues.com/spa/i18n/account/login.en.json?v=229
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/lib/angular/angular.js?v=229
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
af499369e7f19a5d9429700ef412ceace4f06ff9757735da45056ab4360f53a2

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https:%2F%2Fwww.imleagues.com%2FSchool%2FViewMCMessage.aspx%3FSchId%3Dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3D9532fc765e5f4e07ba36fa17ab037eb8
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:12 GMT
last-modified
Fri, 14 Oct 2022 03:08:21 GMT
server
Microsoft-IIS/10.0
etag
"341182377adfd81:0"
x-powered-by
ASP.NET
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
2525
login.html
www.imleagues.com/spa/account/
52 KB
34 KB
XHR
General
Full URL
https://www.imleagues.com/spa/account/login.html?v=229
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/lib/angular/angular.js?v=229
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3d46ba1056a1a0c10422fcb726cdd0af2772cc8773d0acbe5d26b5e1f1c507d8

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https:%2F%2Fwww.imleagues.com%2FSchool%2FViewMCMessage.aspx%3FSchId%3Dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3D9532fc765e5f4e07ba36fa17ab037eb8
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:12 GMT
content-encoding
gzip
last-modified
Fri, 14 Oct 2022 03:08:34 GMT
server
Microsoft-IIS/10.0
etag
"025cc3e7adfd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
34207
main_bg.png
www.imleagues.com/lib/imleagues/images/
114 KB
114 KB
Image
General
Full URL
https://www.imleagues.com/lib/imleagues/images/main_bg.png?v=229
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/css/account/iml-account-layout.css?v=229
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
936dd6f6a1108b8bb9c97a937a95fe7b733ecfc81ebace6280126668dbda6c38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/spa/css/account/iml-account-layout.css?v=229
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:12 GMT
last-modified
Tue, 09 Feb 2016 06:50:05 GMT
server
Microsoft-IIS/10.0
etag
"3195711b663d11:0"
x-powered-by
ASP.NET
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
117043
fontawesome-webfont.woff2
www.imleagues.com/spa/lib/fontawesome/fonts/
63 KB
63 KB
Font
General
Full URL
https://www.imleagues.com/spa/lib/fontawesome/fonts/fontawesome-webfont.woff2?v=4.4.0
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/lib/fontawesome/css/font-awesome.min.css?v=229
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Request headers

Referer
https://www.imleagues.com/spa/lib/fontawesome/css/font-awesome.min.css?v=229
Origin
https://www.imleagues.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:12 GMT
last-modified
Thu, 23 Aug 2018 06:36:55 GMT
server
Microsoft-IIS/10.0
etag
"246690afab3ad41:0"
x-powered-by
ASP.NET
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
64464
account.ext.js
www.imleagues.com/spa/scripts/template/
26 KB
6 KB
Script
General
Full URL
https://www.imleagues.com/spa/scripts/template/account.ext.js?v=229&v=229
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e4443165f66548890c2cae497db5a0fdd099eaa6e6dafe376471c98593daf50a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https:%2F%2Fwww.imleagues.com%2FSchool%2FViewMCMessage.aspx%3FSchId%3Dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3D9532fc765e5f4e07ba36fa17ab037eb8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:12 GMT
content-encoding
gzip
last-modified
Fri, 14 Oct 2022 03:08:45 GMT
server
Microsoft-IIS/10.0
etag
"809c5a457adfd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
6583
login.js
www.imleagues.com/spa/account/
19 KB
4 KB
Script
General
Full URL
https://www.imleagues.com/spa/account/login.js?v=229
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
725ea502622933fe0edc422a67f75695ac030ddc873b653072b7fc4f964c8442

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https:%2F%2Fwww.imleagues.com%2FSchool%2FViewMCMessage.aspx%3FSchId%3Dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3D9532fc765e5f4e07ba36fa17ab037eb8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:12 GMT
content-encoding
gzip
last-modified
Fri, 14 Oct 2022 03:08:22 GMT
server
Microsoft-IIS/10.0
etag
"017a5377adfd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
3720
3420
idx.liadm.com/idex/unknown/
0
314 B
XHR
General
Full URL
https://idx.liadm.com/idex/unknown/3420?duid=e61ac6b72cda--01gfsk7aprkp6ahxvwhf66fzz3&us_privacy=1---&gdpr=0
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-01de.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.150.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-150-226.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
https://www.imleagues.com
date
Thu, 20 Oct 2022 02:23:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-credentials
true
trace-id
c296227e0b83a883
vary
Origin
request-time
3
sdk.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
49473c47744202f0f38d97524e16822f91e8b16dfb2403bc2da7e308526bc75b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Oct 2022 02:23:14 GMT
content-md5
3LlM4/BosvTB8kqUm6FRBQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1688
x-fb-rlafr
0
x-fb-debug
Be3hZHbWMFvTaqaX+Oxvx26gX/Kl4KSoOYIbg+YXK1id+VRybaLrkHcqLLPbKICgzHLVXV5PyppCsLGP0rEX4A==
x-fb-trip-id
917726464
x-fb-content-md5
37919b78baf9b4d13a96f39cb7c7be44
cross-origin-opener-policy
same-origin-allow-popups
etag
"9438e748aabe824ca6facde12884dbaa"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
priority
u=3,i
expires
Thu, 20 Oct 2022 02:33:41 GMT
login.ext.js
www.imleagues.com/spa/account/
8 KB
2 KB
Script
General
Full URL
https://www.imleagues.com/spa/account/login.ext.js?v=229
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bfae625dddbaa975d43241875786105d0f0d0948b12d53b032a16e377d9ca191

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https:%2F%2Fwww.imleagues.com%2FSchool%2FViewMCMessage.aspx%3FSchId%3Dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3D9532fc765e5f4e07ba36fa17ab037eb8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:12 GMT
content-encoding
gzip
last-modified
Fri, 14 Oct 2022 03:08:21 GMT
server
Microsoft-IIS/10.0
etag
"8080c377adfd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
2483
angular-base64.min.js
www.imleagues.com/spa/lib/angular-base64/
1 KB
1 KB
Script
General
Full URL
https://www.imleagues.com/spa/lib/angular-base64/angular-base64.min.js?v=229
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
74819e3d9ea37eee6bb287be5db214ad534a730c3bb52914c7ea179700e3c3ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https:%2F%2Fwww.imleagues.com%2FSchool%2FViewMCMessage.aspx%3FSchId%3Dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3D9532fc765e5f4e07ba36fa17ab037eb8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:12 GMT
last-modified
Thu, 23 Aug 2018 06:36:30 GMT
server
Microsoft-IIS/10.0
etag
"bc144a0ab3ad41:0"
x-powered-by
ASP.NET
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
1360
collect
www.google-analytics.com/j/
4 B
24 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=980390823&t=pageview&_s=1&dl=https%3A%2F%2Fwww.imleagues.com%2Fspa%2Faccount%2Flogin%3Fredirecturl%3Dhttps%253a%252f%252fwww.imleagues.com%252fSchool%252fViewMCMessage.aspx%253fSchId%253dae6dfe7f46634b3f9c6076c71e0555e8%2526MessageId%253d9532fc765e5f4e07ba36fa17ab037eb8&dp=%2Fspa%2Faccount%2Flogin&ul=en-us&de=UTF-8&dt=account.login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEDAAAABAAAAACACI~&jid=380085583&gjid=1090923806&cid=1514818731.1666232593&tid=UA-3300343-1&_gid=869191080.1666232593&_r=1&_slc=1&z=2094828916
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.imleagues.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 02:23:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.imleagues.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
api:client.js
apis.google.com/js/
14 KB
6 KB
Script
General
Full URL
https://apis.google.com/js/api:client.js
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a242fb3a4122f8d6ea77665913c22a6ac68069ec4d7767399075ae83d7c7207c
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Oct 2022 02:23:14 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5569
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"eece51e2b1dd7e5b"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Oct 2022 02:23:14 GMT
platform.js
apis.google.com/js/
52 KB
20 KB
Script
General
Full URL
https://apis.google.com/js/platform.js?onload=startGoogleLogin
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66d3a8a770a631df5cdf13010dd290fba5ef08d3449e28420ac48711dec6c2fe
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Oct 2022 02:23:14 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20365
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"b978431b1386da1b"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Oct 2022 02:23:14 GMT
bootstrap-select.min.js
www.imleagues.com/spa/lib/bootstrap-select/dist/js/
29 KB
8 KB
XHR
General
Full URL
https://www.imleagues.com/spa/lib/bootstrap-select/dist/js/bootstrap-select.min.js
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/lib/jquery/dist/jquery.min.js?v=229
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
93c70eed7a07897e0d95c11e3b3d0adbf06a9d5153dd3fff9220a78848a55c63

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https:%2F%2Fwww.imleagues.com%2FSchool%2FViewMCMessage.aspx%3FSchId%3Dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3D9532fc765e5f4e07ba36fa17ab037eb8
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:12 GMT
content-encoding
gzip
last-modified
Thu, 23 Aug 2018 06:36:57 GMT
server
Microsoft-IIS/10.0
etag
"80ca2ab0ab3ad41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
8567
material.min.js
www.imleagues.com/spa/lib/bootstrap-material-design/dist/js/
4 KB
1 KB
XHR
General
Full URL
https://www.imleagues.com/spa/lib/bootstrap-material-design/dist/js/material.min.js
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/lib/jquery/dist/jquery.min.js?v=229
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
08e04328553331ce479f19e8d524c04702299a0456735828eba89c7082e2db92

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https:%2F%2Fwww.imleagues.com%2FSchool%2FViewMCMessage.aspx%3FSchId%3Dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3D9532fc765e5f4e07ba36fa17ab037eb8
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:12 GMT
content-encoding
gzip
last-modified
Thu, 23 Aug 2018 06:36:57 GMT
server
Microsoft-IIS/10.0
etag
"80ca2ab0ab3ad41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
1281
AjaxRequestHandler.ashx
www.imleagues.com/Services/
4 KB
4 KB
XHR
General
Full URL
https://www.imleagues.com/Services/AjaxRequestHandler.ashx?class=imLeagues.Web.Members.Services.BO.Account.TemplateBO&method=Initialize&paramType=imLeagues.Internal.API.VO.Input.PageInVO&urlReferrer=https://www.imleagues.com/spa/account/login?redirecturl=https:%2F%2Fwww.imleagues.com%2FSchool%2FViewMCMessage.aspx%3FSchId%3Dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3D9532fc765e5f4e07ba36fa17ab037eb8
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/lib/angular/angular.js?v=229
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a945db169b65f71973d5d29af29252441f8f07d75219abc2ed6d5d305cfa571f

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https:%2F%2Fwww.imleagues.com%2FSchool%2FViewMCMessage.aspx%3FSchId%3Dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3D9532fc765e5f4e07ba36fa17ab037eb8
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Thu, 20 Oct 2022 02:23:13 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private
access-control-allow-headers
Authorization, Content-Type
content-length
4074
AjaxRequestHandlerWithWritableSession.ashx
www.imleagues.com/Services/
5 KB
5 KB
XHR
General
Full URL
https://www.imleagues.com/Services/AjaxRequestHandlerWithWritableSession.ashx?class=imLeagues.Web.Members.Services.BO.Account.LoginBO&method=Initialize&paramType=imLeagues.Internal.API.VO.Input.InitLoginInViewVO&urlReferrer=https://www.imleagues.com/spa/account/login?redirecturl=https:%2F%2Fwww.imleagues.com%2FSchool%2FViewMCMessage.aspx%3FSchId%3Dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3D9532fc765e5f4e07ba36fa17ab037eb8
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/lib/angular/angular.js?v=229
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
04292d21a9d376b0711ee4da1319d52295dd8353c1ba52ad2838f69ff424fd13

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https:%2F%2Fwww.imleagues.com%2FSchool%2FViewMCMessage.aspx%3FSchId%3Dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3D9532fc765e5f4e07ba36fa17ab037eb8
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Thu, 20 Oct 2022 02:23:13 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private
access-control-allow-headers
Authorization, Content-Type
content-length
5465
truncated
/
29 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4d43c32c1ede78f8c161ff46973be6bf39764a08419b4b248294ef578f477971

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
iml-sm-logo-bule.png
www.imleagues.com/spa/images/
2 KB
2 KB
Image
General
Full URL
https://www.imleagues.com/spa/images/iml-sm-logo-bule.png
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https:%2F%2Fwww.imleagues.com%2FSchool%2FViewMCMessage.aspx%3FSchId%3Dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3D9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
cd765a00b745ea520b8348f4877c62402f885c3c9f72db10d280490a79d7c304

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https:%2F%2Fwww.imleagues.com%2FSchool%2FViewMCMessage.aspx%3FSchId%3Dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3D9532fc765e5f4e07ba36fa17ab037eb8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:13 GMT
last-modified
Fri, 14 Oct 2022 03:08:22 GMT
server
Microsoft-IIS/10.0
etag
"989a25387adfd81:0"
x-powered-by
ASP.NET
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
1781
iml-sm-logo-white.png
www.imleagues.com/spa/images/
2 KB
2 KB
Image
General
Full URL
https://www.imleagues.com/spa/images/iml-sm-logo-white.png
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https:%2F%2Fwww.imleagues.com%2FSchool%2FViewMCMessage.aspx%3FSchId%3Dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3D9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fb2b180df4dbbe6180870228ca3f0e4a283d4cd88061f83d047b7ae00ac60e6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https:%2F%2Fwww.imleagues.com%2FSchool%2FViewMCMessage.aspx%3FSchId%3Dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3D9532fc765e5f4e07ba36fa17ab037eb8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:13 GMT
last-modified
Fri, 14 Oct 2022 03:08:23 GMT
server
Microsoft-IIS/10.0
etag
"971a3e387adfd81:0"
x-powered-by
ASP.NET
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
1716
iml-google-logo.png
www.imleagues.com/spa/images/
8 KB
8 KB
Image
General
Full URL
https://www.imleagues.com/spa/images/iml-google-logo.png
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https:%2F%2Fwww.imleagues.com%2FSchool%2FViewMCMessage.aspx%3FSchId%3Dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3D9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d656a3d0f61d7781ce6377b66b3061f00d528ad38578668e5bfd385dabf06899

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https:%2F%2Fwww.imleagues.com%2FSchool%2FViewMCMessage.aspx%3FSchId%3Dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3D9532fc765e5f4e07ba36fa17ab037eb8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:13 GMT
last-modified
Fri, 14 Oct 2022 03:08:22 GMT
server
Microsoft-IIS/10.0
etag
"d07ddb377adfd81:0"
x-powered-by
ASP.NET
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
8472
collect
stats.g.doubleclick.net/j/
4 B
443 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-3300343-1&cid=1514818731.1666232593&jid=380085583&gjid=1090923806&_gid=869191080.1666232593&_u=KEDAAAAAAAAAACACI~&z=1788648570
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.imleagues.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 20 Oct 2022 02:23:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.imleagues.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
a-01de
i.liadm.com/s/c/ Frame CD2B
1 KB
1 KB
Document
General
Full URL
https://i.liadm.com/s/c/a-01de?s=&cim=&ps=true&ls=true&duid=e61ac6b72cda--01gfsk7aprkp6ahxvwhf66fzz3&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.175.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-175-47.compute-1.amazonaws.com
Software
/
Resource Hash
051404c59899f3bc7799a173292080543cbfeeb67d2c509ab83291ebbd85f685
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.imleagues.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
660
Content-Type
text/html; charset=UTF-8
Date
Thu, 20 Oct 2022 02:23:15 GMT
ETag
1.61803398874
Request-Time
44
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
baker
sli.imleagues.com/
19 B
366 B
Image
General
Full URL
https://sli.imleagues.com/baker?dtstmp=1666232594430
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https:%2F%2Fwww.imleagues.com%2FSchool%2FViewMCMessage.aspx%3FSchId%3Dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3D9532fc765e5f4e07ba36fa17ab037eb8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Expires
Thu, 20 Oct 2022 02:23:14 GMT
Pragma
no-cache
Date
Thu, 20 Oct 2022 02:23:14 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
19
Content-Type
image/gif
sdk.js
connect.facebook.net/en_US/
306 KB
86 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=5a05d60cfbf629504b4f879403017866
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e7a1769c80a39b35018fed082752e759a028a373e16559b09ea5c0c3d7e02325
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.imleagues.com/
Origin
https://www.imleagues.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Oct 2022 02:23:14 GMT
content-md5
ezDpwGuhXI2XUoLVZ9dYtg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88394
x-fb-rlafr
0
x-fb-debug
X4gTjFfqFcHGTv1SM3bnoDhdOzIXUXSF9XV7wKM6NFfPp7YX5/xzWhE0GP6LKOAWM2FwlUjDjSU/euvjRgKVBg==
x-fb-content-md5
232f71e90b2d0b377a8a9538c61016d6
cross-origin-opener-policy
same-origin-allow-popups
etag
"48d363c56130a92a835c7e64b76184f1"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 20 Oct 2023 00:40:28 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/
309 KB
105 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_0?le=scs
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc876a53dc1550440043da2c9666dc520be2e271365bd64fd0ae440d100dfb3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 11:51:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
138727
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
107095
x-xss-protection
0
last-modified
Sat, 30 Jul 2022 15:17:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Oct 2023 11:51:07 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=auth2/exm=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/
62 B
85 B
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=auth2/exm=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_1?le=scs
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27095d13a9c6e755cb20dc225c60d419aaea91a9ec240b842527daea5c98a3ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 00:15:37 GMT
x-content-type-options
nosniff
age
94057
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62
x-xss-protection
0
last-modified
Sat, 30 Jul 2022 15:17:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Oct 2023 00:15:37 GMT
beacon.js
sb.scorecardresearch.com/
4 KB
2 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-58.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 03:00:57 GMT
content-encoding
gzip
via
1.1 e7377cc861b31102786678df3616bf68.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
84139
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
W1hq207nVIxlycaNT9RDCLMMvPCwN0y_692ew07Clel2xSmXaUZrwQ==
quant.js
secure.quantserve.com/
26 KB
10 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e7aaa31aec9d6a9f88c0af5d361aff3e7828ace0fb0c55ab35922025e12700b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:14 GMT
content-encoding
gzip
etag
"cbFpuah7ilcpMTJLYeCgng=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 27 Oct 2022 02:23:14 GMT
fbds.js
connect.facebook.net/en_US/
4 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbds.js
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1bc15c010e8b987167ad6f95fadd5c3e165dfe4cae052bf07831d45ec6861235
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Oct 2022 02:23:14 GMT
content-md5
5FSH3v3X00kcYhZVSUigqQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2166
x-fb-rlafr
0
x-fb-debug
ZogndDzoS88iZ4/KbkdyAoj5BKQoBekQiCVrvk2fRzhiyNoNQ4x2c/7UDJ0CUDLBq5LnbRKjJ+lQOsM5gu0dFA==
x-fb-content-md5
784b8ba4e67695f8253b4f453e9744ec
cross-origin-opener-policy
same-origin-allow-popups
etag
"62b26e1b97ac33831cf0350a05c821a7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
priority
u=3,i
expires
Thu, 20 Oct 2022 02:29:36 GMT
roundtrip.js
s.adroll.com/j/
54 KB
17 KB
Script
General
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:ee00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7fd2ec35b25b299043a5f55a2fa26692265abc769c4d9c37d6ad51c88a5cc5ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

X-Amz-Version-Id
fmkbU__STDFOlCGxbJ0JPrhhMwGUIFrY
Content-Encoding
gzip
Via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
Date
Thu, 20 Oct 2022 01:55:56 GMT
Age
1672
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 13 Oct 2022 19:02:46 GMT
Server
AmazonS3
Etag
W/"71cd62a09ac1a67884aa404a4e486380"
Vary
Accept-Encoding
Access-Control-Max-Age
600
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
zjPuIprI4P0FbmJmjYVri3E4bDeUa0StSkgds8PqVXetPci0I_B_cQ==
ga-audiences
www.google.com/ads/
42 B
501 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-3300343-1&cid=1514818731.1666232593&jid=380085583&_u=KEDAAAAAAAAAACACI~&z=205213775
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https:%2F%2Fwww.imleagues.com%2FSchool%2FViewMCMessage.aspx%3FSchId%3Dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3D9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 02:23:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
501 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-3300343-1&cid=1514818731.1666232593&jid=380085583&_u=KEDAAAAAAAAAACACI~&z=205213775
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https:%2F%2Fwww.imleagues.com%2FSchool%2FViewMCMessage.aspx%3FSchId%3Dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3D9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 02:23:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
connatix.player.dc.js
cds.connatix.com/p/191837/ Frame 1139
Redirect Chain
  • https://cd.connatix.com/connatix.player.js
  • https://cds.connatix.com/p/191837/connatix.player.dc.js
954 KB
219 KB
Script
General
Full URL
https://cds.connatix.com/p/191837/connatix.player.dc.js
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https:%2F%2Fwww.imleagues.com%2FSchool%2FViewMCMessage.aspx%3FSchId%3Dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3D9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H2
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3728d7f355864a27b250a537a24ddfa586bb82491260cb3e1d3d678135c464e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:14 GMT
content-encoding
br
last-modified
Wed, 19 Oct 2022 12:23:52 GMT
age
49737
etag
"a5274c7bc092dbbd1f2ffd5913573545"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
224040

