www.imcu.com Open in urlscan Pro
20.118.17.184 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.imcu.com/
Submission: On November 18 via api (November 18th 2023, 3:39:14 pm UTC) from US — Scanned from US

Summary HTTP 167 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 46 IPs in 2 countries across 45 domains to perform 167 HTTP transactions. The main IP is 20.118.17.184, located in Des Moines, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.imcu.com. The Cisco Umbrella rank of the primary domain is 527663.
TLS certificate: Issued by GeoTrust EV RSA CA G2 on April 13th 2023. Valid for: a year.

This is the only time www.imcu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
51	20.118.17.184 20.118.17.184	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	3.161.213.20 3.161.213.20	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:4004:c06::61	15169 (GOOGLE) (GOOGLE)
1	2600:9000:230... 2600:9000:2305:400:6:9a19:88c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 5	68.67.161.182 68.67.161.182	29990 (ASN-APPNEX) (ASN-APPNEX)
3	52.189.67.130 52.189.67.130	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	3.232.252.94 3.232.252.94	14618 (AMAZON-AES) (AMAZON-AES)
1 1	54.177.116.16 54.177.116.16	16509 (AMAZON-02) (AMAZON-02)
15	54.215.170.252 54.215.170.252	16509 (AMAZON-02) (AMAZON-02)
2	34.75.237.118 34.75.237.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 3	2607:f8b0:400... 2607:f8b0:4004:c08::9b	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21a... 2600:9000:21a2:1000:15:4bf9:2dc0:21	16509 (AMAZON-02) (AMAZON-02)
1	34.205.164.221 34.205.164.221	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f03... 2a03:2880:f035:1a:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	3.5.29.142 3.5.29.142	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::5f	15169 (GOOGLE) (GOOGLE)
1	3.162.93.82 3.162.93.82	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4004:c08::5e	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f10... 2a03:2880:f103:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
7	52.45.67.236 52.45.67.236	14618 (AMAZON-AES) (AMAZON-AES)
3	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
2	99.84.108.85 99.84.108.85	16509 (AMAZON-02) (AMAZON-02)
2 4	142.251.16.149 142.251.16.149	15169 (GOOGLE) (GOOGLE)
45 51	34.150.170.96 34.150.170.96	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	54.156.136.130 54.156.136.130	14618 (AMAZON-AES) (AMAZON-AES)
4	34.86.70.109 34.86.70.109	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2607:f8b0:400... 2607:f8b0:4004:c08::9a	15169 (GOOGLE) (GOOGLE)
2 2	2600:9000:230... 2600:9000:2305:5600:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	69.20.43.192 69.20.43.192	27357 (RACKSPACE) (RACKSPACE)
4 6	199.127.204.171 199.127.204.171	26120 (RHYTHMONE) (RHYTHMONE)
2 4	52.223.22.214 52.223.22.214	16509 (AMAZON-02) (AMAZON-02)
2	2600:1f18:612... 2600:1f18:612b:4216:d