Redirect headers

location
https://cds.connatix.com/p/191837/connatix.player.dc.js
date
Thu, 20 Oct 2022 02:23:14 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
accept-ranges
bytes
content-length
0
access-control-max-age
86400
collect
www.google-analytics.com/j/
4 B
24 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=980390823&t=pageview&_s=1&dl=https%3A%2F%2Fwww.imleagues.com%2Fspa%2Faccount%2Flogin%3Fredirecturl%3Dhttps%253a%252f%252fwww.imleagues.com%252fSchool%252fViewMCMessage.aspx%253fSchId%253dae6dfe7f46634b3f9c6076c71e0555e8%2526MessageId%253d9532fc765e5f4e07ba36fa17ab037eb8&dp=%2Fspa%2Faccount%2Flogin&ul=en-us&de=UTF-8&dt=IMLeagues&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAAABAAAAACACI~&jid=324787463&gjid=629264438&cid=1514818731.1666232593&uid=guest&tid=UA-3300343-3&_gid=869191080.1666232593&_r=1&_slc=1&cd1=IML%20Home&cd2=General&cd3=None&cd4=None&cd5=None&cd6=False&cd7=None&cd8=None&cd9=None&cd10=0&cd11=1&z=990120386
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.imleagues.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 02:23:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.imleagues.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.imleagues.com
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.imleagues.com
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
191 KB
36 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=409136699596169&correlator=1134719301599423&eid=31068920&output=ldjh&gdfp_req=1&vrg=2022101701&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&tfua=0&tfcd=0&iu_parts=22404337467%3A1090918%2Cimleagues-300x250-ATF%2Cimleagues-300x250-ATF2%2Cimleagues-728x90-ATF%2Cimleagues-728x90-BTF%2Cimleagues-728x90-Sticky&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=300x250%2C300x250%2C728x90%7C970x90%7C970x250%7C728x250%2C728x90%2C728x90&ifi=1&adks=629386179%2C137150368%2C2564033731%2C4183413659%2C999762187&sfv=1-0-38&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1666232594655&lmt=1665716924&dlt=1666232592032&idt=649&adxs=491%2C815%2C436%2C436%2C437&adys=314%2C314%2C0%2C869%2C1107&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.imleagues.com%2Fspa%2Faccount%2Flogin%3Fredirecturl%3Dhttps%3A%252F%252Fwww.imleagues.com%252FSchool%252FViewMCMessage.aspx%253FSchId%253Dae6dfe7f46634b3f9c6076c71e0555e8%2526MessageId%253D9532fc765e5f4e07ba36fa17ab037eb8&frm=20&vis=1&psz=294x250%7C294x250%7C728x0%7C728x90%7C734x-1&msz=300x-1%7C300x-1%7C728x0%7C728x-1%7C728x-1&fws=0%2C0%2C0%2C0%2C512&ohw=0%2C0%2C0%2C0%2C0&ga_vid=1514818731.1666232593&ga_sid=1666232595&ga_hid=980390823&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d00650a89b8868f69e030b6c88bdd309371ff6b89ae7f30e1f63997de4e198a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:15 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
285837,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36431
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-2,5792104461
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-1,-2,138364493469
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.imleagues.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9D67
6 KB
4 KB
Document
General
Full URL
https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.imleagues.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 20 Oct 2022 02:23:14 GMT
expires
Fri, 20 Oct 2023 02:23:14 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
stats.g.doubleclick.net/j/
4 B
25 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-3300343-3&cid=1514818731.1666232593&jid=324787463&uid=guest&gjid=629264438&_gid=869191080.1666232593&_u=aEDAAAABAAAAACACI~&z=1021099284
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.imleagues.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 20 Oct 2022 02:23:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.imleagues.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
status
www.facebook.com/x/oauth/
0
0
Fetch
General
Full URL
https://www.facebook.com/x/oauth/status?client_id=193639533991049&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.imleagues.com%2Fspa%2Faccount%2Flogin%3Fredirecturl%3Dhttps%3A%252F%252Fwww.imleagues.com%252FSchool%252FViewMCMessage.aspx%253FSchId%253Dae6dfe7f46634b3f9c6076c71e0555e8%2526MessageId%253D9532fc765e5f4e07ba36fa17ab037eb8&sdk=joey&wants_cookie_data=true
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Thu, 20 Oct 2022 02:23:14 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc
h3=":443"; ma=86400
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
eOvZ9AhXo3kCQnOEHloYAFTMapi3Yrd63ljiOfeqJ/iPS0WPNjMxuUSSEgkge7IBhyGC+5eVvCVU6XGpdHJPig==
fb-s
unknown
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.imleagues.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
iframe
accounts.google.com/o/oauth2/ Frame 15CC
280 B
1 KB
Document
General
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
02cb983892fd326b0cb0666654e3adb3583a46652a690c7b3fd5620ff118e68b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-S69MZZrDVmx72jy-kpVghA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.imleagues.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-S69MZZrDVmx72jy-kpVghA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Thu, 20 Oct 2022 02:23:14 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/tr/
0
15 B
Image
General
Full URL
https://www.facebook.com/tr/?id=294220284095654&ev=PixelInitialized&dl=https%3A%2F%2Fwww.imleagues.com%2Fspa%2Faccount%2Flogin%3Fredirecturl%3Dhttps%3A%252F%252Fwww.imleagues.com%252FSchool%252FViewMCMessage.aspx%253FSchId%253Dae6dfe7f46634b3f9c6076c71e0555e8%2526MessageId%253D9532fc765e5f4e07ba36fa17ab037eb8&rl=&if=false&ts=1666232594729
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https:%2F%2Fwww.imleagues.com%2FSchool%2FViewMCMessage.aspx%3FSchId%3Dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3D9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 20 Oct 2022 02:23:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
b
sb.scorecardresearch.com/
0
190 B
Image
General
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=6035223&cs_it=b3&cv=3.8.0.210223&ns__t=1666232594730&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=0&cs_cmp_id=77&cs_cmp_sv=3&cs_cmp_rt=0&c7=https%3A%2F%2Fwww.imleagues.com%2Fspa%2Faccount%2Flogin%3Fredirecturl%3Dhttps%3A%252F%252Fwww.imleagues.com%252FSchool%252FViewMCMessage.aspx%253FSchId%253Dae6dfe7f46634b3f9c6076c71e0555e8%2526MessageId%253D9532fc765e5f4e07ba36fa17ab037eb8&c8=IMLeagues&c9=
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https:%2F%2Fwww.imleagues.com%2FSchool%2FViewMCMessage.aspx%3FSchId%3Dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3D9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-58.fra53.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:14 GMT
via
1.1 e7377cc861b31102786678df3616bf68.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
U0Tx1LCwmXaFoZi7-fSJtOzisLLKaoy5qckg_v7SoCF1gSraZLW4uQ==
x-cache
Miss from cloudfront
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/7O4IOMNVQZESLH4D3ZBIBV/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
785 B
Script
General
Full URL
https://s.adroll.com/j/exp/index.js
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https:%2F%2Fwww.imleagues.com%2FSchool%2FViewMCMessage.aspx%3FSchId%3Dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3D9532fc765e5f4e07ba36fa17ab037eb8
Protocol
HTTP/1.1
Server
2600:9000:206f:ee00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

X-Amz-Version-Id
5qzE3Du6HWTlmMxaQAwFIHmhZNdrgUnH
Date
Wed, 19 Oct 2022 04:50:47 GMT
Via
1.1 f358cf5f46d10c349187abd5e20e06ce.cloudfront.net (CloudFront)
Age
77548
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
28
Last-Modified
Fri, 07 Oct 2022 16:35:30 GMT
Server
AmazonS3
Etag
"5816cced8568d223aa09d889f300692b"
Vary
Accept-Encoding
Access-Control-Max-Age
600
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
tcrRyBy12T4MCKA_x8S-3jXvPhX0O_MWpswJVJCkPMnIptbcC0WbnA==

Redirect headers

Date
Wed, 19 Oct 2022 22:05:14 GMT
Via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
Age
15480
X-Amz-Cf-Pop
FRA56-C1
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Server
AmazonS3
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
aVxe7iRnJArCmHHPWdCNa2TnnOU92ylkbT95X0Z_RMibk6UD9l-Rww==
index.js
s.adroll.com/j/pre/
Redirect Chain
  • https://s.adroll.com/j/pre/7O4IOMNVQZESLH4D3ZBIBV/FCLKMOSMJJCGDNBQPRCAKE/fpconsent.js
  • https://s.adroll.com/j/pre/index.js
0
755 B
Script
General
Full URL
https://s.adroll.com/j/pre/index.js
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https:%2F%2Fwww.imleagues.com%2FSchool%2FViewMCMessage.aspx%3FSchId%3Dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3D9532fc765e5f4e07ba36fa17ab037eb8
Protocol
HTTP/1.1
Server
2600:9000:206f:ee00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

X-Amz-Version-Id
nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date
Thu, 20 Oct 2022 01:40:35 GMT
Via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
Age
2562
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Last-Modified
Wed, 15 Jan 2020 23:54:18 GMT
Server
AmazonS3
Etag
"d41d8cd98f00b204e9800998ecf8427e"
Vary
Accept-Encoding
Access-Control-Max-Age
600
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
zBJmRt7RWWZCnBJN1ZKpTtUIcDACCKbna_SvW5w0UbVlDQk14pFLnw==

Redirect headers

Date
Wed, 19 Oct 2022 06:42:36 GMT
Via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
Age
70837
X-Amz-Cf-Pop
FRA56-C1
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Server
AmazonS3
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Location
https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
TuajdJYWym_wtNqAsDWGGZ_t1kxcknruKbHhAXIeQubOi9ellfQNpA==
index.js
s.adroll.com/j/pre/7O4IOMNVQZESLH4D3ZBIBV/FCLKMOSMJJCGDNBQPRCAKE/
0
809 B
Script
General
Full URL
https://s.adroll.com/j/pre/7O4IOMNVQZESLH4D3ZBIBV/FCLKMOSMJJCGDNBQPRCAKE/index.js
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:ee00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

X-Amz-Version-Id
owJWDgzxtitm.LYMCcjmB4DAkfS6u_FA
Date
Thu, 20 Oct 2022 02:23:14 GMT
Via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
Age
1338
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Last-Modified
Wed, 19 Oct 2022 01:29:40 GMT
Server
AmazonS3
Etag
"d41d8cd98f00b204e9800998ecf8427e"
Vary
Accept-Encoding
Access-Control-Max-Age
600
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
IxZ9XDRE2t84ED8_-55vTSMnGT7O3Jvtw6GxKtCIaDWBijvQVTqb-A==
rules-p-e8u2ehsCGVQg-.js
rules.quantcount.com/
28 KB
4 KB
Script
General
Full URL
https://rules.quantcount.com/rules-p-e8u2ehsCGVQg-.js
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:6a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91c52f74446960de5f120555da753975d717c24ac3c101c696d3d9aa764ce49c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 01:38:11 GMT
content-encoding
gzip
via
1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
3055
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Wed, 25 Nov 2020 18:21:07 GMT
server
AmazonS3
etag
W/"945563de9259416ef401c38454b00f41"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
_RYybuDYvPrjYG5AqjOBsUcXaha34LPFJDEenWB-SNNB3A-Pn58p2Q==
rules-p-e5q7HZrPRKgQ-.js
rules.quantcount.com/
160 B
641 B
Script
General
Full URL
https://rules.quantcount.com/rules-p-e5q7HZrPRKgQ-.js
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:6a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b5fcb4f3d8b02c4fc949e6388fb57aae01898f6431c3bd8355ef6d06739f6852

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:14 GMT
via
1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1245
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 23:59:19 GMT
server
AmazonS3
etag
"226f1adb53fb3d6e16fc42d64907f232"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
CrYszv8OLQtGxg1OGVRLrejCpi7BeMQO7oIZfeykIEmbFRWXVswh3g==
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-3300343-3&cid=1514818731.1666232593&jid=324787463&_u=aEDAAAABAAAAACACI~&z=789421420
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https:%2F%2Fwww.imleagues.com%2FSchool%2FViewMCMessage.aspx%3FSchId%3Dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3D9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 02:23:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-3300343-3&cid=1514818731.1666232593&jid=324787463&_u=aEDAAAABAAAAACACI~&z=789421420
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https:%2F%2Fwww.imleagues.com%2FSchool%2FViewMCMessage.aspx%3FSchId%3Dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3D9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 02:23:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
7O4IOMNVQZESLH4D3ZBIBV
d.adroll.com/consent/check/
447 B
540 B
Script
General
Full URL
https://d.adroll.com/consent/check/7O4IOMNVQZESLH4D3ZBIBV?arrfrr=https%3A%2F%2Fwww.imleagues.com%2Fspa%2Faccount%2Flogin%3Fredirecturl%3Dhttps%3A%252F%252Fwww.imleagues.com%252FSchool%252FViewMCMessage.aspx%253FSchId%253Dae6dfe7f46634b3f9c6076c71e0555e8%2526MessageId%253D9532fc765e5f4e07ba36fa17ab037eb8&_s=174784d0c0b4792b2e7ca9bdeed46b9c&_b=2
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.198.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-198-162.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
42d768855a8899957e82f5d77c80064519dd5a6aab2a9ae48d8fe2974b55f95a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:15 GMT
server
nginx/1.20.0
content-length
447
content-type
application/javascript
pixel;r=1353366908;rf.1=0;uht.1=2;a.1=p-e8u2ehsCGVQg-;rf.2=0;uht.2=2;a.2=p-e5q7HZrPRKgQ-;url=https%3A%2F%2Fwww.imleagues.com%2Fspa%2Faccount%2Flogin%3Fredirecturl%3Dhttps%3A%252F%252Fwww.imleagues....
pixel.quantserve.com/
35 B
371 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=1353366908;rf.1=0;uht.1=2;a.1=p-e8u2ehsCGVQg-;rf.2=0;uht.2=2;a.2=p-e5q7HZrPRKgQ-;url=https%3A%2F%2Fwww.imleagues.com%2Fspa%2Faccount%2Flogin%3Fredirecturl%3Dhttps%3A%252F%252Fwww.imleagues.com%252FSchool%252FViewMCMessage.aspx%253FSchId%253Dae6dfe7f46634b3f9c6076c71e0555e8%2526MessageId%253D9532fc765e5f4e07ba36fa17ab037eb8;fpan=1;fpa=P0-1946569074-1666232594935;pbc=;ns=0;ce=1;qjs=1;qv=7a1cba14-20221011131736;cm=;gdpr=0;us_privacy=1---;ref=;d=imleagues.com;dst=0;et=1666232594935;tzo=0;ogl=;ses=5b42b445-ae2c-4e58-bd10-1e607446e9ae
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https:%2F%2Fwww.imleagues.com%2FSchool%2FViewMCMessage.aspx%3FSchId%3Dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3D9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 02:23:14 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame 15CC
2 KB
845 B
Other
General
Full URL
https://accounts.google.com/_/IdpIFrameHttp/cspreport
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
043e8243c29c77a1470c8e6682c2c6f98987b8d557829dc0235bf01511413581
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 02:23:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=base
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.O-K3HC-Wbho.es5.O/d=1/rs=AOaEmlGdIvqOSuXOIbFncrFknBNRFxCh8Q/ Frame 15CC
99 KB
35 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.O-K3HC-Wbho.es5.O/d=1/rs=AOaEmlGdIvqOSuXOIbFncrFknBNRFxCh8Q/m=base
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3fedd4922ba44ec7c3dce64469364fc59cb7290d054861f60e02101a293d5092
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 04:08:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
166456
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34880
x-xss-protection
0
last-modified
Sat, 08 Oct 2022 03:40:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Oct 2023 04:08:59 GMT
9c82b84634a645b28d23a71de52ce382
i.liadm.com/s/e/a-01de/0/ Frame CD2B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https://i.liadm.com/s/e/a-01de/0/9c82b84634a645b28d23a71de52ce382?mpid%3D7156%26muid%3D%5BMM_UUID%5D&b7fc8b16-e54a-40b1-ac94-458d49ec3b7a&us_priva...
  • https://i.liadm.com/s/e/a-01de/0/9c82b84634a645b28d23a71de52ce382?mpid=7156&muid=e75e6350-b113-4b00-8f8c-a45e6b3c4ecb
43 B
274 B
Image
General
Full URL
https://i.liadm.com/s/e/a-01de/0/9c82b84634a645b28d23a71de52ce382?mpid=7156&muid=e75e6350-b113-4b00-8f8c-a45e6b3c4ecb
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01de?s=&cim=&ps=true&ls=true&duid=e61ac6b72cda--01gfsk7aprkp6ahxvwhf66fzz3&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol
HTTP/1.1
Server
52.0.175.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-175-47.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 20 Oct 2022 02:23:15 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Date
Thu, 20 Oct 2022 02:23:15 GMT
Server
MT3 4539 98cc2da master cdg-pixel-x12 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://i.liadm.com/s/e/a-01de/0/9c82b84634a645b28d23a71de52ce382?mpid=7156&muid=e75e6350-b113-4b00-8f8c-a45e6b3c4ecb
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 20 Oct 2022 02:23:14 GMT
generic
match.adsrvr.org/track/cmf/ Frame CD2B
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0&us_privacy=1---
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01de?s=&cim=&ps=true&ls=true&duid=e61ac6b72cda--01gfsk7aprkp6ahxvwhf66fzz3&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 20 Oct 2022 02:23:15 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
52164
i6.liadm.com/s/ Frame CD2B
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=b7fc8b16-e54a-40b1-ac94-458d49ec3b7a&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=b7fc8b16-e54a-40b1-ac94-458d49ec3b7a&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D&us_privacy=1---
  • https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=cf7671d6-cf73-4b95-ab8e-d50161d59cfa
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=b7fc8b16-e54a-40b1-ac94-458d49ec3b7a
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=liveintent&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=liveintent&&user_id=p4IkPfOAID-81HQ0p9Q8PaDXcDq81XRuqYL7xXms
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=cf7671d6-cf73-4b95-ab8e-d50161d59cfa
  • https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=cf7671d6-cf73-4b95-ab8e-d50161d59cfa
0
0

9c82b84634a645b28d23a71de52ce382
i.liadm.com/s/e/a-01de/0/ Frame CD2B
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=127444&dpuuid=b7fc8b16-e54a-40b1-ac94-458d49ec3b7a&redir=https:%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-01de%2F0%2F9c82b84634a645b28d23a71de52ce382%3Fmpid=82775&muid=$%7BDD_UUI...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=b7fc8b16-e54a-40b1-ac94-458d49ec3b7a&redir=https:%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-01de%2F0%2F9c82b84634a645b28d23a71de52ce382%3Fmpid...
  • https://i.liadm.com/s/e/a-01de/0/9c82b84634a645b28d23a71de52ce382?mpid=82775
43 B
274 B
Image
General
Full URL
https://i.liadm.com/s/e/a-01de/0/9c82b84634a645b28d23a71de52ce382?mpid=82775
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01de?s=&cim=&ps=true&ls=true&duid=e61ac6b72cda--01gfsk7aprkp6ahxvwhf66fzz3&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol
HTTP/1.1
Server
52.0.175.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-175-47.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 20 Oct 2022 02:23:15 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

DCS
dcs-prod-irl1-1-v044-07bc8010b.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
dbOWsjn8TSA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://i.liadm.com/s/e/a-01de/0/9c82b84634a645b28d23a71de52ce382?mpid=82775
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
live_intent_sync
x.dlx.addthis.com/e/ Frame CD2B
Redirect Chain
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=b7fc8b16-e54a-40b1-ac94-458d49ec3b7a&us_privacy=1---
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=b7fc8b16-e54a-40b1-ac94-458d49ec3b7a&us_privacy=1---&rd=Y
43 B
601 B
Image
General
Full URL
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=b7fc8b16-e54a-40b1-ac94-458d49ec3b7a&us_privacy=1---&rd=Y
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01de?s=&cim=&ps=true&ls=true&duid=e61ac6b72cda--01gfsk7aprkp6ahxvwhf66fzz3&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol
H2
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Thu, 20 Oct 2022 02:23:15 GMT
pragma
no-cache
date
Thu, 20 Oct 2022 02:23:15 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif

Redirect headers

location
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=b7fc8b16-e54a-40b1-ac94-458d49ec3b7a&us_privacy=1---&rd=Y
pragma
no-cache
date
Thu, 20 Oct 2022 02:23:15 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
0
expires
Thu, 20 Oct 2022 02:23:15 GMT
/
trc.taboola.com/sg/liveintent/1/cm/ Frame CD2B
43 B
376 B
Image
General
Full URL
https://trc.taboola.com/sg/liveintent/1/cm/?us_privacy=1---
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01de?s=&cim=&ps=true&ls=true&duid=e61ac6b72cda--01gfsk7aprkp6ahxvwhf66fzz3&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Thu, 20 Oct 2022 02:23:15 GMT
via
1.1 varnish
x-served-by
cache-fra19170-FRA
server
nginx
x-timer
S1666232595.183736,VS0,VE9
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
35004
i.liadm.com/s/ Frame CD2B
Redirect Chain
  • https://b1sync.zemanta.com/usersync/liveintent/?cb=//i.liadm.com/s/35004?bidder_id%3D98254%26bidder_uuid%3D__ZUID__&us_privacy=1---
  • https://stags.bluekai.com/site/23178?id=t8LQZGd0y9I-DDXDn6tR&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DF4XWSLTMNFQWI3JOMNXW2L3TF4ZTKMBQGQ7WE2LEMRSXEX3JMQ6TSOBS...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=F4XWSLTMNFQWI3JOMNXW2L3TF4ZTKMBQGQ7WE2LEMRSXEX3JMQ6TSOBSGU2CMYTJMRSGK4S7OV2WSZB5OQ4EYUK2I5SDA6JZJEWUIRCYIRXDM5CSEZSXQY3IMFXGOZJ5NRUXMZLJNZ2GK...
  • https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=t8LQZGd0y9I-DDXDn6tR&us_privacy=1---
0
0

container.html
4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FACD
6 KB
3 KB
Document
General
Full URL
https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.imleagues.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 20 Oct 2022 02:23:14 GMT
expires
Fri, 20 Oct 2023 02:23:14 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3C91
6 KB
3 KB
Document
General
Full URL
https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.imleagues.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 20 Oct 2022 02:23:14 GMT
expires
Fri, 20 Oct 2023 02:23:14 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 66E1
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsunFujW-gbaTIk_7RTGqvTYvEw2Jcv2gUIIvVEQwN_MGdesYhgc75OsQb6uUNzQ-D2iwXMBPyXwN8PC049Tfwp_b7HTXXkM-IRqGpLo0sHYN67jXBLLdhaihI2tTCK5ifrzBVRSooDCAkgdW2bBWB_kkOngJpBYZH_oITRs8av3HxbWI_8iGhEzlk5tHWkTTQlm8HlTByicYOMxWlpOon5r1vg_2tXOb2y_a5T394EFuSxYfj1ci9OQqdhfKN8pm_zEwnDjhsWBM1rR2ePRfmHeSDL9a-G1m0z-Fv_qN9m6a84VM90fz9i_Q-Vxu62zLARKNwauzQBdIpejECMwe9ZUow&sai=AMfl-YRCgcLwnuMQDmjzBjbBJr2W5qKRLGblaxilVW85rGI8LPoW6Oi-GPUk7h3YkVBio060rSnB9Qe5tAVysEZfFACw8UvAf1WqGC5rpp_dmCZgDwjw8BNn6T3fRr9WXHYFYUAD&sig=Cg0ArKJSzE5-9CozzwlbEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 20 Oct 2022 02:23:15 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 66E1
167 KB
55 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1752690355379860
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
904442515005ef122be6c010d65ea169f9836c6fc8f189d21ab77c073273d63d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.imleagues.com/
Origin
https://www.imleagues.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55272
x-xss-protection
0
server
cafe
etag
5871900196675229768
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 20 Oct 2022 02:23:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 66E1
152 KB
46 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47476
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666179788250400"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 20 Oct 2022 02:23:15 GMT
container.html
4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 63A3
6 KB
3 KB
Document
General
Full URL
https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.imleagues.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 20 Oct 2022 02:23:14 GMT
expires
Fri, 20 Oct 2023 02:23:14 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
hls.0f8c90570c11654c76fa.js
cds.connatix.com/p/191837/ Frame 1139
0
47 KB
Other
General
Full URL
https://cds.connatix.com/p/191837/hls.0f8c90570c11654c76fa.js
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:15 GMT
content-encoding
br
last-modified
Wed, 19 Oct 2022 12:23:52 GMT
age
49737
etag
"623e74fa103ef8d6ffac130f3889f76d"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
48351
player.css
cds.connatix.com/p/191837/
60 KB
9 KB
Stylesheet
General
Full URL
https://cds.connatix.com/p/191837/player.css
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
60b055834aed8d01817b433cf1d20717e29c9cc67f6d538bf286660346de161d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:15 GMT
content-encoding
br
last-modified
Wed, 19 Oct 2022 12:23:52 GMT
age
49738
etag
"a6562884f71baa20fc3aecee791e7bb8"
vary
Accept-Encoding
access-control-max-age
86400
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
9341
iframerpc
accounts.google.com/o/oauth2/ Frame 15CC
49 B
96 B
XHR
General
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fwww.imleagues.com&client_id=369393928123-ho3vjoqb4s3rm3fk7t7lfcoobnm3ho9a.apps.googleusercontent.com
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.O-K3HC-Wbho.es5.O/d=1/rs=AOaEmlGdIvqOSuXOIbFncrFknBNRFxCh8Q/m=base
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-0saptVSK_dlSZPoc2tdTdw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
X-Requested-With
XmlHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-0saptVSK_dlSZPoc2tdTdw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
content-encoding
gzip
cross-origin-embedder-policy
require-corp
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin; report-to="IdpIFrameHttp"
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"IdpIFrameHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/IdpIFrameHttp/external"}]}
content-type
application/json; charset=utf-8
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Thu, 20 Oct 2022 02:23:15 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221018/r20110914/ Frame 3C91
23 KB
10 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221018/r20110914/abg_lite_fy2021.js
Requested by
Host: 4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com
URL: https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 15:08:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40482
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9571
x-xss-protection
0
server
cafe
etag
15799940544776262544
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Nov 2022 15:08:33 GMT
css
fonts.googleapis.com/ Frame 3C91
8 KB
716 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: 4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com
URL: https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 20 Oct 2022 02:23:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 01:28:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 20 Oct 2022 02:23:15 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/ Frame 3C91
14 KB
3 KB
Stylesheet
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.css
Requested by
Host: 4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com
URL: https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 13:23:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46774
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 10:40:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 13:23:41 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/ Frame 3C91
359 KB
124 KB
Script
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js
Requested by
Host: 4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com
URL: https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a7f3d2c238784e955c2426069e8764f35cdbd3a88b5e06e1120a196d119e72d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 13:23:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46774
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127092
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 10:40:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 13:23:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221018/r20110914/client/ Frame 3C91
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221018/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com
URL: https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 15:08:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40478
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7569
x-xss-protection
0
server
cafe
etag
4237063375490391177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Nov 2022 15:08:37 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221018/r20110914/ Frame FACD
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221018/r20110914/abg_lite_fy2021.js
Requested by
Host: 4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com
URL: https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 15:08:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40482
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9571
x-xss-protection
0
server
cafe
etag
15799940544776262544
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Nov 2022 15:08:33 GMT
css
fonts.googleapis.com/ Frame FACD
8 KB
716 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: 4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com
URL: https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 20 Oct 2022 02:23:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 01:41:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 20 Oct 2022 02:23:15 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/ Frame FACD
14 KB
3 KB
Stylesheet
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.css
Requested by
Host: 4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com
URL: https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 13:23:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46774
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 10:40:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 13:23:41 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/ Frame FACD
359 KB
124 KB
Script
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js
Requested by
Host: 4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com
URL: https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a7f3d2c238784e955c2426069e8764f35cdbd3a88b5e06e1120a196d119e72d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 13:23:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46774
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127092
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 10:40:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 13:23:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221018/r20110914/client/ Frame FACD
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221018/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com
URL: https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 15:08:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40478
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7569
x-xss-protection
0
server
cafe
etag
4237063375490391177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Nov 2022 15:08:37 GMT
l
www.google.com/ads/measurement/ Frame FACD
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ0e0wNLm437PuCCfDjDx8vk-8VDtZ5N1Xxg_R0Z1C6hS2-pHyC-JC3JAWOQhLgtIQg5ZxLQR9lGjjlU3d_rk6MUkM58A
Requested by
Host: 4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com
URL: https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

adview
securepubads.g.doubleclick.net/pagead/ Frame 63A3
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CiJ4fErFQY5WqMfm4x_AP4MikkAH-0_evXM7PvdjqAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi00MTEzNjgxODgyMzExNDU1yAEJ4AIAqAMBqgSyAk_Q85N-VY__edZv5o4rKFsOx2manU0u8zTE7ieQyMLVheEcR70L5NJUEhr-tI62XMBjfxen-E1u7BK0kR17UKTIpxVNS3_cS7mfMP1-3GMy-U4U2WhK67mDdvdrTHdhOeB2jH552B9FKIxrxymmkoPKxlY_qQA1mzHh1Bz9g7BBqtJJ2nkNaQeSgk_GxNQJwVjop2Z4pwl3PqddNlw28fZ5WXKwDESF-2-e67Q1QHNTxjPL3zSKykkIwPqJd2r6ed_08MCvB2OkRvBiQxuYG9R8Wu-rjbtUiE6WpkrVVcbz8aqNCK8FJVGDPShVihVXkiYsXI7TG2IQ-g0trQYIYjMUtP13FK7imtIvklGk1kLGP61wXopAMaNEDH3JFSn7twvHT9_wP7qBPtHRdnxg3PPAAeAEAYAGicT248af6IOPAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA4IiGEQATIDioIBOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00MTEzNjgxODgyMzExNDU1GITbew&sigh=kewykt2rxLU&uach_m=[UACH]&cid=CAQSPgDq26N9uia02gfYDNuuF8ZP8USZlIcEVrlR1ErxSiZeAnRlldLZJKmQ5fLka2J6G-NYVqOvWOJCQPrsE54JGAEgEw&tpd=AGWhJmtRelXxk9HDklE0AldYpzviAp91ciOdZwi3MdmP8zdZHYLIoEoYu78fh3v4aXWgiTpz-9aGirLEMJH9Cj70qCUHEBsLAiiV6OoYGnkrhWaf-hGdMFy9jEEbyIfVQ5ByYjTNXWp_4fIlyjkBrgo640hGXBtQBiFU-16Xpjpw6Fp34xWUlOoyeHo6qNfbPfsOgQrVca2ybnBIPqYlj8u9ruMeXD4bHQMA1Jg5F8I1wS0EssbicOKxy1zP4HQWOBqNclUYd61dPGZXG40DAYRfLE3XOQ098vKVMSDO0QLjVlVqdaf1k5zU_ApY0eOQyP0dIoe8f_4TRdT9mGaV1c8ZC9wnYoVkXhY7-DXeQpCLBsuZPeM0Q0QEH9M2ufM2-azrJ63aqaobA59xVrGILL9tF62pWaC5-Q9un1I4SCUWBr-ta-HB9kP2QDR4p7B7R95wfdCSW6T6L7lmdbVa1D1ERjqLMmQ4dnbqCwqXCXQ00etKfBC4G5WbN2E-1LXXa5r_5LZaIsbLKVKtTEcFrroLh0dlx3KnEM0KOeeCwcCCP3EqxLb7-aBiiqgZ1xZRclKkCXeSnBBbyUmDxWbjXDgSceD1UqYXYypIDtB23QRoCIwGrvn9RZ6WU59HAwYYdDAuVQi27Hq8PWw_rbeCmBLx6k8C9jDQ4ygNKcl2VQ3D9v3qS7zKqUPf_YbkvUEKAJMPcrXmaBU9widzOTWyS0Ldgz6asRKc43NkbDXn1t26f5o4-GLYFcXSGFRogWgEva33UWkfBJ5uXV0FSGNO12_j7m2XXJYxEs1ciZFMUwkOLoI6GQM0Q04cGWBUl51YOIoHSN7bTDTKssl8VrYiRQDt6SIBVfH6PbzTrTEyNYLp1Gkee-9gbcP9G_fsClVylXHrhY1m4AjFqY4k2MR6adroMSgLpxFEtJqoLMvZMBj1htq3SCmzwhIjMkOuuYIsxzZT-gTWmQP40_iFu0kZm2JSIYMooE_QqXeqIleTpGazg7ilkHnToZjuu-10xcgQ_Pmz175GSrkWoXX1iACZLJ_2OnrG50kvSst2OFu_qCQPmB8XT-ef0uIMq5Js1rEgPeHh6ssF_ww-dzkWuV7jKyuc0MAi_oUXRSp4np88pXIDYWi0_ABre3zKE4cVCzSXm3JP1XOsHnfAvF09BkqQCnmFt_NYoNXGI-fr1gX-GN2bKvP6DH8enYQCua-TERou6jYGT-omFGl_Lf7JKVm3RFD9Tw7dvL_75ftQc6aSX9HFySXEfRuqTvtLYAm4onxxCYAZ8uRHAMmx_NQciS3SvPOdNmPw8AWHULItGS0xwlVQrq6LkLGj1qHqskmUfkIEVK8CMJgneWwReZmaZP3gok5Fp8aEX6N7-9YMwIEJ3KhYziGgycQ7BrsxcUDbwj3a95vaqOl_jSEVVlj_n0p-5JeU4eVO_1qD-6k9-v0Bl4c5Tv1XScP46A_6NuOhLlKDAs6G_v8lKNMu7DyNpSEXmWOE-rjb7uYEKIDP3dnbWjaWe_7BFccXqmg1TIC3dvZoQj_6lxYA7sl6Zi4ZbD16ucmDmlOhSBI58rckBxm8MvDVJGSP-Ltz109Dn7zdo3Tmp0b0UfY0lXU91vhTjtIK_NPCdbxOywdqXX_di4_TqkcQUXvfdf8fveiCyd_IcLkkPtOZsqDxrt-UpCcXpPUBiYjxFeX0JvqkCFqwSXKKUjLqUAu5IftQfxfe8KQ3IlHECRNV6kKMCfJRR3pjwy185Hq8gxXEe0dgpKHuN94hhHXdZlyYojJaE7c
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

js
tags.mathtag.com/notify/ Frame 63A3
2 KB
1 KB
Script
General
Full URL
https://tags.mathtag.com/notify/js?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvTUdFMk5UVTVZV1V0WVRBek1TMHhOalJpTFRBd01EQXRNREF3TURBd01EQXdNREF3LzE3MzQ4NjAxMDM4NjQzMTI3MjYvMTEwNTAwOTkvMTI0NjA5NDkvOS9TVWo5Y2txUG8xNG03bnpHakdOOXZwcWtfRjhtampWS21oUTFoVlRaUEg0LzEvOS8wLzAvMTk5OTg0My8wLzIxNTU0My8xMjMwMjM4LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvMTczNDg2MDEwMzg2NDMxMjcyNi96cmgvMC8xNjUyLzM4Lzk5OS8yLzJhMDE6NGEwOjEzMzg6Oi8wLjAwMC8xNjY2MjMyNTk0LzE2NjYyNDUxOTQvOS8xOTI1Ni8/c-OWwGPonJVr_09CMzxWEWZ6DEc&nodeid=3747&group=zrh&auctionid=1734860103864312726&pbs_auctionid=1734860103864312726&shardkey=1734860103864312726&sid=12460949&cid=11050099&bp=a_bdhgdj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.163&3pck=https%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F641d8acb-840e-4e73-9908-9210ce6dec36%2F
Requested by
Host: 4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com
URL: https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.368.0 /
Resource Hash
196f7ff369a7ff82ccb8e41064b4ecb2292576547732cbdfb0effb65c55487a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 20 Oct 2022 02:23:15 GMT
Content-Encoding
gzip
x-mm-bid-request-time
1666232594
Last-Modified
Thu, 20 Oct 2022 02:23:14 GMT
Server
MMBD/3.368.0
x-mm-latency
2 (0)
Content-Type
application/x-javascript; charset=UTF-8
x-mm-dbg
NotCount
Cache-Control
no-cache
x-mm-host
zrh-router-x36, zrh-bidder-x133
Connection
close
x-mm-lag
1
Expires
Thu, 20 Oct 2022 02:23:14 GMT
register
token.rubiconproject.com/ Frame 63A3
0
214 B
Image
General
Full URL
https://token.rubiconproject.com/register?khaos=L9GFV6JI-1S-L28G
Requested by
Host: 4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com
URL: https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221018/r20110914/client/ Frame 63A3
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221018/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com
URL: https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 15:08:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40478
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Nov 2022 15:08:37 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221018/r20110914/client/ Frame 63A3
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221018/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com
URL: https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 15:08:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40478
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7569
x-xss-protection
0
server
cafe
etag
4237063375490391177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Nov 2022 15:08:37 GMT
l
www.google.com/ads/measurement/ Frame 63A3
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTmPomtSRSzRSB7rKFIbCxzMTNriPRjax2eJby9ESNXIk7-kkLXBcxkRMi2VkpVvU2HL260aVwmLdATdgsCoA1vJhd0Aw
Requested by
Host: 4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com
URL: https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 63A3
22 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com
URL: https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 03:07:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
515754
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 14 Oct 2023 03:07:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 63A3
152 KB
46 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com
URL: https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47476
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666179788250400"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 20 Oct 2022 02:23:15 GMT
truncated
/ Frame 66E1
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b45ec1a20afd3a1625d477fd2c572a1385a4346c64e949f29ba909c82a803c56

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
pls
capi.connatix.com/core/ Frame 1139
6 KB
4 KB
XHR
General
Full URL
https://capi.connatix.com/core/pls?v=191837
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3ceaeae9802676890da406f543a5ef498fc438189dd464b913cc00149a023056

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Thu, 20 Oct 2022 02:23:15 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/x-protobuf
access-control-allow-origin
https://www.imleagues.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
3671
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/ Frame 66E1
353 KB
116 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1752690355379860&plah=www.imleagues.com
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b8cf45e66aa6481266f4300f6cba38991e66977435f97bd22408e590dfba491
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118722
x-xss-protection
0
server
cafe
etag
16398585185317835786
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 20 Oct 2022 02:23:15 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221018/r20190131/ Frame 9569
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221018/r20190131/zrt_lookup.html
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.imleagues.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16284
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 19 Oct 2022 21:51:51 GMT
etag
9671129459699598864
expires
Wed, 02 Nov 2022 21:51:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
s5p1ff0cz8rl
hal9000.redintelligence.net/zone/ Frame 63A3
10 KB
3 KB
Script
General
Full URL
https://hal9000.redintelligence.net/zone/s5p1ff0cz8rl?subid=&gdpr=0&gdpr_consent=&rnd=1734860103864312726&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:ruc&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D4f64b74f6bfa8596833a2c3bac00e1020f957e6f%26mt_aid%3D1734860103864312726%26mt_id%3D11050099%26mt_adid%3D215543%26mt_sid%3D12460949%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3De75e6350-b113-4b00-8f8c-a45e6b3c4ecb%26mt_cid%3De75e6350-b113-4b00-8f8c-a45e6b3c4ecb%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F641d8acb-840e-4e73-9908-9210ce6dec36%2F%26redirect%3D
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.164 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
db9b7ae745f969cc78fa1d9195d14b17c98b841d9a2d9959e2abe4ef00f9f778

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 20 Oct 2022 02:23:15 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
2958
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
img
pixel.mathtag.com/event/ Frame 63A3
43 B
405 B
Image
General
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=9&v2=1734860103864312726&v3=1230238&v4=12460949&v5=11050099&mt_nsync=1&no_attr=1
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 4539 98cc2da master cdg-pixel-x30 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 20 Oct 2022 02:23:15 GMT
Server
MT3 4539 98cc2da master cdg-pixel-x30 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Thu, 20 Oct 2022 02:23:14 GMT
img
tags.mathtag.com/event/ Frame 63A3
49 B
330 B
Image
General
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=ruc&bid=1734860103864312726&st=12460949&time=1666232595&nodeid=3747
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.368.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 20 Oct 2022 02:23:15 GMT
Server
MMBD/3.368.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x72, zrh-bidder-x133
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Thu, 20 Oct 2022 02:23:14 GMT
js
sync.mathtag.com/sync/ Frame 63A3
1 KB
1 KB
Script
General
Full URL
https://sync.mathtag.com/sync/js?sync=auto&source=bidder&mt_lim=2&type=1,2
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 4539 98cc2da master cdg-pixel-x27 config:1.0.0 /
Resource Hash
8587f73e40217568ba4a7a12e5d676d195facbbe088e33ac30974b98ceb04d3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 20 Oct 2022 02:23:15 GMT
Content-Encoding
gzip
Server
MT3 4539 98cc2da master cdg-pixel-x27 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
text/javascript
Cache-Control
no-cache
Connection
close
Expires
Thu, 20 Oct 2022 02:23:14 GMT
show_ads.js
www.imleagues.com/spa/ads/
25 B
130 B
XHR
General
Full URL
https://www.imleagues.com/spa/ads/show_ads.js?v=229
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/lib/jquery/dist/jquery.min.js?v=229
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.22.3.50 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
webmail.imleagues.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
083e6dd418e7bcdc77b54d7cdcd8f80fcd123602963562bc3c0db14f2605614c

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.imleagues.com/spa/account/login?redirecturl=https:%2F%2Fwww.imleagues.com%2FSchool%2FViewMCMessage.aspx%3FSchId%3Dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3D9532fc765e5f4e07ba36fa17ab037eb8
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:14 GMT
last-modified
Fri, 14 Oct 2022 03:08:20 GMT
server
Microsoft-IIS/10.0
etag
"70df7377adfd81:0"
x-powered-by
ASP.NET
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type
content-length
25
csi
csi.gstatic.com/ Frame FACD
0
0

KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FACD
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 16:44:52 GMT
x-content-type-options
nosniff
age
207503
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Oct 2023 16:44:52 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FACD
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 13:27:29 GMT
x-content-type-options
nosniff
age
478546
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Oct 2023 13:27:29 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FACD
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CuYPeErFQY5OqMfm4x_AP4MikkAHCmof2bOqbgoj8D_e3vs-IChABIPmb8YQBYJWCgICYB8gBBakCeJDTZRlisD6oAwHIA5sEqgSnAk_Q-kz0Ie5lQYltwF0ua3oGDrwtqS0fDxLcHUnXgpgDhiNChUPfFUiWAgsvCIpoDJ5X-b76BOEVVN35Lr2muygHNp0EMj7bhJku7hiqrDUTKzl7rO4-1oSAd93U--jrYOAT-U-z-lo9u7tPMlW3ngHb7Kl7cILgUc5sUdwn16vX1SreSb0mbBTHKUtUzO_L-moBPNLV5sZLCNmmPmRdVV8iKCYyRdQIZXV81tluMn_jdErCsyxEL1W3A2tmRkDxTkt0lPowIeIcdR8R0jldUTeMksb_fisfrHzuyc4WQZWb6V4wUjOaGfSKqoJxiAmz0fYmLn69JnL07cAAXX1Ew1kL51xPNk4f8BeyFSJEl0y_hZTEupII24kr1boeBNuFcAaQ3QYG-O3ABMzty52SBOAEA5AGAaAGdoAH2I7rvgKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIhhEAEYHTIDioIBOgKAQIAKA8gLAeALAYAMAbATqNDrEMgT6Ieg4QPQEwDYEwqIFATYFAHQFQH4FgGAFwE&eventType=clickstring&clientTime=1666232595708&ai=CuYPeErFQY5OqMfm4x_AP4MikkAHCmof2bOqbgoj8D_e3vs-IChABIPmb8YQBYJWCgICYB8gBBakCeJDTZRlisD6oAwHIA5sEqgSnAk_Q-kz0Ie5lQYltwF0ua3oGDrwtqS0fDxLcHUnXgpgDhiNChUPfFUiWAgsvCIpoDJ5X-b76BOEVVN35Lr2muygHNp0EMj7bhJku7hiqrDUTKzl7rO4-1oSAd93U--jrYOAT-U-z-lo9u7tPMlW3ngHb7Kl7cILgUc5sUdwn16vX1SreSb0mbBTHKUtUzO_L-moBPNLV5sZLCNmmPmRdVV8iKCYyRdQIZXV81tluMn_jdErCsyxEL1W3A2tmRkDxTkt0lPowIeIcdR8R0jldUTeMksb_fisfrHzuyc4WQZWb6V4wUjOaGfSKqoJxiAmz0fYmLn69JnL07cAAXX1Ew1kL51xPNk4f8BeyFSJEl0y_hZTEupII24kr1boeBNuFcAaQ3QYG-O3ABMzty52SBOAEA5AGAaAGdoAH2I7rvgKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIhhEAEYHTIDioIBOgKAQIAKA8gLAeALAYAMAbATqNDrEMgT6Ieg4QPQEwDYEwqIFATYFAHQFQH4FgGAFwE
Requested by
Host: 4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com
URL: https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 02:23:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame FACD
30 KB
16 KB
XHR
General
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BPfWMdcdRHPmabCLmk67jtRPLSFI04btyQmlJPk0_qbGk7peicCe72bfflLsFKz0cyMlcsHt17cAZdL1FLRYJ60bOkJA&cry=1&dbm_d=AKAmf-Dz7ovnVJWxd0vyWFg827oGG88CkQ_5ZuVfIZAZFXHPJNRt5FtHO0wRdGoD3d_b1bdxttKZJiq6v4npoBJu7N6esT1xRjOY1qsaUxbuyRTdlY4dhr5ztGweAvX0apFGhLORgmn9tk6zRzP8zE8qzfpqNc-_CzlCUbO36Rg4u0oHKk6GdIzksIV5xORk6C6dimK2JRXavYaMB1k9OGSvZLBdPBjVDvAjlIkI8JyQCH9iAt91m456RcxytTdNTz6FmxwIOsAqngkAG_Aa2ueOkLN92k4psvDeI9alcYSS3TIagRbpZC11a5cM7QeM6IWoIqmM3O8-cC9NW_ogVYJw-lKXd-FLGK1o_6zO-lNIc54_Axh5uk1KH6P1SaHuyft7V7C0kGshJHIzNlz8w6yChB6oTf586ijbIdB3GAxrGVNsRIMPPjZeSm8aGaCYzfgqIJIrv9oih4VBv3EDtcRTf5e0kOX2LxAQMBMb_0MUlnwXBDexU7En3J0h1AnKsHVpErpuWic6SYiNNF8bQSW6JaLsPFcln0bB4ofNljON1fNRynUl_dBHPKXO9f34BieAwhl6fI2eioqRwA_LGICDtM0EQkjytWYA1Gptvanl7F8O7-B_LV4kBA3RpzsP4uzG9Yun0k0iYzPQkL_YiyeHugsI6eJi7Shjf4fcv6cj32CIFkOp1iQOYCeorNWFu56hLBT_NLfACXVzwQxXGzqiiNCQUm2Uy8fGnYwKaELMrq-24MGy9kmpbKqSe__ddVufbXe9_h6Wv0fNa3xRM17v0Sv8i2u4965FoLIGk8Xn8SkZcv_0zwKAP9BhqV2CYfQZ-Xfhj3mZMZ75wa67dyEnW_StDkhDzmG9aI6I2BYbMkeU9TUOcodsxXZvfKMXscXOYcWFZZQekyjssizx2vDpKcOUSr4udkI2n-wLR9lxMEsCN_eLpB_wZiK_5B56mo-v3hsua8fTJXGgKhwJvso_phRuoam0MkalTYoOho4IEHfHmvUPhQoSZxEI6GP1pYJ29JmbBo1ayozZHi1zhNvgRD9T4SsappYPZ0ybu-14riMwG-PpQYZaXIYecNKv0EUndX6-WmzEv_WXlAOqfpSOwGJuNFWVBdaGOCAsYUUZzroEOlnvOONYbM69MZcW-ZJAopY4SNB58XyN5GoPVf4ebo0r_xOOXx4tlPaguklxbjdnH97Ei-W88Bl0hWMsw58pRZe60_r4rfC6wO_4ckX8KEok8PvPVbDczRm-nOOPQOhDLmPeDWuXePtduW0EWhwgPwX6HZ6f1-g0k9SUMGlqPm6VlfiU20DtzQK2hcykr6RYs_C4i0rDtKKfNgsHx2G4poKdpWqBSLIkM0jwIG-4CKosHd6cC6XS_lfBui6509Nf8CA553zn-p13sHEj56kcrCYDVZpN6UI0gc87x5_3Q8X4C-9J9R9_vdbMVOnBw5iuqBSJzmT6uLgdGoTCEDbfRiQaeZoFqu1wZ8NBQf2WDbb-7LkppdxDPXZOW50I3Yu23F44EsxDKjo6jvqynkdYQwX5f1Ah63wWQX5v4YoGJ5CoEReLgvALvy4cgdTloVD6WSruYOnkXbSKk3ON0mw3Ch417XSA3b5or0lvIJ3ZUmoj3PSFgcvs59JqA_lPGB2clge0T4L4SoZniB34h6zH1XdxaHnu2zL3KVzioKF6xjYU7a4C3OVTPUaFW5mlJdM0twfeacvFvUJBccROLi1hl72Dap3lIkZyXuhcl1eiy7X2VEnRm25NU-LL-eNI7S4XH-GImDuuORTJpXoTfJyQSmLZgs5n3qZX0CKfSLlRGspyu9KomX1GIpoiH1mFV3k24UtZ5eZj4rtBRTCPn0sJm2B9CB_-tVdRa3CsuXg5gLESltJTWHbwdi6ze5wN_eXMqEFp9I9p3SDNE2Qj7Q9Qj88-I0xZ5JseTXdgrsjC1F-21OzTslpMmQZRfBPgiLVc96IL5APSa-0mJ8qEnuXbMZI31TMm6V6WjxHsMmwOjM3N-lgja33TqEppcMlfcbk4Ut-0LKaCPjjgfZBtqMNbKk-dm4pRH36a6voAYD2zZ_P2KJU41hkcHxo6noT_PZRPZv751iy8vsWRzt8sQnxBr_bR3pvj3iZOcj_qj21iSFWFVNtXxhbvpdYj1SKQkCueExEsiF_IXpyQapZ7eXSRG618ZIM28xyhGdesGpFl_-oCmEjeydCtynWKn9lpPvNqHe6bozv5WyOvzHWH64RNWu4u8pNpQNOW1QikF7XOIYl5qp2QI5KEHGcIY10p66vqcA3nPPVJRTlJx-gIBr0FY4BPww-v5MKcPiI6ofIJwGZZP-fFkK-DCSy71zqq1VD7hjRXaDOVzZXzMPiB__9Cz5RZ3cEB1CC34evC56CrvLcehUBzQcHHjEu_byDGKyP8o9-jm4UvfT2oYaKga1hLKW8QqiTDLPhcJH9Q_YnYjNFEp53EC3emKnxAoaUscm-CXHjAG9TfFm2mtHcnUET8xWYaSCl6hxstWSuBJkqXoCDu0KMAKN3oOh1LGNrob2EvoMvgDkJpH8txY2Mi8WDpFFfACAUp4ZId40kWZ8ewdTmBP3Gg_MkaIHLIRborg8CyFq6TTJ-g2qK6ustkRzdiBc6REjhy7c2RPTmQdwB9mO6J8hlJUiA5Sdbf8VT5A2VWMsL2FRPgn2BaDOt4lryEXx7CkNHua8RbsKNQA9Vg2QbXxP1YeEV6RBA8MdD7BYapTYcQ_IXj5e41-EqRa4YIX7PFxPhvrkNfriWe4CpA9-TW6x_xxLIfL0PRLZpU2nUuImUhwN6bEV_OUHOXz2Y9ekCSvzMR1cHwsQuWoEsy_uYliuY4I9EuLUPcmCCqUqzPDY9rsoQngb-T4LVNymhScp217-2eBfrzlPdQPeZ35awbKwoT_y0TOwdJbolEgZnhDnni1H_cQ9qWWRiEBbg8XwtsQXu9IJcUF024WPstMr0x-WNu8Eg1bLrH_FIVPCXhCIeatXAyQFu__GIU4Wf23UEpo0tmGKalNjIGRp1HsCMIuJrgGDJNJnLkbeD96r62a3TicrFsfz72JVO3q95NQwfbGXbuQ3LFqPvFkmVHVAiD2QhEh_hU4Ud1ljBLbTR_QkIqX2qhC4evlw1iyWaCDiv9IFApD99zTYgE8xNgKcuYSP85yfr_47Nb3BBqyMOpXlxtmG2jr0_uqqy4VfDCBgA4xwV66bBr7TWQ9VcwW3DGR0khm87Ir-axcbXVzt3UWQbitU2uJOHQWiD1P1cXH9LL0uHRfV6ScaPVSRuN7iaU0I0dUPTf0OcaGuY1czW8cZXLt_KwFD9wPfx5j2By56Bbszg0FjupNCyRJMuibhI_m5rQztFA82hpBWDsBeHlPhrowPR22r47-5uuf7U0rnkD_-CdMiJ5bVzX-ZaINBObINSUZn-erIArhKOf5_fid5DsGBFCOESWXCq_ySqZ3FDeHTHwhI99bGI0XBZsk1dbX9LyEuf0mmKt9ju8_x36ddeIJyqBvhU263CbmgdjnsvZeByo3itK24tNtdVJUgtPXqE4sX6AQI8-muMj9dFXygtdvqEOTX7RVChwJsS8ORyrC8tf48kxVGSbk7i0U9DTFuu9v9cAMyJjC7o6J1GB0Cy9yfXm1pKbJmY8HA8YEACP-ywSEAdBhZJiBnN0eNHS9fx86fZdIx1PtKIeJ9LdMwh_n6Hut4DTnHvRDO9FQIUyANCyEXlZL9EEYAoMj0z-4h_pHp0SXm7EN0fXJi7yAMh3gxmSjOMYXVhf76zrse7KLQUzRwkpm_j0yFsk5zDBtnJyjsqQl2vrZM5XfQXgJ0ZPdkk6On14SAIVd2cwxZR3rLgh5EExINb28p79DT991w6ScoBd0SsqVCCEtFxOW-kN-vtK_D4rvLP2aXtQKiLQA2FCKG1aftHqPicoegG6gsxjBWUk1cCVGuwIpjbkCrr1JbvSOvVVZgqW_w0b-nHakO0f&cid=CAQSPgDq26N9uia02gfYDNuuF8ZP8USZlIcEVrlR1ErxSiZeAnRlldLZJKmQ5fLka2J6G-NYVqOvWOJCQPrsE54JGAEgDg&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f156.1e100.net
Software
cafe /
Resource Hash
f5ca85ad38fd21729cafdf80e668967450986987c33f14fda4384b40eb12573e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16157
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame FACD
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Ct_EuErFQY5OqMfm4x_AP4MikkAHCmof2bOqbgoj8D_e3vs-IChABIPmb8YQBYJWCgICYB8gBBakCeJDTZRlisD6oAwGqBKQCT9D6TPQh7mVBiW3AXS5regYOvC2pLR8PEtwdSdeCmAOGI0KFQ98VSJYCCy8IimgMnlf5vvoE4RVU3fkuvaa7KAc2nQQyPtuEmS7uGKqsNRMrOXus7j7WhIB33dT76Otg4BP5T7P6Wj27u08yVbeeAdvsqXtwguBRzmxR3CfXq9fVKt5JvSZsFMcpS1TM78v6agE80tXmxksI2aY-ZF1VXyIoJjJF1AhldXzW2W4yf-N0SsKzLEQvVbcDa2ZGQPFOS3SU-jAh4hx1HxHSOV1RN4ySxv9-Kx-sfO7JzhZBlZvpXjBSM5oZ9Iqq2nAS_CBDsLTb5xANwVm5HdoGmZ6l6JSG7fhBbBVTHZsNqoNVF1t9R-yUir1ODkpkB8os952HqiX2tcAEzO3LnZIE4AQDiAWepbqbRZIFBggbEAIYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAH2I7rvgKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChCmjRsYpIfp1QHSCBAIiGEQARgdMgOKggE6AoBAgAoDyAsBsBOo0OsQyBPoh6DhA9ATANgTCogUBNgUAdAVAYAXAbIXHgocCAASFHB1Yi00MTEzNjgxODgyMzExNDU1GITbew&sigh=eNtdR8Dnhsw&uach_m=[UACH]&cid=CAQSPgDq26N9uia02gfYDNuuF8ZP8USZlIcEVrlR1ErxSiZeAnRlldLZJKmQ5fLka2J6G-NYVqOvWOJCQPrsE54JGAEgDg&vt=10
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

csi
csi.gstatic.com/ Frame 3C91
0
0

KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3C91
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 16:44:52 GMT
x-content-type-options
nosniff
age
207503
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Oct 2023 16:44:52 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3C91
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 13:27:29 GMT
x-content-type-options
nosniff
age
478546
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Oct 2023 13:27:29 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C91
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CQfTKErFQY5SqMfm4x_AP4MikkAHCmof2bOqbgoj8D_e3vs-IChABIPmb8YQBYJWCgICYB8gBBakCeJDTZRlisD6oAwHIA5sEqgSqAk_Q6XLTMaYvI5n-tJ-gBH5nmPDPJrmzLnfIV6FHgHzNc4NkoqEbuJCGNTl5SWgtT4Jx7Yg1tfmce8SWiVxRZI5WDOFtQayXHO24x39M65kpZoKeBwaXYVV7kzJoQOoilKM-1xDYPR9C_5flPEzzgeVChvwGnbv9IVcvKueGOHzB4sRg58V1CEZ_tKx_Xf7GPfOVa5ou5RIKhZP-yQNjK_rydn3HaaLqWUs1No6dv1IlVadzRSAUa2p5F8P4Zs-krG1Xyd6GYVH4ABJWIcAK5Td_OoN7friQZItzVmsleTNR4D4x6S7QABJNU-B1zbjv7ZVfGXN3zT8FYQeoYMnoUb48ck3J5X8DjKWrkNI0zSdCecXJyT2ooNAqRueCUkb3uIosY-NcgRgVsBnABMzty52SBOAEA5AGAaAGdoAH2I7rvgKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIhhEAEYHTIDioIBOgKAQIAKA8gLAeALAYAMAbATqNDrEMgT6Ieg4QPQEwDYEwqIFATYFAHQFQH4FgGAFwE&eventType=clickstring&clientTime=1666232595738&ai=CQfTKErFQY5SqMfm4x_AP4MikkAHCmof2bOqbgoj8D_e3vs-IChABIPmb8YQBYJWCgICYB8gBBakCeJDTZRlisD6oAwHIA5sEqgSqAk_Q6XLTMaYvI5n-tJ-gBH5nmPDPJrmzLnfIV6FHgHzNc4NkoqEbuJCGNTl5SWgtT4Jx7Yg1tfmce8SWiVxRZI5WDOFtQayXHO24x39M65kpZoKeBwaXYVV7kzJoQOoilKM-1xDYPR9C_5flPEzzgeVChvwGnbv9IVcvKueGOHzB4sRg58V1CEZ_tKx_Xf7GPfOVa5ou5RIKhZP-yQNjK_rydn3HaaLqWUs1No6dv1IlVadzRSAUa2p5F8P4Zs-krG1Xyd6GYVH4ABJWIcAK5Td_OoN7friQZItzVmsleTNR4D4x6S7QABJNU-B1zbjv7ZVfGXN3zT8FYQeoYMnoUb48ck3J5X8DjKWrkNI0zSdCecXJyT2ooNAqRueCUkb3uIosY-NcgRgVsBnABMzty52SBOAEA5AGAaAGdoAH2I7rvgKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIhhEAEYHTIDioIBOgKAQIAKA8gLAeALAYAMAbATqNDrEMgT6Ieg4QPQEwDYEwqIFATYFAHQFQH4FgGAFwE
Requested by
Host: 4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com
URL: https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 02:23:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 3C91
30 KB
16 KB
XHR
General
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BF2qTJrbOQAIbH59Z5z1jEIyFc50mlF2uYQqkomFOs6c_0lZpRMHUQ9D8HaOW65zbHmrHmxEay4c3hjvp9hbmx0jI6sw&cry=1&dbm_d=AKAmf-AkDNUFmZ3GJX06X9wrysKpMw4Vohi0loGyY2nJhkQ-e1gSTDXfdIGtRKIR4HxMVt3uq-Resa7NrXaqDgFq4mY17JzO2OuX2cnoFcOE3JlbEqmBfOPhJmlsmfnD0I2X7VOtFUe6IVwOJCnSsni9XjlXAKuz9pmATOTtXffBgqZiPLC1SyooX21fbNKIG4SEPxE5Kgbd1Lg98E2ySrS2jwhuA_y4SlXlAQdi5H3RgED39WhH_mE2j9t_Z-bgdBGg3YOqhCmxwLCHLE7_zJr-qrKReNFuKl47oVOnkaLNPE1OtzI7WWR_4uy9loQ97iwnkREFmFOfX5MldPGMf4BGB05ZJJCLVxN8Iam0xtTijfwLLouLeFbvsk-5yysvbrF-e5Skl_P1yfKRq2mQBMUVP_MzYqtRkPDwiHoH4Zv7qR2WwMUlX6LJiUj6233V8qRVpJTebG3g4It9f1MUlTAzk9LuOMJsDTF8XQCVI2tz2kWAE52s6EB3QLqdiLRiUj1hX9wk_u9KEuHsdPvlFyneA5Q9Enck2Y8YwfGNC_vLhuUFbwe3vw2oQyu2b5YxpckA9E0N85s1fSaH9SfjtRqScIl9pO1nlyre9BjdktunnSewXzfLrWbIb2UkqzwWLczTh2PZLetPWVxpwwjjDA48mPpU6v39PhFVH7qNqBhfau8BjB0hM89kxkObeZGATDqYExFQ4-eR6l59P77FdybjKbmwhZVLYEykA9VfGE0LnOOljjOnsfnRyyyV8XkKE2Uz9FVXYd8phwy48S6q1dhgJAQMXwsHYMbJG85BabWgZOS920pyvW3_krbHTnk2PvUrmti3gzYe4YG0k4zAR4KEj7PKK7BSWinQG6PrwLD5nmnl9gD6G9Yo0qW7irc-lmOrR72XEEZnYX2Jy1SX9F8FPxrd288AU11mk51UzslX3BzIBC9zdnFZeVZruwCNO-HIqDP66Ua7ANURpm0QnwZhyASfcZf6LHwImDuLOuvtU5Z6StgPuUymYnUXgoqJ_GMGMXmnrzRU93R6njN0sAz5Gv_IdnkP_nwTy2ZeEfuSL3N0Rr0FyITQbOH6ZFlxm7GIX5KX0SdQUI2pZZLVtHZpGEjRdeKEAKWeAKZhfphaasE18Nks2oI_RMWQaG6yM6vfYnpH66gDaj7lVJkUpelsPxnYpawiIYl3tR-PTu2RN9gLvvFD_RcOILVEf7CNVXFkEHwPPowD3L2bqqKl3kqPUzRVTtg2fzyyxlP_wQqyt73LIKiwbis7sg5BY8JX0Zi0qWa38NA7Jc7j_ZmlNu3wFIxwr-48IfHr4TQhaFYAA6EbKE5GvtB4W9G7kfVu6mbeH30pQAbKnIbj-2ZDqCaAhz6Nl0pWtBROAbxcGvXVRDH1oCqyEuUMx7PdqbUV33vf5c6bji6a0Cev6FpcCZ0VDHBb1BElYCO_diuM2y4T2oqRa-OtP9D__t8hkiiISYUIDvriUkYk4uV1XEtVNtsLHx7vlfjJU8PnGGKhq0vyDICGIEBCkfzq4i-_dL6Z4lVeJj3dp3FfyEyA3H2XEwH9fkxWmF4NnauUacCvD2qChTpKmiMNINNCAnmRl3s1MEFpc8L4CMSPl8e4tAKfN4CuYgHEC-rdC5HAwnzIe-rVMk5tP2sgL6eyPuciKXfUeGZFRFaZynG6TC06PqXOzSsDlrq1if1u-IUgKraOgX-zli0Ul1Jj9oHxRNCNyOfB8N5Odb5ksYnHy0OZkJsErjJRYaIkKMu0qhM2p-pavkr7OwLoO85Z6outZyOQJSgChB6fKf_O6zazX5rZ7A539pGl40foV5BJiDraeeUKsGYj3sqKkJEX7EccrL4_A-ndra6NptSCuHHlFYldLjDt_BFw_vkF6k5YSin0HlSjcevA3iOkbwDogSAgChe2SpJirodB6_Ys8mlglX--bpm8ENPZZIb77tNNocXY-YDZg98_GlWUnMO_zwoQHrBzp-5UmFGC1FHibn2x0s3VcoauwVtro6Pbe1WULDknSQhma8KgNhbqzeFgsxMNTJfZd5pgXrei21mUWOIWFFi607ggpOo9pOZGWRN8XPAuRkpMCHggFH9_HxW9117ygoiZZp7YhUd8cu5puJFSbhvbUjjY-8NrHBD6oxxEu-PmfJb_09cww0OQ0mZwmNSJhCiMX1OLNo-O7vbAkvNoprQfrW5K16ITSllBWSqOiGPKEDFs-NSg6T-zlqgdVyQutqcMAx2Emhh2kcEMGX1ZPdKbYS41nmHA-tQVRqkm-69F2O5mRdWUD6YvoWyn1OHezROU7J-1j7Ga9f8yJKQLF_hMa1OKjJhuBNdv4XiQuIe66hCxyRaMpDDA2infLuH7fZ_df_G-PcUpmxL2xzMQJ8cz4UkL4VSDaPZmhMmw0wTaZXnGuMkCz2xE8Zp6Azm4_yNZHansbkpEvPTSqEfgCtXNejrw9rYA2BpaMVl4AwZdzNQ-HKHQEi_s2RzJtFSG24_iVROwh468R7clNKnvdl1FIwQoR8ujGM9hHn7rQmT3d_V6MvNwtjj3ndmBFj0hCtcOGDmokYK4PSJm7bt5vRZpY_kgUMjUQqGJkCAWN3IbsE5HDdH9bCrxAXSOJJFycT3tr1cIdUnhWsjnhXV-zeJYNrabFK7Bss5Qy-40xgnWHVtS1VS2Fh3Fca5V7g05kyiRE5FbtpKz_fugCzftWMr7FzlBUsnV4rAY3n60XheCXpAuxkUZgc7iehAu3gdTOGz0xnFY35NMBOFuwctLy9U3q68f4JrIFO4GzBS4ACWI2-XaRNndBMRgfE_cNLPuLxA_qzzdHhsSwN6k8PtoFu6_gomWvAzODJPRpq5NDjWI0FGPMeRl-T5p8-YJ8IRw6X7kNFKmqDg_amga6J5iW7EIAZJYI39pFGruRR1iftTV3fuuFQQ05tl43lfYrSyOVJDOSyhHJvnMLBL4EGMYOVn0vqKS7mHXwJCVV5yHRuKU5BOjYPseNmZQdZptsNquYpkBHNa9fHuHWlh-tdVRYu5TxbmiqEJPLoeJJwOWKt2JvRBqgvOojiMFZ2de1A7VCoQS7xAZx6I5-vb6y5YISD_MdfMhlMfrIRkj6vqCk1dnhtFm7u-OGlTdXdt_OtREDe8q-ib8YXLdg7lghblBvQn2MPxxU0xjUzeVk8rdflEm6XvN2W1bYxv00anZIashYXqLZdM_SXUbxwkuKREQeitTeqF7Ha4w6k0d9OD3l-ZeIs6VMNw0bmio6mZlv2Nuwp1gWTfjtXYrQie1SiwwQER2daSs0_wEtLlOoHR3acnb9A3ZWXVTrZx0DVRIhJXIUZVTqAFUX2Ixem0hFY9YTWEMyaxr8G2DgL9OhqV36V_YNTnquPx726eh2P59VSD4nWcfBsUYmBHQ4yJRr0hKhJm4qCmapLQbmtYVy-E9SE2WyYkwZOTjo9JdTFRUeITmwo7FgTex-L1ernfXBCVIrt5NgJZ5soIzbl6gck4bVWXRiA1JUhNX2rhTmS-uE6rMlZZvvXqGvB0EGk0TTrd8_Lumoe7cqu5nP7w8Y7Ilfq8gdtRkf2gHbmDlZEl0VXP2HAsbvcAAYYHSM_Twp7tvGIiFL8YG23xtGawN72XW7TdE3N1IEKGI7Nbbx5fDlNUz2ETmg7zwycLR9Aggj-VVtFmvYOyKnN4XfKZz-Hfp4jw9WBsT1fj42-ko-LR4X_WZ_M-dfyYdpXhiW5eeYeKKxnrVHcJaPdk3vlVXY-szNyRi9lO4rWEQmfiMwX4KV0sEVsMbz9NRkht4lBF_2-2ewMLxqiy0gEQh6YFlcxv3vzHqDeL_eJQg9jA9XoyBc0wXu7kgoDnsmGAVRY7H5olxUiI4kV-u9T_VgtcE1nBXynIPieoiVGqoAoqFgmaKGv-Gq1DryLW-o0VDO7yv0zyqoADwSmez5GN0iAQP5Op1hA5EoUHLwsUO25BypExtvzykPYlUatQJ-RevUPSAok48&cid=CAQSPgDq26N9uia02gfYDNuuF8ZP8USZlIcEVrlR1ErxSiZeAnRlldLZJKmQ5fLka2J6G-NYVqOvWOJCQPrsE54JGAEgDg&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f156.1e100.net
Software
cafe /
Resource Hash
b912e1e23a207a7f6a3ff664daa484241eb0c0520aeafb5084de887f78c8911a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16194
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 3C91
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CaVm7ErFQY5SqMfm4x_AP4MikkAHCmof2bOqbgoj8D_e3vs-IChABIPmb8YQBYJWCgICYB8gBBakCeJDTZRlisD6oAwGqBKcCT9DpctMxpi8jmf60n6AEfmeY8M8mubMud8hXoUeAfM1zg2SioRu4kIY1OXlJaC1PgnHtiDW1-Zx7xJaJXFFkjlYM4W1BrJcc7bjHf0zrmSlmgp4HBpdhVXuTMmhA6iKUoz7XENg9H0L_l-U8TPOB5UKG_Aadu_0hVy8q54Y4fMHixGDnxXUIRn-0rH9d_sY985Vrmi7lEgqFk_7JA2Mr-vJ2fcdpoupZSzU2jp2_UiVVp3NFIBRrankXw_hmz6SsbVfJ3oZhUfgAElYhwArlN386g3t-uJBki3NWayV5M1HgPjHpLtAAEk1T4HXN4O53YMyLNeU4pqhKtAU0FDIKWuYU_FaEzrT7h6Ez2B3Vr4W7ni0x7oCOyJ_TYOPj-yOQpjSUT-mqq8AEzO3LnZIE4AQDiAWepbqbRZIFBggbEAIYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAH2I7rvgKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChDEoRkYpIfp1QHSCBAIiGEQARgdMgOKggE6AoBAgAoDyAsBsBOo0OsQyBPoh6DhA9ATANgTCogUBNgUAdAVAYAXAbIXHgocCAASFHB1Yi00MTEzNjgxODgyMzExNDU1GITbew&sigh=-WT95xbMmOk&uach_m=[UACH]&cid=CAQSPgDq26N9uia02gfYDNuuF8ZP8USZlIcEVrlR1ErxSiZeAnRlldLZJKmQ5fLka2J6G-NYVqOvWOJCQPrsE54JGAEgDg&vt=10
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

truncated
/ Frame FACD
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d2341d34d912b37876b637b593430b19b0793d153368bf7a841f2bab372aec5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3C91
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b8dffd2551b7a654fde7004d5c8f1630a40b62f000586d1c5f4ddbf976287f6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
insights.bin
ins.connatix.com/62e98d119ea592f786f5317b3d1ce789/ Frame 1139
36 B
292 B
XHR
General
Full URL
https://ins.connatix.com/62e98d119ea592f786f5317b3d1ce789/insights.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d82568c036d82f6920617df04f661f9324c4e9fce3839b2dedb6429cd490c545

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:15 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 18:30:17 GMT
age
2483806
etag
"a088381e9776ab33ec88ee527b5253eb"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
56
request.php
hal90004.redintelligence.net/ Frame 63A3
Redirect Chain
  • https://hal90004.redintelligence.net/request.php?zone=s5p1ff0cz8rl&nw=20&renderingType=javascript&namespace=5058e42b7d&subid=&uid=757f05034b172840&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90004.redintelligence.net/request.php?zone=s5p1ff0cz8rl&nw=20&renderingType=javascript&namespace=5058e42b7d&subid=&uid=757f05034b172840&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
0
0

view
securepubads.g.doubleclick.net/pcs/ Frame 66E1
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvt4mVbJsFd4q5iUirPXkL022dBWbD7ntE-RcK7zDlJMZtMC9g-3QC44mtTE5sA2U3XPksJQuKZjRSCN4psBN2hral5-EqHfLG2K6BaMkaZZrZb5hosBd4wVSLj8-1LrEBlVCQrXQCkPFklcW7LgZCvH7ZOLYOMl4ZV_wl3tLHqUCt-vqT2YhvlfVaP3cZpSfxCiKESo9XPD8ps8J6GMNt-oPtl5g68i1hQ8WxNvRQv_wiGhGlB0MyBp4GNCfx06vG8z4UpkGm9fA6r_pIHSMBRa8uCKWkSakcdPqLgeKTnP7lKn9u_H-4oRSLgmrDHjaI2B-GjY4YM3culRHi88kPjkVla&sai=AMfl-YRVoGC1egsHKLPiqIm2UCVIb8rue3g98oK2BwwJ_MYXpzQKektvBfCZ01EUZhstlkAPSkFhfDxTL2TGXTWcaJa73NvXqlPXj23p-B-gyDDoI4740I2k8PwTo2AaU920c4ff&sig=Cg0ArKJSzL2eu-x9yXgOEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 20 Oct 2022 02:23:15 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 66E1
12 B
476 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.imleagues.com&callback=_gfp_s_&client=ca-pub-1752690355379860&cookie=ID%3D2d2fb44953f594e2-224b1b8651ce0003%3AT%3D1666232594%3AS%3DALNI_MYYwzghvJ8rnmTsU105T0o707nLPg&gpic=UID%3D00000b75981a84f1%3AT%3D1666232594%3ART%3D1666232594%3AS%3DALNI_MYuLm_oiNWQjFEz_cwdhDYv68q7Ng&gpid_exp=1
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 66E1
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.imleagues.com
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 66E1
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.imleagues.com
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 66E1
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.imleagues.com%2Fspa%2Faccount%2Flogin%3Fredirecturl%3Dhttps%3A%252F%252Fwww.imleagues.com%252FSchool%252FViewMCMessage.aspx%253FSchId%253Dae6dfe7f46634b3f9c6076c71e0555e8%2526MessageId%253D9532fc765e5f4e07ba36fa17ab037eb8&tn=DIV&id=amp_floatingAdDiv&ign=false&pw=1600&ph=1200&x=800&y=1130.4
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https:%2F%2Fwww.imleagues.com%2FSchool%2FViewMCMessage.aspx%3FSchId%3Dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3D9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 02:23:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 386B
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-1752690355379860&output=html&adk=1812271804&adf=3279755405&lmt=1666232595&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.imleagues.com%2Fspa%2Faccount%2Flogin%3Fredirecturl%3Dhttps%3A%252F%252Fwww.imleagues.com%252FSchool%252FViewMCMessage.aspx%253FSchId%253Dae6dfe7f46634b3f9c6076c71e0555e8%2526MessageId%253D9532fc765e5f4e07ba36fa17ab037eb8&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666232595521&bpp=3&bdt=312&idt=280&shv=r20221018&mjsv=m202210110101&ptt=9&saldr=aa&cookie=ID%3D2d2fb44953f594e2-224b1b8651ce0003%3AT%3D1666232594%3AS%3DALNI_MYYwzghvJ8rnmTsU105T0o707nLPg&gpic=UID%3D00000b75981a84f1%3AT%3D1666232594%3ART%3D1666232594%3AS%3DALNI_MYuLm_oiNWQjFEz_cwdhDYv68q7Ng&nras=1&correlator=1596372447455&frm=23&ife=4&pv=2&ga_vid=1514818731.1666232593&ga_sid=1666232596&ga_hid=1771893069&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=728&ish=90&ifk=410253922&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706&oid=2&pvsid=3171344166930078&tmod=807477497&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.nqc0fwbmxljn&fsb=1&dtd=302
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.imleagues.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 20 Oct 2022 02:23:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 66E1
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221018&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1752690355379860&plah=www.imleagues.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11bd7e0c8b494db7ff79d71d3f29d35b4f739feca1146fbbcea097cbb1a4a682
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11230
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 39DB
436 B
232 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-1752690355379860&output=html&h=90&slotname=2091879476&adk=931657744&adf=3173046724&pi=t.ma~as.2091879476&w=728&lmt=1666232595&format=728x90&url=https%3A%2F%2Fwww.imleagues.com%2Fspa%2Faccount%2Flogin%3Fredirecturl%3Dhttps%3A%252F%252Fwww.imleagues.com%252FSchool%252FViewMCMessage.aspx%253FSchId%253Dae6dfe7f46634b3f9c6076c71e0555e8%2526MessageId%253D9532fc765e5f4e07ba36fa17ab037eb8&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666232595521&bpp=1&bdt=312&idt=285&shv=r20221018&mjsv=m202210110101&ptt=9&saldr=aa&cookie=ID%3D2d2fb44953f594e2-224b1b8651ce0003%3AT%3D1666232594%3AS%3DALNI_MYYwzghvJ8rnmTsU105T0o707nLPg&gpic=UID%3D00000b75981a84f1%3AT%3D1666232594%3ART%3D1666232594%3AS%3DALNI_MYuLm_oiNWQjFEz_cwdhDYv68q7Ng&prev_fmts=0x0&nras=1&correlator=1596372447455&frm=23&ife=4&pv=1&ga_vid=1514818731.1666232593&ga_sid=1666232596&ga_hid=1771893069&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=437&ady=1107&biw=1600&bih=1200&isw=728&ish=90&ifk=410253922&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706&oid=2&pvsid=3171344166930078&tmod=807477497&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.meg9fnhy9te3&fsb=1&dtd=310
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9d075107caceb238f6ce45d01192f49931da908d594edec55a74586b324174f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.imleagues.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 20 Oct 2022 02:23:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sr
capi-tier-2-us-east-2.connatix.com/tr/ Frame 1139
0
0

gpt.js
securepubads.g.doubleclick.net/tag/js/
79 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b386c682bd717b9331b7d41707072876ee38cc92324ec25f5bd65d76ca59f93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27389
x-xss-protection
0
server
sffe
etag
"1369 / 103 of 1000 / last-modified: 1666217363"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 20 Oct 2022 02:23:15 GMT
3_media.bin
vid.connatix.com/pid-44850eea-8c61-44b8-88de-e0e701c6b52d/fc88c4e0-e981-4cc5-8ea6-6e9d9a63afe7/ Frame 1139
233 B
289 B
XHR
General
Full URL
https://vid.connatix.com/pid-44850eea-8c61-44b8-88de-e0e701c6b52d/fc88c4e0-e981-4cc5-8ea6-6e9d9a63afe7/3_media.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7e5cf786ad472c8667ed6879d915a81a1b11e6fb26a04818e10882fa62f87432

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:15 GMT
content-encoding
gzip
last-modified
Thu, 17 Sep 2020 01:41:05 GMT
age
1235116
etag
"2048d3c11d9dd122d9c9d49a3fed0de4"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
198
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 1139
75 KB
0
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
129648
x-xss-protection
0
expires
Thu, 20 Oct 2022 02:23:16 GMT
elements.ui.3c38cc5f251a46e1e9db.js
cds.connatix.com/p/191837/ Frame 1139
56 KB
13 KB
Script
General
Full URL
https://cds.connatix.com/p/191837/elements.ui.3c38cc5f251a46e1e9db.js
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
846a7fcdb5b4dab1207373eb0ceb4f9796330e3199184ae96de2c87ad57e8d71

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:15 GMT
content-encoding
br
last-modified
Wed, 19 Oct 2022 12:23:52 GMT
age
49738
etag
"83e33bfb48a5dca17402c0ef82a0d0fc"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
13594
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame FACD
41 KB
0
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 11:28:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
485669
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Oct 2023 11:28:47 GMT
file.mp4
gcdn.2mdn.net/videoplayback/id/30d4d59621e107be/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1697768595/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/9C5... Frame FACD
0
0

csi
csi.gstatic.com/ Frame FACD
0
0

sodar2.js
tpc.googlesyndication.com/sodar/ Frame 66E1
0
0

HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 3C91
36 KB
0
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 11:28:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
485669
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Oct 2023 11:28:47 GMT
file.mp4
gcdn.2mdn.net/videoplayback/id/30d4d59621e107be/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1697768595/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/7DD... Frame 3C91
0
0

csi
csi.gstatic.com/ Frame 3C91
0
0

1.png
img.connatix.com/pid-44850eea-8c61-44b8-88de-e0e701c6b52d/44850eea-8c61-44b8-88de-e0e701c6b52d/
6 KB
7 KB
Image
General
Full URL
https://img.connatix.com/pid-44850eea-8c61-44b8-88de-e0e701c6b52d/44850eea-8c61-44b8-88de-e0e701c6b52d/1.png
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https:%2F%2Fwww.imleagues.com%2FSchool%2FViewMCMessage.aspx%3FSchId%3Dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3D9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
739ab1cbd5fc795c806cfbc012e937834a1d566f02ed72ff02af2700c0629eb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:16 GMT
content-encoding
br
age
2470080
etag
"DumiNnuNu90/b0QD3JCDdge4FCERvGoUsGg502wu/VY"
access-control-max-age
86400
content-type
image/png
fastly-io-info
ifsz=8114 idim=288x42 ifmt=png ofsz=6487 odim=288x42 ofmt=png
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-length
6487
hls.0f8c90570c11654c76fa.js
cds.connatix.com/p/191837/ Frame 1139
162 KB
47 KB
Script
General
Full URL
https://cds.connatix.com/p/191837/hls.0f8c90570c11654c76fa.js
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https%3a%2f%2fwww.imleagues.com%2fSchool%2fViewMCMessage.aspx%3fSchId%3dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3d9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c106633f94ccacb681cb57837404d78c00246f81b80a19a7875054cdb4ed4315

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:16 GMT
content-encoding
br
last-modified
Wed, 19 Oct 2022 12:23:52 GMT
age
49738
etag
"623e74fa103ef8d6ffac130f3889f76d"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
48351
ao
capi-tier-2-us-east-2.connatix.com/tr/ Frame 1139
0
0

bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/
23 B
460 B
XHR
General
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.imleagues.com%2Fspa%2Faccount%2Flogin%3Fredirecturl%3Dhttps%3A%252F%252Fwww.imleagues.com%252FSchool%252FViewMCMessage.aspx%253FSchId%253Dae6dfe7f46634b3f9c6076c71e0555e8%2526MessageId%253D9532fc765e5f4e07ba36fa17ab037eb8&pid=jyCY83wRLh1A5&cb=1&ws=1600x1200&v=22.10.131733&t=2000&slots=%5B%7B%22id%22%3A%22Amazon_400x225%22%2C%22mt%22%3A%22v%22%7D%5D&cfgv=1&pubid=cb8cfc89-e83e-44aa-a3a2-ff78eda781ef&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-236.fra6.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:16 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA6-C1
x-amz-rid
2QZSTCNFJX67VS2C43G6
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.imleagues.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
UbJzCAtW04NdVXhdLFvIIa7d36KECWdMjdC0dsWF5hVp1ah61t1teA==
g
capi-tier-2-us-east-2.connatix.com/rtb/ Frame 1139
0
0

ps
capi-tier-2-us-east-2.connatix.com/tr/ Frame 1139
0
0

1_th.jpg
img.connatix.com/pid-44850eea-8c61-44b8-88de-e0e701c6b52d/fc88c4e0-e981-4cc5-8ea6-6e9d9a63afe7/
5 KB
5 KB
Image
General
Full URL
https://img.connatix.com/pid-44850eea-8c61-44b8-88de-e0e701c6b52d/fc88c4e0-e981-4cc5-8ea6-6e9d9a63afe7/1_th.jpg?crop=320:180,smart&width=320&height=180&format=jpeg&quality=60&fit=crop
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https:%2F%2Fwww.imleagues.com%2FSchool%2FViewMCMessage.aspx%3FSchId%3Dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3D9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
209706a5a319493bb2a1814e1e99e5e3c4f9f9db9fe36455592eb8e42448c24a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.imleagues.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:16 GMT
content-encoding
br
age
1235339
etag
"zXgcbBMDVFlnatlwdpL/wFY5HOITB9zNujVx0SZYTS0"
access-control-max-age
86400
content-type
image/jpeg
fastly-io-info
ifsz=74498 idim=2560x1440 ifmt=jpeg ofsz=5261 odim=320x180 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-length
4821
csi
csi.gstatic.com/ Frame FACD
0
0

csi
csi.gstatic.com/ Frame FACD
0
0

csi
csi.gstatic.com/ Frame FACD
0
0

csi
csi.gstatic.com/ Frame 3C91
0
0

csi
csi.gstatic.com/ Frame 3C91
0
0

csi
csi.gstatic.com/ Frame 3C91
0
0

activeview
pagead2.googlesyndication.com/pcs/ Frame 66E1
0
0

prebid7.17.0-3.js
cds.connatix.com/p/plugins/
500 KB
136 KB
Script
General
Full URL
https://cds.connatix.com/p/plugins/prebid7.17.0-3.js
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
266a8361ba239ddebd0d2a46cacad5200d9224ca1fd819a38ffc2c2e96ced681

Request headers

Referer
https://www.imleagues.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 20 Oct 2022 02:23:16 GMT
content-encoding
br
last-modified
Mon, 03 Oct 2022 13:29:06 GMT
age
1428694
etag
"fb416f8b0dd4327f96a1627312a1e3bc"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
139245
usync.html
eus.rubiconproject.com/ Frame 1017
281 B
573 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.imleagues.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 20 Oct 2022 02:23:18 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 104E
3 KB
2 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.imleagues.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
534
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
75ce4a6c7d72bb95-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 20 Oct 2022 02:23:18 GMT
expires
Thu, 20 Oct 2022 06:23:18 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
2000891.html
sync.serverbid.com/ss/ Frame 84D3
3 KB
1 KB
Document
General
Full URL
https://sync.serverbid.com/ss/2000891.html
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-52.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
16b92797922c454d20656cf372aba635c26abd1a5e670be6fe764eb754072f79

Request headers

Referer
https://www.imleagues.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
81083
content-encoding
br
content-type
text/html
date
Wed, 19 Oct 2022 03:51:56 GMT
etag
W/"9bdf07edf9748679e68501fc5ad7a4ec"
last-modified
Tue, 18 Oct 2022 18:04:49 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
x-amz-cf-id
6GpwJyc9rIuoSxJE34a3ZpCFmlCe9YvIvKprKvQ46hQFxDC6EdmZYw==
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2512
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.imleagues.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=25783
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 20 Oct 2022 02:23:18 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 20 Oct 2022 09:33:01 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame F9E2
666 B
729 B
Document
General
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
b921107c85fd5729924d0f042f1a05f64f742bdea8d841d8d6dad64ac1bf57a6

Request headers

Referer
https://www.imleagues.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
417
content-type
text/html
date
Thu, 20 Oct 2022 02:23:18 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame 4374
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.imleagues.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
78864
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 20 Oct 2022 02:23:18 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 19 Oct 2022 04:28:54 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
320, 1149090
X-Served-By
cache-lga13626-LGA, cache-hhn4033-HHN
X-Timer
S1666232598.473469,VS0,VE0
sync.html
public.servenobid.com/ Frame 1890
9 KB
4 KB
Document
General
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-81.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bee00dc9ac61a6eae0a5a1efd6af3ba501f5d4208e5e21e1bbc545db78c161fe

Request headers

Referer
https://www.imleagues.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
72750
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Wed, 19 Oct 2022 06:10:48 GMT
etag
W/"73e6cbdab99355b35d71abf2ea225ccb"
last-modified
Fri, 14 Oct 2022 20:27:38 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
x-amz-cf-id
5DpP595ilUWbMScj4oWOTQGf0y6Fh1kBy3gOvjTTrag6HKTJQthPPQ==
x-amz-cf-pop
FRA6-C1
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:3af1d685-3010-4d5a-b093-b3a07cfff8d4
x-amz-meta-codebuild-content-md5
7549bc6c6d823788ee0fb3e82c36711f
x-amz-meta-codebuild-content-sha256
a4bfb92c455b4ab78db908287ee14cc08cc0080652f1ca29578852e9526e8fda
x-cache
Hit from cloudfront
sync
eb2.3lift.com/ Frame 2BF0
37 B
140 B
Document
General
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: d1sle6ww94m2ue.cloudfront.net
URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.imleagues.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Thu, 20 Oct 2022 02:23:18 GMT
sd
eu-u.openx.net/w/1.0/ Frame F9E2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e75e6350-b113-4b00-8f8c-a45e6b3c4ecb
43 B
61 B
Image
General
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e75e6350-b113-4b00-8f8c-a45e6b3c4ecb
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 02:23:18 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Thu, 20 Oct 2022 02:23:18 GMT
Server
MT3 4539 98cc2da master cdg-pixel-x34 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e75e6350-b113-4b00-8f8c-a45e6b3c4ecb
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 20 Oct 2022 02:23:17 GMT
sd
us-u.openx.net/w/1.0/ Frame F9E2
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=YT8k_zU9IP16aXT2YWk8_2ZqcPh6aHSsbz9Yrtkf
43 B
122 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=YT8k_zU9IP16aXT2YWk8_2ZqcPh6aHSsbz9Yrtkf
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 02:23:18 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 20 Oct 2022 02:23:18 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=YT8k_zU9IP16aXT2YWk8_2ZqcPh6aHSsbz9Yrtkf
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame F9E2
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2266870839298379810
43 B
61 B
Image
General
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2266870839298379810
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 02:23:18 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 20 Oct 2022 02:23:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2266870839298379810
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame F9E2
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=917db741-b52b-3897-62d3-2d6303bc1962&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 20 Oct 2022 02:23:18 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame F9E2
170 B
502 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YmQxMjY0OGItN2M1Yy02NjMzLTc3MzMtNzdkYWM5NWVkNzAy
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 02:23:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame F9E2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESED6roAUx7BIWZQg80wgZ0HE&google_cver=1
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESED6roAUx7BIWZQg80wgZ0HE&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 02:23:18 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 20 Oct 2022 02:23:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESED6roAUx7BIWZQg80wgZ0HE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8733
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=25783
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 20 Oct 2022 02:23:18 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 20 Oct 2022 09:33:01 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
13926
g2.gumgum.com/usync/ Frame 9AB0
4 KB
2 KB
Document
General
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.5.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-5-183.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1f5355039d97a5cd147148dcfd13cb53c5d17b123beb4e0ec5a12e96464fb3a9

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 20 Oct 2022 02:23:18 GMT
etag
W/"01415649f4b9f868afb72076e6ce8afd7"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 69E1
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame DC3B
767 B
1017 B
Document
General
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
44bef581b98e9eab6e3fe55601a959edb6796784490c777e07e9b0af825b43d5

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
767
content-type
text/html
date
Thu, 20 Oct 2022 02:23:17 GMT
usermatch
ssum-sec.casalemedia.com/ Frame FC7F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
2 KB
1 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fd7d2fff65037b7ba975873d8fe894cb3d1aa9f471188b3c2a136899105417a

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75ce4a6e1b9392c5-FRA
content-encoding
br
content-type
text/html
date
Thu, 20 Oct 2022 02:23:18 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zcpeHtTbK9rGDi7h3IL5C7Q053ChJj3NvrO32kreAnL27nOycJHsgDXlhyVCrMcKgUpamer2OKMX%2BGfltVg16xpnM9CTJ2ocY2kw4i377Q%2BYSSqOFWVZeYnc6H6KpqzQMRUB2YJdxLYlUg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75ce4a6d7c259b98-FRA
content-length
0
date
Thu, 20 Oct 2022 02:23:18 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=isSmaqsSBP%2F3h1yeBII%2FIxEwJunMcgFtrrea7TUfEaTlsIhM7L%2F7Ckl4XSf9ojaiLZBTxF%2BFfDc12VTsfsBt8ukKhHgt7bC%2B0M%2Fovp9AkUjZfwN%2FeyE0jsS9T3KMHIDhIzpv25Rnvrzkvw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame FEFE
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
573 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 20 Oct 2022 02:23:18 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 20 Oct 2022 02:23:18 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B22F
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=25783
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 20 Oct 2022 02:23:18 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 20 Oct 2022 09:33:01 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
sync.php
pixel.rubiconproject.com/exchange/ Frame 1890
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame 1890
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526uid%253D%2524UID
  • https://ads.servenobid.com/sync?pid=312&uid=8752257161968039172
0
344 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=312&uid=8752257161968039172
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.246.170.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-170-209.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Thu, 20 Oct 2022 02:23:18 GMT
AN-X-Request-Uuid
a548a68f-01c9-4277-9600-ffbb0dfee7c2
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ads.servenobid.com/sync?pid=312&uid=8752257161968039172
Connection
keep-alive
X-Proxy-Origin
80.255.7.102; 80.255.7.102; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 1890
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ads.servenobid.com/sync?pid=310&uid=FgpvpBZHVWlzaSomRKSISevE
0
350 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FgpvpBZHVWlzaSomRKSISevE
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.246.170.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-170-209.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Thu, 20 Oct 2022 02:23:18 GMT
pod
X-Sovrn-Pod: ad_ap6ams1
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://ads.servenobid.com/sync?pid=310&uid=FgpvpBZHVWlzaSomRKSISevE
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-length
0
expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame 1890
0
277 B
Image
General
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 20 Oct 2022 02:23:18 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
ads.servenobid.com/ Frame 1890
Redirect Chain
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=314&uid=5275f076-8650-4629-a0ad-f499832a54dc
0
356 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=314&uid=5275f076-8650-4629-a0ad-f499832a54dc
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.246.170.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-170-209.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=314&uid=5275f076-8650-4629-a0ad-f499832a54dc
date
Thu, 20 Oct 2022 02:23:18 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
119
vary
Origin
content-type
text/html; charset=utf-8
generic
match.adsrvr.org/track/cmf/ Frame 1890
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1666232598643
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5071786325
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5071786325
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 20 Oct 2022 02:23:18 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Thu, 20 Oct 2022 02:23:18 GMT
etag
RXa445ea93251a4e3b89c2a43e4ddfc601003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5071786325
cache-control
no-store, no-cache, must-revalidate
expires
0
sync
ads.servenobid.com/ Frame 1890
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5107433824908013401
0
344 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5107433824908013401
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.246.170.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-170-209.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5107433824908013401
Date
Thu, 20 Oct 2022 02:23:18 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame 1890
0
500 B
Image
General
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 Oct 2022 02:23:18 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-142
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame 1890
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=001dcc18-e9f7-4476-84db-81d37d5a8b27&gdpr=0&gdpr_consent=&us_privacy=1YN-
0
356 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=327&uid=001dcc18-e9f7-4476-84db-81d37d5a8b27&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.246.170.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-170-209.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=001dcc18-e9f7-4476-84db-81d37d5a8b27&gdpr=0&gdpr_consent=&us_privacy=1YN-
date
Thu, 20 Oct 2022 02:23:17 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 1890
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true
  • https://ads.servenobid.com/sync?pid=337&uid=y-i8YSsZRE2uFy99biFiCEAvFmXXXm1W8f_fc03RI-~A
0
366 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-i8YSsZRE2uFy99biFiCEAvFmXXXm1W8f_fc03RI-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.246.170.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-170-209.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-i8YSsZRE2uFy99biFiCEAvFmXXXm1W8f_fc03RI-~A
date
Thu, 20 Oct 2022 02:23:18 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.servenobid.com/ Frame 1890
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0zYzM0N2E4Yy0zNzgxLTM3NjktYjI4MC1jZTc0YzZmNjU5MzQqU2h0dHBzOi8vYWRz...
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS0zYzM0N2E4Yy0zNzgxLTM3NjktYjI4MC1jZTc0YzZmNjU5MzQqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtM2MzNDdhOGMtMzc4MS0zNzY5LWIyODAtY2U3N...
  • https://ce.lijit.com/merge?pid=279534&3pid=ua-3c347a8c-3781-3769-b280-ce74c6f65934&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRN...
  • https://ssp.disqus.com/match?bidder=12&buyeruid=FgpvpBZHVWlzaSomRKSISevE&r=Cid1YS0zYzM0N2E4Yy0zNzgxLTM3NjktYjI4MC1jZTc0YzZmNjU5MzQqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtM2...
  • https://ads.servenobid.com/sync?pid=346&uid=ua-3c347a8c-3781-3769-b280-ce74c6f65934
0
358 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=346&uid=ua-3c347a8c-3781-3769-b280-ce74c6f65934
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.246.170.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-170-209.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:20 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=346&uid=ua-3c347a8c-3781-3769-b280-ce74c6f65934
pragma
no-cache
date
Thu, 20 Oct 2022 02:23:19 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
sync
ads.servenobid.com/ Frame 1890
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ups.analytics.yahoo.com/ups/58632/occ?verify=true
  • https://ads.servenobid.com/sync?pid=339&uid=y-i8YSsZRE2uFy99biFiCEAvFmXXXm1W8f_fc03RI-~A
0
366 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-i8YSsZRE2uFy99biFiCEAvFmXXXm1W8f_fc03RI-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.246.170.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-170-209.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-i8YSsZRE2uFy99biFiCEAvFmXXXm1W8f_fc03RI-~A
date
Thu, 20 Oct 2022 02:23:18 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
bounce
ib.adnxs.com/ Frame 4374
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
811 B
Script
General
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 Oct 2022 02:23:18 GMT
AN-X-Request-Uuid
16d000fb-d436-4d93-941b-bbae66122349
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.102; 80.255.7.102; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 20 Oct 2022 02:23:18 GMT
AN-X-Request-Uuid
ca221c41-61c1-4730-a30a-e53b463b4ddc
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.102; 80.255.7.102; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/usync/ Frame F0F1
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=6c68086c0c61793
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4211
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=25783
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 20 Oct 2022 02:23:18 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 20 Oct 2022 09:33:01 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
rid
match.adsrvr.org/track/ Frame 84D3
63 B
392 B
Fetch
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
0d5c3da332070524665477a39ea461fa75b076c27bd17a6e9ec143501231f593

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:18 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sync.serverbid.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Sat, 19 Nov 2022 02:23:18 GMT
usersync
x.serverbid.com/ Frame 84D3
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=FgpvpBZHVWlzaSomRKSISevE
35 B
268 B
Image
General
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=FgpvpBZHVWlzaSomRKSISevE
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:18 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Date
Thu, 20 Oct 2022 02:23:18 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=FgpvpBZHVWlzaSomRKSISevE
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
um
cs.emxdgt.com/ Frame 84D3
0
55 B
Image
General
Full URL
https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D9%26spui%3D%26dpui%3D%24UID
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.75.3.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-3-113.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:18 GMT
content-length
0
content-type
text/html
usersync
x.serverbid.com/ Frame 84D3
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y1CxFsUqTWEyZ-0PLjd2SAAA%261139
35 B
217 B
Image
General
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y1CxFsUqTWEyZ-0PLjd2SAAA%261139
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:18 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

pragma
no-cache
date
Thu, 20 Oct 2022 02:23:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZgxGe91tSpIqFeUFJNJvr7Uxslqweb3lEeDnCg64B83xX2PuKsF61FybJNcS4Z1dfIpbDwYZ6bDCleGQ8aWs8%2FVVQUpgir5zbttL1BUWncgCW2Q58XqGc%2FBOEn%2BzROO8tKg%2F7z93eZ%2BmVg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y1CxFsUqTWEyZ-0PLjd2SAAA%261139
cache-control
no-cache
cf-ray
75ce4a6e1b8d92c5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pbs.gif
sync.colossusssp.com/ Frame 84D3
20 B
20 B
Image
General
Full URL
https://sync.colossusssp.com/pbs.gif?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5974%26spui%3D%26dpui%3D%5BUID%5D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.2.111.121 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 20 Oct 2022 02:23:18 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain
usersync
e.serverbid.com/ Frame 84D3
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58671/occ
  • https://ups.analytics.yahoo.com/ups/58671/occ?verify=true
  • https://e.serverbid.com/usersync?cn=732&ttt=1&dpui=y-i8YSsZRE2uFy99biFiCEAvFmXXXm1W8f_fc03RI-~A
35 B
217 B
Image
General
Full URL
https://e.serverbid.com/usersync?cn=732&ttt=1&dpui=y-i8YSsZRE2uFy99biFiCEAvFmXXXm1W8f_fc03RI-~A
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:18 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

location
https://e.serverbid.com/usersync?cn=732&ttt=1&dpui=y-i8YSsZRE2uFy99biFiCEAvFmXXXm1W8f_fc03RI-~A
date
Thu, 20 Oct 2022 02:23:18 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usersync
x.serverbid.com/ Frame 84D3
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.serverbid.com%252Fusersync%253Fttt%253D1%2526src%253D2%2526cspi%253D0%2526cn%253D5551%2526spui%253D%2526dpui%253D%2524UID
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=898287034406155548
35 B
217 B
Image
General
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=898287034406155548
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:18 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Pragma
no-cache
Date
Thu, 20 Oct 2022 02:23:18 GMT
AN-X-Request-Uuid
cad063b4-3eb0-4dd3-8df7-f6ef3f737788
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=898287034406155548
Connection
keep-alive
X-Proxy-Origin
80.255.7.102; 80.255.7.102; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usa
sync.go.sonobi.com/ Frame 84D3
0
496 B
Image
General
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 Oct 2022 02:23:18 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-9
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 1017
32 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
256f6bec6a211d7c3445e856d793846aca14627b2d03c2186c6233140996c1d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 20 Oct 2022 02:23:18 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Oct 2022 18:37:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=27963
Connection
keep-alive
Content-Length
9454
Expires
Thu, 20 Oct 2022 10:09:21 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 8397
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.imleagues.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.imleagues.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
1 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.imleagues.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
745fee72951bf6a61128e9d42958ffe9a8050bcd2da5fdca1bf669ef6bcfdab1

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75ce4a6e1b9192c5-FRA
content-encoding
br
content-type
text/html
date
Thu, 20 Oct 2022 02:23:18 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2Bg8IybOwcCjW9uQ27SL5dPbnn3M%2BxHEX5ncMJWH2u8QWreP%2FFMy18Y54r%2B7MB3u0kETmNbrBYI0qKqZS8%2BRzQhCkomOWm%2BoSWgV38%2BYXbCUNMvu%2FU9Bc3gR%2BX0FoeE0dRNpu5bUVa5rTw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75ce4a6d7c279b98-FRA
content-length
0
date
Thu, 20 Oct 2022 02:23:18 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Fwww.imleagues.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zgVWF54cCPp1S7%2FWDpWS4ZtvxiEk7rwNUOcmIdYpAGU3n%2Be1DHt5o3FTyoEAaBzZdkGobBw3kNFzBC2469eJwNwMqrAiAuJRhMAHaGLozeLYGNGX1HRPeiDwR%2F9DEANjGzZJOI4dfX6QHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 2512
0
42 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=3945043&p=156858&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:18 GMT
content-length
0
usersync
usersync.gumgum.com/ Frame 9AB0
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=898287034406155548
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=898287034406155548
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 20 Oct 2022 02:23:19 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 20 Oct 2022 02:23:18 GMT
AN-X-Request-Uuid
2ce72a6f-7868-4e53-8056-028e2330dd04
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://usersync.gumgum.com/usersync?b=apn&i=898287034406155548
Connection
keep-alive
X-Proxy-Origin
80.255.7.102; 80.255.7.102; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 9AB0
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_9b7de5ca-5586-4877-a317-c302b6de0f8f&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=732f7c20-1ac6-4854-adc4-fcc2dbbb4fc2&ssp=gumgum2
  • https://usersync.gumgum.com/usersync?b=bsw&i=cf7671d6-cf73-4b95-ab8e-d50161d59cfa
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=cf7671d6-cf73-4b95-ab8e-d50161d59cfa
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 20 Oct 2022 02:23:19 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=cf7671d6-cf73-4b95-ab8e-d50161d59cfa
Date
Thu, 20 Oct 2022 02:23:19 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame 9AB0
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28GO93Nuz2UcqeOvh55YkdfrmKxY51zeqewrvT4POQjYQzJAmnjTjP-xh9uJvynwVb%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_9b7de5ca-5586-4877-a317-c302b6de0f8f&obuid=ENC(GO93Nuz2UcqeOvh55YkdfrmKxY51zeqewrvT4POQjYQzJAmnjTjP-xh9uJvynwVb)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://x.bidswitch.net/sync?ssp=outbrain&user_id=GO93Nuz2UcqeOvh55YkdfrmKxY51zeqewrvT4POQjYQzJAmnjTjP-xh9uJvynwVb
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Doutbrain%26bsw_param%3Dcf7671d6-cf73-4b95-ab8e-d50161d59c...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=e75e6350-b113-4b00-8f8c-a45e6b3c4ecb&expires=30&ssp=outbrain&bsw_param=cf7671d6-cf73-4b95-ab8e-d50161d59cfa&gdpr=&gdpr_consent=
  • https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=cf7671d6-cf73-4b95-ab8e-d50161d59cfa&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
0
145 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=cf7671d6-cf73-4b95-ab8e-d50161d59cfa&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 20 Oct 2022 02:23:20 GMT
Cache-Control
no-cache
X-TraceId
be5c1400812a0c8416371cbe7df8a7b4
Content-Length
0

Redirect headers

Location
//sync.outbrain.com/cookie-sync?p=bidswitch&uid=cf7671d6-cf73-4b95-ab8e-d50161d59cfa&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Date
Thu, 20 Oct 2022 02:23:19 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame 9AB0
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=66401331-9d3e-00c1-05a8-3d8ecbec1824
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=66401331-9d3e-00c1-05a8-3d8ecbec1824
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 20 Oct 2022 02:23:19 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 20 Oct 2022 02:23:18 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=66401331-9d3e-00c1-05a8-3d8ecbec1824
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 9AB0
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-6df8b332-5990-43e9-662f-cd699ffb8d11$ip$80.255.7.102
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-6df8b332-5990-43e9-662f-cd699ffb8d11$ip$80.255.7.102
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 20 Oct 2022 02:23:19 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-6df8b332-5990-43e9-662f-cd699ffb8d11$ip$80.255.7.102
Date
Thu, 20 Oct 2022 02:23:19 GMT
Connection
keep-alive
Content-Length
126
Content-Type
text/html; charset=utf-8
gumgum
pr-bh.ybp.yahoo.com/sync/ Frame 9AB0
43 B
426 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:47e5:30d1:de50:1647 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:18 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usersync
usersync.gumgum.com/ Frame 9AB0
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=e5b788be-af31-4674-bcf1-22288ed1aa42
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=e5b788be-af31-4674-bcf1-22288ed1aa42
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 20 Oct 2022 02:23:19 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=e5b788be-af31-4674-bcf1-22288ed1aa42
Date
Thu, 20 Oct 2022 02:23:19 GMT
Connection
keep-alive
X-CI-RTID
10817793-56f0-4b92-a64b-ce222153b25b
Content-Length
108
Content-Type
text/html; charset=utf-8
services
sync.technoratimedia.com/ Frame 9AB0
0
293 B
Image
General
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:19 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
534793971
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 9AB0
0
44 B
Image
General
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:18 GMT
content-length
0
server
c
usersync
usersync.gumgum.com/ Frame 9AB0
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_9b7de5ca-5586-4877-a317-c302b6de0f8f&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=t8LQZGd0y9I-DDXDn6tR&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT25BYJRIVUR3EGB4TSSJNIRCFQRDOGZ2FE...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=t8LQZGd0y9I-DDXDn6tR&us_privacy=1---
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=t8LQZGd0y9I-DDXDn6tR&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 20 Oct 2022 02:23:19 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 20 Oct 2022 02:23:19 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=t8LQZGd0y9I-DDXDn6tR&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 9AB0
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=7b31fc37-18f4-492e-9a35-06603bbaeddd
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=7b31fc37-18f4-492e-9a35-06603bbaeddd
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 20 Oct 2022 02:23:19 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=7b31fc37-18f4-492e-9a35-06603bbaeddd
access-control-allow-origin
*
date
Thu, 20 Oct 2022 02:23:19 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
generic
match.adsrvr.org/track/cmf/ Frame 9AB0
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8812856564
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8812856564
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 20 Oct 2022 02:23:18 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Thu, 20 Oct 2022 02:23:18 GMT
etag
RXa445ea93251a4e3b89c2a43e4ddfc601003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8812856564
cache-control
no-store, no-cache, must-revalidate
expires
0
usersync
usersync.gumgum.com/ Frame 9AB0
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=tYLVFy2ti9lD&ev=1&pid=558355
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=tYLVFy2ti9lD&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 20 Oct 2022 02:23:19 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://usersync.gumgum.com/usersync?b=pln&i=tYLVFy2ti9lD&ev=1&pid=558355
content-language
de-DE
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6bdd85b5c9-pftd6
expires
-1
usersync
usersync.gumgum.com/ Frame 9AB0
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=4430541649927139192
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=4430541649927139192
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 20 Oct 2022 02:23:19 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=4430541649927139192
date
Thu, 20 Oct 2022 02:23:18 GMT
content-length
0
sync
ads.servenobid.com/ Frame 9AB0
0
358 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_9b7de5ca-5586-4877-a317-c302b6de0f8f
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.170.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-170-209.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame 1DC5
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=e75e6350-b113-4b00-8f8c-a45e6b3c4ecb&gdpr=0&gdpr_consent=
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=e75e6350-b113-4b00-8f8c-a45e6b3c4ecb&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 20 Oct 2022 02:23:18 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 20 Oct 2022 02:23:18 GMT
Expires
Thu, 20 Oct 2022 02:23:17 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4539 98cc2da master cdg-pixel-x28 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=e75e6350-b113-4b00-8f8c-a45e6b3c4ecb&gdpr=0&gdpr_consent=
URnmbSKM
sync-tm.everesttech.net/ct/upi/pid/ Frame 8694
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y1CxFgAAAa38sAAO
85 B
166 B
Document
General
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y1CxFgAAAa38sAAO
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2900
cache-control
no-cache
content-length
85
content-type
image/png
date
Thu, 20 Oct 2022 02:23:18 GMT
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
HIT
x-cache-hits
10581
x-served-by
cache-hhn4058-HHN
x-timer
S1666232599.963872,VS0,VE0

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Thu, 20 Oct 2022 02:23:18 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y1CxFgAAAa38sAAO
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4058-HHN
x-timer
S1666232599.829276,VS0,VE93
pixel
cm.g.doubleclick.net/ Frame 0C32
170 B
188 B
Document
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85YjdkZTVjYS01NTg2LTQ4NzctYTMxNy1jMzAyYjZkZTBmOGY=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Thu, 20 Oct 2022 02:23:18 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7DF4
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=25783
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 20 Oct 2022 02:23:18 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 20 Oct 2022 09:33:01 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 720D
70 B
264 B
Document
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Thu, 20 Oct 2022 02:23:18 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 9665
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY2...
  • https://cs.emxdgt.com/umcheck?apnxid=898287034406155548&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWF...
  • https://usersync.gumgum.com/usersync?b=emx&i=898287034406155548brt57491666232598735632f1
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=emx&i=898287034406155548brt57491666232598735632f1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 20 Oct 2022 02:23:18 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
0
content-type
text/html
date
Thu, 20 Oct 2022 02:23:18 GMT
location
https://usersync.gumgum.com/usersync?b=emx&i=898287034406155548brt57491666232598735632f1
usersync
usersync.gumgum.com/ Frame 488C
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Y1CxF8Co8XgAANcpvNEAAAAA
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Y1CxF8Co8XgAANcpvNEAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 20 Oct 2022 02:23:19 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Thu, 20 Oct 2022 02:23:19 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Y1CxF8Co8XgAANcpvNEAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
54
X-SO-HostName
m-ad374.dc4p.scaleout.jp
X-SO-IP
80.255.7.102
X-SO-Key
Y1CxF8Co8XgAANcpvNEAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":54,"gdpr":true,"ipv4":"0.0.0.0","key":"Y1CxF8Co8XgAANcpvNEAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad374"}
X-SO-LB-Hostname
m-tgng20.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad374
usersync
usersync.gumgum.com/ Frame DFE5
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Y1CxFmojwUrzL0Uvyvj-qgAA%261193
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=Y1CxFmojwUrzL0Uvyvj-qgAA%261193
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 20 Oct 2022 02:23:18 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75ce4a6e1b9b92c5-FRA
content-length
0
date
Thu, 20 Oct 2022 02:23:18 GMT
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=Y1CxFmojwUrzL0Uvyvj-qgAA%261193
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XOF43zmt%2B%2FL8OdwYtGEs5%2Fk8TmEx3JkUYMQ5UhpRFuVt48R9UIh00bT5am7KCWpI%2Byl1H4yDq996PriihMnZ7%2FAJaamVchEZGD7TDxIy6M9jNBsOmu6f2i2KLpsOY2CdPtqwsNDwzzcNZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame DDB2
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=E0TRgd4U75RHcm7nGACS&pi=gumgum&tc=1
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=E0TRgd4U75RHcm7nGACS&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 20 Oct 2022 02:23:19 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Thu, 20 Oct 2022 02:23:18 GMT Thu, 20 Oct 2022 02:23:18 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=E0TRgd4U75RHcm7nGACS&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 1BE4
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
573 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 20 Oct 2022 02:23:18 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 20 Oct 2022 02:23:18 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
rubicon
match.adsrvr.org/track/cmf/ Frame 1017
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https:%2F%2Fwww.imleagues.com%2FSchool%2FViewMCMessage.aspx%3FSchId%3Dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3D9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 20 Oct 2022 02:23:18 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 1017
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlHRlY1NUctMUMtS09DNA==&gdpr=0
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlHRlY1NUctMUMtS09DNA==&gdpr=0
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https:%2F%2Fwww.imleagues.com%2FSchool%2FViewMCMessage.aspx%3FSchId%3Dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3D9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 02:23:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlHRlY1NUctMUMtS09DNA==&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 1017
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/tChPr7mqezt9_WUa5ZHvAMn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1807790860628135824
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1807790860628135824
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https:%2F%2Fwww.imleagues.com%2FSchool%2FViewMCMessage.aspx%3FSchId%3Dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3D9532fc765e5f4e07ba36fa17ab037eb8
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 20 Oct 2022 02:23:18 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1807790860628135824
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 1017
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESELPDC0Or1h2ZT8patwOExHw&google_cver=1
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESELPDC0Or1h2ZT8patwOExHw&google_cver=1
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https:%2F%2Fwww.imleagues.com%2FSchool%2FViewMCMessage.aspx%3FSchId%3Dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3D9532fc765e5f4e07ba36fa17ab037eb8
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 20 Oct 2022 02:23:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESELPDC0Or1h2ZT8patwOExHw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 1017
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9GFV55G-1C-KOC4&gdpr=0
0
925 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9GFV55G-1C-KOC4&gdpr=0
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https:%2F%2Fwww.imleagues.com%2FSchool%2FViewMCMessage.aspx%3FSchId%3Dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3D9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:18 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 577FDE402CE94FA292C191B1CE8FADD8 Ref B: DUS30EDGE0914 Ref C: 2022-10-20T02:23:18Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXrbgItn3OhKZ4NqVnxNw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9GFV55G-1C-KOC4&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 1017
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=rZ6bRi9mTDed1TWm_Vs_kA&rk=usync-other&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=rZ6bRi9mTDed1TWm_Vs_kA&gdpr=0
43 B
479 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=rZ6bRi9mTDed1TWm_Vs_kA&gdpr=0
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https:%2F%2Fwww.imleagues.com%2FSchool%2FViewMCMessage.aspx%3FSchId%3Dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3D9532fc765e5f4e07ba36fa17ab037eb8
Protocol
HTTP/1.1
Server
52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 Oct 2022 02:23:19 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
M1ZMWDBYAKA3NJXMQEWH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=rZ6bRi9mTDed1TWm_Vs_kA&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 1017
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTJjOTg0NThiMTk2Y2Q3MzM5YjdiNmRhOWU1NjY4OGFlMGRjYzUxMQ&gdpr=0
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTJjOTg0NThiMTk2Y2Q3MzM5YjdiNmRhOWU1NjY4OGFlMGRjYzUxMQ&gdpr=0
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https:%2F%2Fwww.imleagues.com%2FSchool%2FViewMCMessage.aspx%3FSchId%3Dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3D9532fc765e5f4e07ba36fa17ab037eb8
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 02:23:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTJjOTg0NThiMTk2Y2Q3MzM5YjdiNmRhOWU1NjY4OGFlMGRjYzUxMQ&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 1017
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ok0E7y7_Rs6PUXGiWqxj_w&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ok0E7y7_Rs6PUXGiWqxj_w&gdpr=0
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ok0E7y7_Rs6PUXGiWqxj_w&gdpr=0
Requested by
Host: www.imleagues.com
URL: https://www.imleagues.com/spa/account/login?redirecturl=https:%2F%2Fwww.imleagues.com%2FSchool%2FViewMCMessage.aspx%3FSchId%3Dae6dfe7f46634b3f9c6076c71e0555e8%26MessageId%3D9532fc765e5f4e07ba36fa17ab037eb8
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 Oct 2022 02:23:19 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
B1RZRPB2DFZ2VNE19TXK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ok0E7y7_Rs6PUXGiWqxj_w&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame DC3B
0
344 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=317&uid=4430541649927139192&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.170.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-170-209.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame DC3B
Redirect Chain
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=KYVsDH2HaA4y0zwFKdN0DC7QOAsy0jxfJ4Vmyy91
43 B
163 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=KYVsDH2HaA4y0zwFKdN0DC7QOAsy0jxfJ4Vmyy91
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:18 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 20 Oct 2022 02:23:18 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=KYVsDH2HaA4y0zwFKdN0DC7QOAsy0jxfJ4Vmyy91
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame DC3B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y1CxFgAAAC6idwA7&gdpr=0&gdpr_consent=&_test=Y1CxFgAAAC6idwA7
43 B
411 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y1CxFgAAAC6idwA7&gdpr=0&gdpr_consent=&_test=Y1CxFgAAAC6idwA7
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 20 Oct 2022 02:23:18 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

x-served-by
cache-hhn4058-HHN
pragma
no-cache
date
Thu, 20 Oct 2022 02:23:18 GMT
via
1.1 varnish
server
Varnish
x-timer
S1666232599.963910,VS0,VE0
x-cache
HIT
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y1CxFgAAAC6idwA7&gdpr=0&gdpr_consent=&_test=Y1CxFgAAAC6idwA7
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
v1
match.sharethrough.com/sync/ Frame DC3B
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DS...
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=4430541649927139192&gdpr=0&gdpr_consent=
0
35 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=4430541649927139192&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
52.28.129.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-129-28.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:19 GMT

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=4430541649927139192&gdpr=0&gdpr_consent=
pragma
no-cache
date
Thu, 20 Oct 2022 02:23:18 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/ Frame DC3B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=smartadserver&bsw_custom_parameter=cf7671d6-cf73-4b95-ab8e-d50161d59cfa
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=smartadserver&bsw_custom_parameter=cf7671d6-cf73-4b95-ab8e-d50161d59cfa
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=6b79fcca-59db-48af-ad6f-a78b77821761&user_group=1&ssp=smartadserver&bsw_param=cf7671d6-cf73-4b95-ab8e-d50161d59cfa
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=cf7671d6-cf73-4b95-ab8e-d50161d59cfa&gdpr=&gdpr_consent=
43 B
163 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=cf7671d6-cf73-4b95-ab8e-d50161d59cfa&gdpr=&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:19 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

Location
//rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=cf7671d6-cf73-4b95-ab8e-d50161d59cfa&gdpr=&gdpr_consent=
Date
Thu, 20 Oct 2022 02:23:19 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
usermatchredir
ssum-sec.casalemedia.com/ Frame FC7F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y1CxFmojwUrzL0Uvyvj_qgAABKkAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEH6FkX1W8HwoGAzli_Oq2wI&google_cver=1
43 B
845 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEH6FkX1W8HwoGAzli_Oq2wI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H3
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 02:23:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=loP6De8t%2Bnf4gs3v56iZF5xUvlvq87Ll5UkAHzw2D%2BpwjtEYkDBNowWrPaTKQ8A38ZA4INJmq3wF6p67S%2B0%2FjRHAWzQQUfRlfALnquWqZTRVP9RrQTucwJn0IH79VJYRS6CSGhVyd7xGow%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
75ce4a6eec0892c5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 20 Oct 2022 02:23:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEH6FkX1W8HwoGAzli_Oq2wI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame FC7F
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1CxFmojwUrzL0Uvyvj_qgAABKkAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1CxFmojwUrzL0Uvyvj_qgAABKkAAAAB&dcc=t
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1CxFmojwUrzL0Uvyvj_qgAABKkAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 Oct 2022 02:23:19 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
13J9PB4NWNHY8B05FH3F
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 20 Oct 2022 02:23:19 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3GDJDEA3TPHVXXKCVK13
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1CxFmojwUrzL0Uvyvj_qgAABKkAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame FC7F
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 20 Oct 2022 02:23:18 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame FC7F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y1CxFo5a3BNX5zymciNL-wAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEC10Eqp6-cfLfAyM3SPew-s&google_cver=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEC10Eqp6-cfLfAyM3SPew-s&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 Oct 2022 02:23:19 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 20 Oct 2022 02:23:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEC10Eqp6-cfLfAyM3SPew-s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame FC7F
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=zoQR-5qGFfnV0kHyztIJ-8nRRfzV00GowITbvg3x
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=zoQR-5qGFfnV0kHyztIJ-8nRRfzV00GowITbvg3x
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 Oct 2022 02:23:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 20 Oct 2022 02:23:18 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=zoQR-5qGFfnV0kHyztIJ-8nRRfzV00GowITbvg3x
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
rum
dsum.casalemedia.com/ Frame FC7F
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1666318998
43 B
766 B
Image
General
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1666318998
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 Oct 2022 02:23:19 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1666318998
pragma
no-cache
date
Thu, 20 Oct 2022 02:23:18 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
ix
ad4m.at/ad/sim/ Frame FC7F
0
0
Image
General
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

crum
dsum-sec.casalemedia.com/ Frame FC7F
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=898287034406155548
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=898287034406155548
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 Oct 2022 02:23:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 20 Oct 2022 02:23:18 GMT
AN-X-Request-Uuid
07103d93-52e3-4d3c-a67b-0b2ea25075c2
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=898287034406155548
Connection
keep-alive
X-Proxy-Origin
80.255.7.102; 80.255.7.102; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame FC7F
0
357 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Y1CxFmojwUrzL0Uvyvj_qgAABKkAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.170.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-170-209.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
casale
match.adsrvr.org/track/cmf/ Frame 8397
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.imleagues.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 20 Oct 2022 02:23:18 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 8397
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y1CxFo5a3BNX5zymciNL-wAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEC10Eqp6-cfLfAyM3SPew-s&google_cver=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEC10Eqp6-cfLfAyM3SPew-s&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.imleagues.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 Oct 2022 02:23:19 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 20 Oct 2022 02:23:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEC10Eqp6-cfLfAyM3SPew-s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 8397
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y1CxFo5a3BNX5zymciNL_wAAFCUAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEH6FkX1W8HwoGAzli_Oq2wI&google_cver=1
43 B
849 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEH6FkX1W8HwoGAzli_Oq2wI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.imleagues.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 02:23:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7itPQq0%2FbOCoHLcvn%2FrVRWPGLoqscr%2BTsxHKshiASxH%2FfgQJjZak8bdO1VfQXX%2FbIBx%2FXnIBTmTYxhCtQT2280bCVVXwGUxV5pPnnK21L%2FuSEOPIH06CBIFMshP1pueeZa3YsiQ%2B4Rfgfw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
75ce4a6efc1192c5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 20 Oct 2022 02:23:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEH6FkX1W8HwoGAzli_Oq2wI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 8397
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1CxFo5a3BNX5zymciNL_wAAFCUAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1CxFo5a3BNX5zymciNL_wAAFCUAAAIB&dcc=t
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1CxFo5a3BNX5zymciNL_wAAFCUAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.imleagues.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 Oct 2022 02:23:19 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2RPJBHW6GKZ6K5NBA74S
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 20 Oct 2022 02:23:19 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
81W1YFY5D1D7WZ02BJAP
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1CxFo5a3BNX5zymciNL_wAAFCUAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
bridge
cm.adgrx.com/ Frame 8397
43 B
283 B
Image
General
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.imleagues.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.204 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 02:23:19 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-6
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
rum
dsum.casalemedia.com/ Frame 8397
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=index&bsw_custom_parameter=cf7671d6-cf73-4b95-ab8e-d50161d59cfa&gdpr=&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=index&user_id=csonata_d52dbf82-1ffb-4663-adaa-0554bd9bbb3d&bsw_param=cf7671d6-cf73-4b95-ab8e-d50161d59cfa&expires=10
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=cf7671d6-cf73-4b95-ab8e-d50161d59cfa
43 B
766 B
Image
General
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=cf7671d6-cf73-4b95-ab8e-d50161d59cfa
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.imleagues.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 Oct 2022 02:23:19 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=cf7671d6-cf73-4b95-ab8e-d50161d59cfa
Date
Thu, 20 Oct 2022 02:23:19 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame 8397
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1681957398&external_user_id=b1c55f3e-dc1f-4dcb-ac0a-ad3b1d64e115
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1681957398&external_user_id=b1c55f3e-dc1f-4dcb-ac0a-ad3b1d64e115
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.imleagues.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 Oct 2022 02:23:19 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

date
Thu, 20 Oct 2022 02:23:18 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1681957398&external_user_id=b1c55f3e-dc1f-4dcb-ac0a-ad3b1d64e115
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
ibs:dpid=23728&dpuuid=Y1CxFo5a3BNX5zymciNL-wAA%265157
dpm.demdex.net/ Frame 8397
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y1CxFo5a3BNX5zymciNL-wAA%265157?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.imleagues.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.35.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-35-16.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v044-0cad15b9d.edge-irl1.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
+9IF7ylIRts=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
htw-pixel.gif
cdn.indexww.com/ht/ Frame 8397
43 B
353 B
Image
General
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y1CxFo5a3BNX5zymciNL-wAA%265157
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.imleagues.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:23:18 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
13918
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
75ce4a6f3e249c0c-FRA
content-length
43
expires
Fri, 21 Oct 2022 02:23:18 GMT
usync.js
eus.rubiconproject.com/ Frame FEFE
32 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
256f6bec6a211d7c3445e856d793846aca14627b2d03c2186c6233140996c1d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 20 Oct 2022 02:23:18 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Oct 2022 18:37:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=27963
Connection
keep-alive
Content-Length
9454
Expires
Thu, 20 Oct 2022 10:09:21 GMT
usync.js
eus.rubiconproject.com/ Frame 1BE4
32 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
256f6bec6a211d7c3445e856d793846aca14627b2d03c2186c6233140996c1d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 20 Oct 2022 02:23:18 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Oct 2022 18:37:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=27963
Connection
keep-alive
Content-Length
9454
Expires
Thu, 20 Oct 2022 10:09:21 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame FEFE
0
239 B
Image
General
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=L9GFV55G-1C-KOC4
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync.php
pixel.rubiconproject.com/exchange/ Frame 1BE4
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=L9GFV55G-1C-KOC4
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
async_usersync
ib.adnxs.com/ Frame 4374
0
740 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 Oct 2022 02:23:19 GMT
AN-X-Request-Uuid
f67e48a6-cfec-46fc-8edb-44ea43035609
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.102; 80.255.7.102; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
i6.liadm.com
URL
https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=cf7671d6-cf73-4b95-ab8e-d50161d59cfa
Domain
i.liadm.com
URL
https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=t8LQZGd0y9I-DDXDn6tR&us_privacy=1---
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l9gfv75b&c=8107100010708&slotId=4053550005354&qqid=CJP7tI_g7foCFXncEQgdYCQJEg&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l9gfv75k&c=1999939210868&slotId=999969605434&qqid=CJT7tI_g7foCFXncEQgdYCQJEg&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Domain
hal90004.redintelligence.net
URL
https://hal90004.redintelligence.net/request.php?zone=s5p1ff0cz8rl&nw=20&renderingType=javascript&namespace=5058e42b7d&subid=&uid=757f05034b172840&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D4f64b74f6bfa8596833a2c3bac00e1020f957e6f%26mt_aid%3D1734860103864312726%26mt_id%3D11050099%26mt_adid%3D215543%26mt_sid%3D12460949%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3De75e6350-b113-4b00-8f8c-a45e6b3c4ecb%26mt_cid%3De75e6350-b113-4b00-8f8c-a45e6b3c4ecb%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F641d8acb-840e-4e73-9908-9210ce6dec36%2F%26redirect%3D&documentReferer=https%3A%2F%2Fwww.imleagues.com%2F&ancestorOrigins=https%3A%2F%2Fwww.imleagues.com&random=9673684474074&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Domain
capi-tier-2-us-east-2.connatix.com
URL
https://capi-tier-2-us-east-2.connatix.com/tr/sr?v=191837
Domain
gcdn.2mdn.net
URL
https://gcdn.2mdn.net/videoplayback/id/30d4d59621e107be/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1697768595/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/9C5EB889BFD197D17198FA4DB7000DA4D1536047.AB314BB51C936E1FD97F82D7AD914F4FB14EDE04/key/ck2/file/file.mp4
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l9gfv75p&c=8107100010708&slotId=4053550005354&qqid=CJP7tI_g7foCFXncEQgdYCQJEg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=860&mt=video%2Fmp4&vs=720x720&ulv=1&cll=0&vast_v=2.0&vmfc=11&vhc=0&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=346&vsrc=web_video_ads&ape=1&met.4=videopreviewvisible.10b
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Domain
gcdn.2mdn.net
URL
https://gcdn.2mdn.net/videoplayback/id/30d4d59621e107be/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1697768595/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/7DDE503D8A070809E3232764D6582483E5CB3987.7E948F5375F6FAD816FBEFDF0A8A0607F59F334E/key/ck2/file/file.mp4
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l9gfv76j&c=1999939210868&slotId=999969605434&qqid=CJT7tI_g7foCFXncEQgdYCQJEg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=860&mt=video%2Fmp4&vs=720x720&ulv=1&cll=0&vast_v=2.0&vmfc=11&vhc=0&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=346&vsrc=web_video_ads&ape=1&met.4=videopreviewvisible.10s
Domain
capi-tier-2-us-east-2.connatix.com
URL
https://capi-tier-2-us-east-2.connatix.com/tr/ao?v=191837
Domain
capi-tier-2-us-east-2.connatix.com
URL
https://capi-tier-2-us-east-2.connatix.com/rtb/g?v=191837
Domain
capi-tier-2-us-east-2.connatix.com
URL
https://capi-tier-2-us-east-2.connatix.com/tr/ps?v=191837
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~l9gfv7cr&c=8107100010708&slotId=4053550005354&qqid=CJP7tI_g7foCFXncEQgdYCQJEg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=860&mt=video%2Fmp4&vs=720x720&uet=2&ple=1
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~l9gfv7hi&c=8107100010708&slotId=4053550005354&qqid=CJP7tI_g7foCFXncEQgdYCQJEg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=860&mt=video%2Fmp4&vs=720x720&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fgcdn.2mdn.net%252Fvideoplayback%252Fid%252F30d4d59621e107be%252Fitag%252F346%252Fsource%252Fweb_video_ads%252Fctier%252FL%252Facao%252Fyes%252Fip%252F0.0.0.0%252Fipbits%252F0%252Fexpire%252F1697768595%252Fsparams%252Fip%252Cipbits%252Cexpire%252Cid%252Citag%252Csource%252Cctier%252Cacao%252Fsignature%252F9C5EB889BFD197D17198FA4DB7000DA4D1536047.AB314BB51C936E1FD97F82D7AD914F4FB14EDE04%252Fkey%252Fck2%252Ffile%252Ffile.mp4&encoded_body_size=0&transfer_size=0
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~l9gfv7hj&c=8107100010708&slotId=4053550005354&qqid=CJP7tI_g7foCFXncEQgdYCQJEg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=860&mt=video%2Fmp4&vs=720x720&event_name=first_pause&asset_bytes=181382&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=8&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&vqdf=0&vqtf=0&vqfr=NaN
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~l9gfv7d8&c=1999939210868&slotId=999969605434&qqid=CJT7tI_g7foCFXncEQgdYCQJEg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=860&mt=video%2Fmp4&vs=720x720&uet=2&ple=1
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~l9gfv7hk&c=1999939210868&slotId=999969605434&qqid=CJT7tI_g7foCFXncEQgdYCQJEg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=860&mt=video%2Fmp4&vs=720x720&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fgcdn.2mdn.net%252Fvideoplayback%252Fid%252F30d4d59621e107be%252Fitag%252F346%252Fsource%252Fweb_video_ads%252Fctier%252FL%252Facao%252Fyes%252Fip%252F0.0.0.0%252Fipbits%252F0%252Fexpire%252F1697768595%252Fsparams%252Fip%252Cipbits%252Cexpire%252Cid%252Citag%252Csource%252Cctier%252Cacao%252Fsignature%252F7DDE503D8A070809E3232764D6582483E5CB3987.7E948F5375F6FAD816FBEFDF0A8A0607F59F334E%252Fkey%252Fck2%252Ffile%252Ffile.mp4&encoded_body_size=0&transfer_size=0
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~l9gfv7hl&c=1999939210868&slotId=999969605434&qqid=CJT7tI_g7foCFXncEQgdYCQJEg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=860&mt=video%2Fmp4&vs=720x720&event_name=first_pause&asset_bytes=181419&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=8&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&vqdf=0&vqtf=0&vqfr=NaN
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuph-pDaANup2jrivyQkj0kAFyYqFHHKg4kYDqz0-_MYkVINbM7yt4gfqHWsQvJ12p4I6OoNUNLoLN591I97zT0KDNfq5-h7PEN_G2LClZNaikTHsJ-&sig=Cg0ArKJSzIYnrHKYQxHbEAE&id=lidartos&mcvt=303&p=1107,437,1197,1165&mtos=303,303,303,303,303&tos=303,0,0,0,0&v=20221019&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=999762187&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=3&r=b&rst=1666232595209&rpt=600&isd=0&lsd=0&ec=0&met=ie&wmsd=0

Verdicts & Comments Add Verdict or Comment

251 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| __g_parentIFrame function| _initIframe function| _tryRedirectParent function| _isInIframe function| _setCookie function| _getCookie number| noStickyBanner object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing number| kPrebidTimeout number| kRefreshPollTime number| gRefreshCount number| gOXRefreshCount boolean| gRefreshDebug boolean| gPrebidDebug boolean| gTrackVisibility boolean| gLazyLoad boolean| gTrackPageVisibility number| k30SecondRefreshInterval number| k60SecondRefreshInterval number| k90SecondRefreshInterval number| k120SecondRefreshInterval number| k180SecondRefreshInterval number| kDoNotRefresh number| kDefaultRefreshInterval object| gSChainNodes undefined| gGDPR_forceLocale boolean| gGDPR_silentNoConsent boolean| gGDPR_forceNoConsent object| gGDPR_NonTCFVendors string| gGDPR_publisherCountryCode string| gGDPR_logoURL string| gGDPR_privacyPolicyURL string| kAmazonPublisherID object| ad300x250ATF object| ad300x250ATF2 object| ad300x250BTF object| ad300x250BTF2 object| ad728x90ATF object| ad728x90MID object| ad728x90BTF object| ad728x90STICKY object| ad300x600ATF number| gBrowserWidth object| gStickyBanner object| gnoStickyBanner object| gAllSlotData number| gAllSlotCount object| amp_CommandQueue object| FontAwesomeConfig object| ___FONT_AWESOME___ function| __tcfapi object| __cmpAPI object| __GVL object| __cmpTCModel function| __cmpOpenUI function| __uspapi function| __uspOpenUI object| pbjsChunk object| pbjs object| ADAGIO object| mnet object| mnjs string| nobidVersion object| nobid string| gAmpEngineVersionID function| amp_getBidsForAllChannels function| amp_dumpTable function| amp_getBestBids boolean| gFoundCustomCommandQueue object| gAMPEngine function| amp_dumpBids function| amp_dumpWins function| amp_refreshOneSlotAtIndex function| amp_refreshAllSlots function| amp_refreshSlots function| getWinningBid function| getWinningBidData function| amp_reportAdPopup object| apstag string| GoogleAnalyticsObject function| ga string| g_cdnServer string| g_clientVersion string| g_serviceDomains object| indexInitData boolean| g_serverTemplate string| CKEDITOR_BASEPATH function| requirejs function| require function| define function| $ function| jQuery function| showNotification function| hideNotification function| ShowGuestLogin function| Login function| createAccount function| getQueryString function| messageModal function| liveSupportDisabled function| showProgressPopup function| hideProgressPopup function| updateProgress object| gaplugins object| gaGlobal object| gaData boolean| apstagLOADED boolean| creativeVendorLibraryLoaded object| LI object| __li__evt_bus object| liQ object| sas object| apntag object| _ADAGIO function| _typeof2 function| __liSync function| setImmediate function| clearImmediate object| ID5 object| PublisherCommonId object| angular function| iml_getLocalizeString object| angularExp object| g_IMLTranslateOBJ function| onConnectFacebookClicked object| g_currentUserInfo string| g_redirectUrl function| onLoginFacebook function| onCreateNewAccountClicked function| onLinkToExistingAccountClicked function| onIMLeaguesLoginClicked function| onSubmitRegistrationClicked function| onStatusChanged function| onGenderChanged function| getRedirectUrl function| changeBodyColor function| hexToRgb function| initAccountTemplate boolean| g_showMobileAd function| handlePageResize undefined| g_accountResizeTimer function| checkIsMobileMode function| redirectToProperPageAfterLogin function| setCookieWebPusherEnabled function| tryDecodeURIComponent function| ipCookieFun function| _tmpTryShowHideAccountVideoAd function| initBracketChallengeBanner function| fbAsyncInit function| initExt function| addAccessibilityFix number| tryFixVideoPositionTimes function| fixVideoPosition function| initLoginMessages function| checkIfCanRedirectMember function| onSelectedSchoolClick function| resetLoginButton function| disableButton function| resendEmail function| redirectToProperPage function| loginGoogleSuccess function| addLoadingIcon function| showLoadingIcon function| updateSelectPicker object| googleUser function| startGoogleLogin function| attachLogin object| FB object| gapi object| ___jsl object| _comscore object| _qevents object| _fbq string| adroll_adv_id string| adroll_pix_id boolean| __adroll_loaded object| special_ops function| cnx string| ampStat_callSequence object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| __buffer object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| googleapis object| auth2 object| COMSCORE function| udm_ object| ns_p string| adroll_sid object| dataLayer object| adroll object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks function| adroll_tpc_callback function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| __adroll_consent_data object| adroll_exp_list boolean| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country object| ONFOCUS object| cnx_usr_storage object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval object| cnxPlugins function| cnxProxyTask function| cnxAddEventListener

107 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: MgYIgQEQwxMyBQgMEMMTMgkI_____wcQwxM
www.imleagues.com/ Name: iml_Locale_Key
Value: en
www.imleagues.com/ Name: ASP.NET_SessionId
Value: cupaxsb4ap4ygnagqlyvbdg1
www.imleagues.com/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
www.imleagues.com/ Name: usprivacy
Value: 1---
.imleagues.com/ Name: _ga
Value: GA1.2.1514818731.1666232593
.imleagues.com/ Name: _gid
Value: GA1.2.869191080.1666232593
.lijit.com/ Name: ljt_reader
Value: FgpvpBZHVWlzaSomRKSISevE
.prebid.a-mo.net/ Name: __amc
Value: 1_1666232592_1666232592
.imleagues.com/ Name: _li_dcdm_c
Value: .imleagues.com
.imleagues.com/ Name: _lc2_fpi
Value: e61ac6b72cda--01gfsk7aprkp6ahxvwhf66fzz3
.rubiconproject.com/ Name: khaos
Value: L9GFV55G-1C-KOC4
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB3qKl4pD0O0kQNb0fGVcfL/XWaA1sYWTLHCRi4Lg8bJK5/TUgawDSkr8mRcp0VjbYuFNawrl+AYuuCAnekPgJibjJQWOE2262zQD5U7tEfUTQ==
.openx.net/ Name: i
Value: 42d18818-1cac-0760-3805-e58b679b2a9f|1666232593
.go.sonobi.com/ Name: __uis
Value: e1e83032-82c6-4bbd-9faf-747710e89250
.go.sonobi.com/ Name: _usd_imleagues.com
Value: fc008a87-1c7a-4e46-a103-e69b0a447de7
.go.sonobi.com/ Name: HAPLB8G
Value: s86119|Y1CxF
.serverbid.com/ Name: CONSUMABLEID
Value: 68199ac22ff7403d999ac22ff7f03d2c
.imleagues.com/ Name: _gat_pageViewOnly
Value: 1
.liadm.com/ Name: lidid
Value: b7fc8b16-e54a-40b1-ac94-458d49ec3b7a
.imleagues.com/ Name: __li_idex_cache
Value: {}
.imleagues.com/ Name: _gat
Value: 1
.www.imleagues.com/ Name: G_ENABLED_IDPS
Value: google
.quantserve.com/ Name: mc
Value: 6350b112-ee96e-01fa7-dec83
.imleagues.com/ Name: __qca
Value: P0-1946569074-1666232594935
.imleagues.com/ Name: __gads
Value: ID=2d2fb44953f594e2-224b1b8651ce0003:T=1666232594:S=ALNI_MYYwzghvJ8rnmTsU105T0o707nLPg
.imleagues.com/ Name: __gpi
Value: UID=00000b75981a84f1:T=1666232594:RT=1666232594:S=ALNI_MYuLm_oiNWQjFEz_cwdhDYv68q7Ng
.mathtag.com/ Name: uuid
Value: e75e6350-b113-4b00-8f8c-a45e6b3c4ecb
.doubleclick.net/ Name: IDE
Value: AHWqTUmsgF3FiDdxWq0y6XG8j9wcIxRh3HvAl_sobtBNhGzfqELOymO1pteiLpUHLD4
.demdex.net/ Name: demdex
Value: 61253638588400450720054848207385537592
.bidswitch.net/ Name: tuuid
Value: cf7671d6-cf73-4b95-ab8e-d50161d59cfa
.bidswitch.net/ Name: c
Value: 1666232595
.bidswitch.net/ Name: tuuid_lu
Value: 1666232595
.dpm.demdex.net/ Name: dpm
Value: 61253638588400450720054848207385537592
.google.com/ Name: NID
Value: 511=BpALiW2yzFbqudeB4DKcIA7ZdQDLyWbleSQSgYzKpB-XYEQOyPMMF5lHSv9ofGvQCsP8dODSpBTIfUi8cKuVu4e0BB1_hN5VwNhC1CVHwL7LXy4tvruDB56veaae-XDos5vqSD8GvZLomRlzh4Au3acz1JhoKmUmAFEXDWFwges
.addthis.com/ Name: na_id
Value: 2022102002231500091218072388
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 6350b11307d0eb2c
.addthis.com/ Name: ouid
Value: 6350b1130001978c41f0a4c3bae1efe292b981dc60b247a923ea
.zemanta.com/ Name: zuid
Value: t8LQZGd0y9I-DDXDn6tR
.dlx.addthis.com/ Name: na_sc_x
Value: 1
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 29b5f476ad8f27f2
.openx.net/ Name: pd
Value: v2|1666232598|gekin0vNiygu
.adform.net/ Name: C
Value: 1
.servenobid.com/ Name: pid_327
Value: 001dcc18-e9f7-4476-84db-81d37d5a8b27
.adform.net/ Name: uid
Value: 2266870839298379810
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.casalemedia.com/ Name: CMPS
Value: 1193
.adnxs.com/ Name: uuid2
Value: 898287034406155548
.gumgum.com/ Name: vst
Value: e_9b7de5ca-5586-4877-a317-c302b6de0f8f
.servenobid.com/ Name: pid_312
Value: 8752257161968039172
.servenobid.com/ Name: pid_310
Value: FgpvpBZHVWlzaSomRKSISevE
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_zslzmtoZmZmZGxkamlhbmAKAMRLatcQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwMrE0sDAwNDYxMBTiM9TNyQupskx2SsmydC0AAMwTXWslAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwMrE0sDAwNDYxMBTiM9TNyQupskx2SsmydC0AAMwTXWslAAAA
.smartadserver.com/ Name: pid
Value: 4430541649927139192
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-a445ea93-251a-4e3b-89c2-a43e4ddfc601-003%22%2C%22zdxidn%22%3A%221506%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D%22%7D
.emxdgt.com/ Name: euid
Value: 57491666232598735632f1
.servenobid.com/ Name: pid_309
Value: e_9b7de5ca-5586-4877-a317-c302b6de0f8f
.servenobid.com/ Name: pid_324
Value: 5107433824908013401
.casalemedia.com/ Name: CMID
Value: Y1CxFo5a3BNX5zymciNL-wAA
.casalemedia.com/ Name: CMPRO
Value: 5157
.servenobid.com/ Name: pid_317
Value: 4430541649927139192
.emxdgt.com/ Name: eapn_id
Value: 898287034406155548
.quantserve.com/ Name: d
Value: EJ8BHgGwJ4qsMK67gQvuIInYEA
.creativecdn.com/ Name: u
Value: E0TRgd4U75RHcm7nGACS
.creativecdn.com/ Name: ts
Value: 1666232598
.servenobid.com/ Name: pid_333
Value: Y1CxFmojwUrzL0Uvyvj_qgAABKkAAAAB
x.yieldlift.com/ Name: ylxuid
Value: 5275f076-8650-4629-a0ad-f499832a54dc
.analytics.yahoo.com/ Name: IDSYNC
Value: 198o~27te
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y1CxFgAAAC6idwA7
.yahoo.com/ Name: A3
Value: d=AQABBBaxUGMCEBjNtG9uFUBXyQmVt7pf310FEgEBAQECUmNaYwAAAAAA_eMAAA&S=AQAAAhaGIDF9pzraihJbyCr71jU
.360yield.com/ Name: tuuid
Value: 7b31fc37-18f4-492e-9a35-06603bbaeddd
.360yield.com/ Name: tuuid_lu
Value: 1666232598
.servenobid.com/ Name: pid_337
Value: y-i8YSsZRE2uFy99biFiCEAvFmXXXm1W8f_fc03RI-~A
.servenobid.com/ Name: pid_314
Value: 5275f076-8650-4629-a0ad-f499832a54dc
.servenobid.com/ Name: pid_339
Value: y-i8YSsZRE2uFy99biFiCEAvFmXXXm1W8f_fc03RI-~A
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_d52dbf82-1ffb-4663-adaa-0554bd9bbb3d
.smartadserver.com/ Name: csync
Value: 94:Y1CxFgAAAC6idwA7|139:0
.company-target.com/ Name: tuuid
Value: b1c55f3e-dc1f-4dcb-ac0a-ad3b1d64e115
.company-target.com/ Name: tuuid_lu
Value: 1666232598
.go.sonobi.com/ Name: HAPLB8S
Value: s859|Y1CyI
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.sportradarserving.com/ Name: zuuid
Value: 732f7c20-1ac6-4854-adc4-fcc2dbbb4fc2
.sportradarserving.com/ Name: c
Value: 1666232599
.sportradarserving.com/ Name: zuuid_lu
Value: 1666232599
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&0db35ffb-3115-42ed-8a3a-b39348e7fc3c"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NjYyMzI1OTk7MjswMjHQqkUSlkYUxMJUjqYHWywMuG7raulQanHUAhhCXvOQYA==
.linkedin.com/ Name: lidc
Value: "b=VGST09:s=V:r=V:a=V:p=V:g=2410:u=1:x=1:i=1666232599:t=1666318999:v=2:sig=AQGSPbHWSNJq7aLqQq-D8tOeV9w_-TN3"
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1666232599
.casalemedia.com/ Name: CMTS
Value: 5172
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-3c347a8c-3781-3769-b280-ce74c6f65934
.outbrain.com/ Name: obuid
Value: f5b74571-bcbe-40ca-a73c-eb7a06f3d483
pool.admedo.com/ Name: tuuid
Value: 6b79fcca-59db-48af-ad6f-a78b77821761
pool.admedo.com/ Name: c
Value: 1666232599
pool.admedo.com/ Name: tuuid_lu
Value: 1666232599
.ipredictive.com/ Name: cu
Value: e5b788be-af31-4674-bcf1-22288ed1aa42|1666232599169
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-6df8b332-5990-43e9-662f-cd699ffb8d11.xQ%2FG%2Fso0Wiw%2Bb9zAHVqIEBN0qnv10Gy%2Fpz5Ta9ktAdM
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AbfizMlmQQ-lmL81pn_uNEVD_B2Y.KflojyUywCx9SKjNwK0otnISyF%2F2gSFcni%2BdNxL3JA0
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: b18a9a214e64c9d5
.amazon-adsystem.com/ Name: ad-id
Value: A6ZIlAqc8kUum0YDEknYr7I
.lijit.com/ Name: ljtrtb
Value: eJyrVjIyNzYzNVeygjFqASoHBDc%3D
.lijit.com/ Name: _ljtrtb_279534
Value: ua-3c347a8c-3781-3769-b280-ce74c6f65934
.servenobid.com/ Name: pid_346
Value: ua-3c347a8c-3781-3769-b280-ce74c6f65934

7 Console Messages

Source Level URL
Text
javascript warning URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101701.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101701.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript warning URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cds.connatix.com/p/plugins/prebid7.17.0-3.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://d1sle6ww94m2ue.cloudfront.net/script.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cds.connatix.com/p/plugins/prebid7.17.0-3.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://sync.colossusssp.com/pbs.gif?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5974%26spui%3D%26dpui%3D%5BUID%5D
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4f69b6671eafcd44bccb3f8c6ada04ab.safeframe.googlesyndication.com
a.sportradarserving.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
accounts.google.com
acdn.adnxs.com
ad.360yield.com
ad4m.at
ads.pubmatic.com
ads.servenobid.com
adservice.google.com
adservice.google.de
ap.lijit.com
apex.go.sonobi.com
apis.google.com
b-code.liadm.com
b1sync.zemanta.com
bh.contextweb.com
bid.g.doubleclick.net
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
c2shb.pubgw.yahoo.com
capi-tier-2-us-east-2.connatix.com
capi.connatix.com
casale-match.dotomi.com
cd.connatix.com
cdn.id5-sync.com
cdn.indexww.com
cds.connatix.com
ce.lijit.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
creativecdn.com
cs.emxdgt.com
csi.gstatic.com
d.adroll.com
d1sle6ww94m2ue.cloudfront.net
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
e.serverbid.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
exchange.postrelease.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
gcdn.2mdn.net
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal90004.redintelligence.net
hb-api.omnitagjs.com
hb.yellowblue.io
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.clean.gg
i.liadm.com
i6.liadm.com
ib.adnxs.com
id5-sync.com
idx.liadm.com
image6.pubmatic.com
imasdk.googleapis.com
img.connatix.com
ins.connatix.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
match.adsrvr.org
match.deepintent.com
match.sharethrough.com
mp.4dex.io
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pioeg.admetricspro.workers.dev
pixel-us-east.rubiconproject.com
pixel.mathtag.com
pixel.quantserve.com
pixel.rubiconproject.com
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
public.servenobid.com
px.ads.linkedin.com
qd.admetricspro.com
rp.liadm.com
rp4.liadm.com
rtb-csync.smartadserver.com
rules.quantcount.com
s.adroll.com
s.amazon-adsystem.com
s.company-target.com
sb.scorecardresearch.com
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
sli.imleagues.com
sonata-notifications.taptapnetworks.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.colossusssp.com
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.serverbid.com
sync.srv.stackadapt.com
sync.technoratimedia.com
tag.1rx.io
tags.mathtag.com
teachingaids-d.openx.net
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
vid.connatix.com
web.hb.ad.cpe.dotomi.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
www.imleagues.com
x.bidswitch.net
x.dlx.addthis.com
x.serverbid.com
x.yieldlift.com
capi-tier-2-us-east-2.connatix.com
csi.gstatic.com
gcdn.2mdn.net
hal90004.redintelligence.net
i.liadm.com
i6.liadm.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
104.18.12.76
104.18.13.76
104.18.18.126
104.18.19.126
124.146.215.44
13.248.245.213
138.197.50.103
138.201.63.164
141.95.98.68
142.250.185.66
143.204.215.58
147.75.85.234
150.136.25.38
151.101.129.108
151.101.130.137
151.101.2.137
151.101.2.49
159.89.246.130
162.19.138.118
169.197.150.8
173.194.76.156
18.156.195.47
18.184.37.1
18.203.5.183
18.66.97.52
185.184.8.90
185.255.84.151
185.29.132.246
185.29.134.248
185.64.189.112
185.80.39.216
185.86.137.122
185.86.137.131
193.0.160.129
198.148.27.139
198.47.127.19
2.18.233.201
2001:41d0:701:1000::31d2
213.19.147.43
213.19.147.44
216.52.2.30
23.203.77.3
23.205.235.133
23.206.210.112
23.35.236.201
23.36.162.82
2600:1f18:730:b150:b4b2:cbd5:d9df:a8f5
2600:9000:2057:6a00:6:44e3:f8c0:93a1
2600:9000:2057:be00:8:8845:1500:93a1
2600:9000:206f:ee00:6:9280:1080:93a1
2600:9000:214f:d600:11:977f:f980:21
2602:803:c004:200::140
2606:4700:10::6816:3556
2606:4700:20::681a:7da
2606:4700:20::681a:bd1
2606:4700:20::ac43:4bf1
2606:4700:3032::ac43:8a3f
2606:4700:4400::6812:23c1
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:1ec:21::14
2a00:1450:4001:802::2002
2a00:1450:4001:806::200a
2a00:1450:4001:808::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:812::2002
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200d
2a00:1450:4001:830::2001
2a00:1450:4001:830::2003
2a00:1450:4001:830::2004
2a00:1450:4001:831::2001
2a00:1450:4001:831::2003
2a00:1450:400c:c1b::9a
2a02:fa8:8806:20::2010
2a02:fa8:8806:20::2100
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42::300
2a05:d018:d29:3601:47e5:30d1:de50:1647
3.121.191.244
3.121.89.8
3.126.56.137
3.217.159.252
3.73.168.247
3.75.3.113
34.226.26.172
34.246.170.209
34.247.205.196
34.250.112.177
34.250.198.162
34.95.69.49
34.96.71.22
35.210.53.219
35.244.159.8
37.157.2.238
37.252.172.123
37.252.173.62
44.210.14.134
50.22.3.50
50.31.142.159
51.89.9.253
52.0.175.47
52.223.40.198
52.28.129.28
52.46.128.147
52.5.242.57
52.58.97.150
52.95.125.22
54.146.133.189
54.77.35.16
54.82.150.226
65.9.71.118
69.166.1.12
69.166.1.9
69.173.144.139
69.173.144.165
69.192.160.219
70.42.32.191
72.251.241.204
72.251.249.14
8.2.111.121
8.43.72.98
99.81.70.153
99.86.3.236
99.86.4.81
02cb983892fd326b0cb0666654e3adb3583a46652a690c7b3fd5620ff118e68b
04292d21a9d376b0711ee4da1319d52295dd8353c1ba52ad2838f69ff424fd13
043e8243c29c77a1470c8e6682c2c6f98987b8d557829dc0235bf01511413581
051404c59899f3bc7799a173292080543cbfeeb67d2c509ab83291ebbd85f685
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
083e6dd418e7bcdc77b54d7cdcd8f80fcd123602963562bc3c0db14f2605614c
08e04328553331ce479f19e8d524c04702299a0456735828eba89c7082e2db92
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d5c3da332070524665477a39ea461fa75b076c27bd17a6e9ec143501231f593
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
102113abf95e4b5fb061d8037d6da23c41386d8e4078b1218fe52c95e80115ae
1030fc8851425c20e532acd288aa03d709507bcd3d55367f980d55de309ead68
11bd7e0c8b494db7ff79d71d3f29d35b4f739feca1146fbbcea097cbb1a4a682
154bf6290a0efad98e8ac7b47a8196b1263d3df826432b75f4e4612dfc9cae84
16b92797922c454d20656cf372aba635c26abd1a5e670be6fe764eb754072f79
16c145da5afa70f103ea0b370defd50c4261923286c5ea0e31b736ff064cdb7e
196f7ff369a7ff82ccb8e41064b4ecb2292576547732cbdfb0effb65c55487a2
1b880d9898e2a15c29cce26734623921753c26886b245d75fd75f667c5bf1c7b
1b8cf45e66aa6481266f4300f6cba38991e66977435f97bd22408e590dfba491
1bbd9854ec6d7e035bee5559fe766248df0b911405f01c668d4f8dd6cfcd39d4
1bc15c010e8b987167ad6f95fadd5c3e165dfe4cae052bf07831d45ec6861235
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1f5355039d97a5cd147148dcfd13cb53c5d17b123beb4e0ec5a12e96464fb3a9
209706a5a319493bb2a1814e1e99e5e3c4f9f9db9fe36455592eb8e42448c24a
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
23592acd48e28990d8cceb6ac1e4e7684719e39cb137110566be9745a4c2008d
256f6bec6a211d7c3445e856d793846aca14627b2d03c2186c6233140996c1d5
266a8361ba239ddebd0d2a46cacad5200d9224ca1fd819a38ffc2c2e96ced681
27095d13a9c6e755cb20dc225c60d419aaea91a9ec240b842527daea5c98a3ba
28a71436ac0dc932da5f3bee332164e898ac890aba1e4ed9b6b7225e711fdd9d
29766dd6b45ad09ded4d34fa8c2787b76c9fdebdd5588cb55da32a927e6724ec
2a54a5d04d394143e443f6267822c2efba922615685878ad7615a59492eed530
2a7f3d2c238784e955c2426069e8764f35cdbd3a88b5e06e1120a196d119e72d
2c95f29944fa0699c7ab3d1631fa8c988ab05488b2e8a669bd6cbd19d908e616
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e2cf65be2360524c07f04c86fbd862c63bfc974189fb520726897084598fa30
2fdacf7149b5bbca8bc4e65218aa6848d8d3e1cc2ed07a7b52883a1edddab2be
32c966137950be53f35de47e119011d771727ae721c6bdd7ca5091247bea9e22
3728d7f355864a27b250a537a24ddfa586bb82491260cb3e1d3d678135c464e6
3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3ceaeae9802676890da406f543a5ef498fc438189dd464b913cc00149a023056
3d46ba1056a1a0c10422fcb726cdd0af2772cc8773d0acbe5d26b5e1f1c507d8
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3fe3b4529bd87ba4ad94eabd059e556bd0d45e31402d27d78f47e99c1b8d7ec1
3fedd4922ba44ec7c3dce64469364fc59cb7290d054861f60e02101a293d5092
42d768855a8899957e82f5d77c80064519dd5a6aab2a9ae48d8fe2974b55f95a
44bef581b98e9eab6e3fe55601a959edb6796784490c777e07e9b0af825b43d5
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
49473c47744202f0f38d97524e16822f91e8b16dfb2403bc2da7e308526bc75b
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
4bb2a3480ce0f0b944d7e412f1999c9675ae433a42a120b7c708b4dcb8f355f5
4ca5752c967016ef7e5ad5c0a1bfd500c4f8d8d222c17b9e3bacaa660c4eb03d
4d43c32c1ede78f8c161ff46973be6bf39764a08419b4b248294ef578f477971
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5060f0c5a3cdb304f2a849c8061300b35fcf3156942e4e5da368c71d34568fb2
50678dd4079c3a0866e318c176c375828ca440d9ac9c185e27dbb229023813a5
519815bc4a3dd9a571cb56f57c7c6abfbda2b4e2de8c4b884a7535a1705438f2
51b52aced265d4493b7c40033142f218f0c681fd7514258ed1ae35e5d321bb67
52823b5f08b0029d2a3e0d17416f126100699c64fe437e5b5bd5f7fc40ae390d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57b296c8d6c1abfc7e9eb5464fda9ea1be2d7246f503c545a81cfdeadd10caa2
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4
5ab8f91c728302971e8a4899ab7e8e23c81057a0a377714b07f32fc82be0a036
5cdddf031e8c941a6240d6c6923805630ff1d9e3970d37e4e43d4f0682115c09
5f71ddd6c4d9e7b80134f932e23710533f5fa5186cc49d6769d82bf38eb2a46b
60b055834aed8d01817b433cf1d20717e29c9cc67f6d538bf286660346de161d
635a067512ee3bb9724e69b005302a3caaef1284f7d134b9b773f3085548d1e3
64669242f6ec7a8e23f33d26470090703b5289eb137201addd10a2a84354f209
6493fe707262fb8d9bc0e4d487e319fc9ebe7de26ebe7e3b4f58a5d17f03a9ea
66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8
66d3a8a770a631df5cdf13010dd290fba5ef08d3449e28420ac48711dec6c2fe
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b386c682bd717b9331b7d41707072876ee38cc92324ec25f5bd65d76ca59f93
6c0f2823d157f2142c2301c867bcb461c64e28b2fdc218fcac621ee0633a29eb
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
7005079fd0cc1bc81f0461125b0146daebaa998851afc017fdd2ca4407184eaf
725ea502622933fe0edc422a67f75695ac030ddc873b653072b7fc4f964c8442
729d02b7fddb6fb2c63a7e02a5ae9c0cd8bafeb8add6ba085b1355b81aaf4d11
739ab1cbd5fc795c806cfbc012e937834a1d566f02ed72ff02af2700c0629eb4
742146e5b811f1b6500f5a1a008e32d4a1d26bac830210526f52e4eaf3da7ede
745fee72951bf6a61128e9d42958ffe9a8050bcd2da5fdca1bf669ef6bcfdab1
74819e3d9ea37eee6bb287be5db214ad534a730c3bb52914c7ea179700e3c3ac
76dd9d1205e3693f00086abf76155db1b5d706138f7363132c57ebd2b0b381b4
7a695d75ed5265fb2f07d7f73e41ffe4acea9b5c5f6573294038d5ef560a0086
7c7870034a94ab73f6900e486d3ef95a27a0cb8a9cc500e6c2be9abfb7111dc2
7e5cf786ad472c8667ed6879d915a81a1b11e6fb26a04818e10882fa62f87432
7fd2ec35b25b299043a5f55a2fa26692265abc769c4d9c37d6ad51c88a5cc5ed
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
842f846c6666604429f34a254c1113757726ea0efe91012c1de75feebf27b285
845cb07ba0ce2f732c266214a435fadd995c0c620f16e8d3fa9c2fe2e59d5482
846a7fcdb5b4dab1207373eb0ceb4f9796330e3199184ae96de2c87ad57e8d71
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8587f73e40217568ba4a7a12e5d676d195facbbe088e33ac30974b98ceb04d3c
858a95f400a65fe507913c7fb6647e0ca071d82d3b9602567bb531204d12d993
864a7fd695c58f5bedc2e045457fbeb4df618f31f48815ce8c9f68b73570947a
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d2341d34d912b37876b637b593430b19b0793d153368bf7a841f2bab372aec5
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c
904442515005ef122be6c010d65ea169f9836c6fc8f189d21ab77c073273d63d
91c52f74446960de5f120555da753975d717c24ac3c101c696d3d9aa764ce49c
9210ab0619f501c6add5042637c9fec6b524b70192ac01707c089a956c8f3984
936dd6f6a1108b8bb9c97a937a95fe7b733ecfc81ebace6280126668dbda6c38
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
93c70eed7a07897e0d95c11e3b3d0adbf06a9d5153dd3fff9220a78848a55c63
9a7e2f2daef118825ab8bb58bc3cd9dbb3c83cb84772a08f6c5758d706fef173
9ae01a7f135caf16523f0689fba6588190f50b00336b901cdb8f522c54e1768c
9c55177527a16c362fdd04ae68059de0b2253f04131d7d441cf1b3284f3697b2
9cd9834b1ddcf001c87398fcc1eeac651229f3652bfd03e29b0bd15b0d0d933a
9fd7d2fff65037b7ba975873d8fe894cb3d1aa9f471188b3c2a136899105417a
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a242fb3a4122f8d6ea77665913c22a6ac68069ec4d7767399075ae83d7c7207c
a438165377c9a38fe1530f4faeb9e8a5b30e6ccb15b1a12c2aca5eac415eda3f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c9e1d1951c0b4eaa68436a7f0c562ec58afc092188c94856a7653d703b06c5
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a752ea20296d4beeb826b29be8e0bc967422defba3b1fb18ef910422270830c7
a7f6ad7fba7213c6e7180a709decd31813df53832956ecf6da3dc181be5607aa
a945db169b65f71973d5d29af29252441f8f07d75219abc2ed6d5d305cfa571f
a9d075107caceb238f6ce45d01192f49931da908d594edec55a74586b324174f
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
adc602c395e26f42c5b9d397d238443547cd5dc4949e1bd9f0c669e7bc08387f
add45fdd8fbc8afe60d4a7c399a00990bdd1439f5a9b5002413bcc98acf6251d
ade00ad8ef2a630078e490e30cfd90aec8f3b0874c140e210e425a1dbe234bb7
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af499369e7f19a5d9429700ef412ceace4f06ff9757735da45056ab4360f53a2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2bcda17597201f1aa779a02ac895a432aa73a9003591363df543df090e269d4
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b45ec1a20afd3a1625d477fd2c572a1385a4346c64e949f29ba909c82a803c56
b4a419095aa8f87ac838a7c0f52fa682bc635aa4d1927b9c058d547fc67dd5ea
b5fcb4f3d8b02c4fc949e6388fb57aae01898f6431c3bd8355ef6d06739f6852
b6d0ed5b67b47ed5b171424615b043927d3bb0b510b6c4ef2dd09df5cc60ac95
b8dffd2551b7a654fde7004d5c8f1630a40b62f000586d1c5f4ddbf976287f6e
b912e1e23a207a7f6a3ff664daa484241eb0c0520aeafb5084de887f78c8911a
b921107c85fd5729924d0f042f1a05f64f742bdea8d841d8d6dad64ac1bf57a6
b9605a4f459115afb66e520662f4b626b43674dfdee5fdca02056043b035c331
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb836331fe0a3d9389f632440a016296ae78df6a82a201728cb8d77d268bdb38
bbb6e8ac8521f663305b5394a2c6caf0e1917f711dd92014bdc2b1e49a3d6063
bc73ee1f199fe3ef6cfc02a16fa95c229c6f625e429c58ca6f41965b3642efba
bc876a53dc1550440043da2c9666dc520be2e271365bd64fd0ae440d100dfb3a
bc8cf116117ccb12f083a921fd88518f83b3285e08963c2f5b7ba679ce1f2a46
bee00dc9ac61a6eae0a5a1efd6af3ba501f5d4208e5e21e1bbc545db78c161fe
bfae625dddbaa975d43241875786105d0f0d0948b12d53b032a16e377d9ca191
c106633f94ccacb681cb57837404d78c00246f81b80a19a7875054cdb4ed4315
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d
c1f361ce990eadc5e76dc7edfcfd67e4a8be09d3acee6ba20af6f5342852c737
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c25d28bd591aa74d0931af662b96138ced1ee22d3271d30dbd0802d145ffb24a
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb4e65809e40363bde96002c44fa13378e2c335936dd8e68fe265f67e3f0a03b
cc967fb3020c05b132d08b053acdeef44e2fe291ef953ff11293ac9a89cc506e
cd765a00b745ea520b8348f4877c62402f885c3c9f72db10d280490a79d7c304
ce28c609d32879ba011fed63bfd9217734e07b7e10de5788a0ff60eacfc66c73
cf381183aa4800060d4650152d2f6c0396fc2baf84c962193253273d9148c4a1
d00650a89b8868f69e030b6c88bdd309371ff6b89ae7f30e1f63997de4e198a7
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d656a3d0f61d7781ce6377b66b3061f00d528ad38578668e5bfd385dabf06899
d7e305854f9238fc419fee051fc5cedeaeb76af3b6f4eeed30625bed23f868f1
d7f471c93bfa88c775fd201e2a5b77d98aa3a9ada8f8ad18631c826d575fb47b
d80b9ba4d9ed354519644fd9d90aa446ec818d52a9b98395c80a43159dc0e887
d82568c036d82f6920617df04f661f9324c4e9fce3839b2dedb6429cd490c545
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
db0c77b5dd0762b3e941724158585302e3608832c1c13646cb5bbecfd95213ae
db9b7ae745f969cc78fa1d9195d14b17c98b841d9a2d9959e2abe4ef00f9f778
ded9898aebddefe826cd641f41acf2bd9d0bbbf6e1a1650d17c8f1f7517952be
e1031686ba23e0bf2d4cf7eebba60e5cb8a13ede618bb0a02a9c6f6779e6d8c7
e3670095bf4b73b0d19a3470dcdf94e3ac4004020b434822333bc3d2e18a5382
e36e667bb41343bf7da4afa2a74664eed33fbc6f5c3d0757afa1ce5fb1013977
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e428f8c23d721da9528710a4e3f4210ae3f1c7885ccbc92cdef3f42bfd7d7c90
e4443165f66548890c2cae497db5a0fdd099eaa6e6dafe376471c98593daf50a
e52a1ca3a2ad3f54df0f043a56394e9028c35baab56857b03228cd1a4004f76a
e7a1769c80a39b35018fed082752e759a028a373e16559b09ea5c0c3d7e02325
e7aaa31aec9d6a9f88c0af5d361aff3e7828ace0fb0c55ab35922025e12700b1
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eaac877a8f03232144c07a9804b6fc327877968f55b621b03e55cfba076affde
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0df2f7e604c6d71f60482b581702b38eb70a7d9eb8fb1d06b860b360d7a897e
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5ca85ad38fd21729cafdf80e668967450986987c33f14fda4384b40eb12573e
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
fb2b180df4dbbe6180870228ca3f0e4a283d4cd88061f83d047b7ae00ac60e6a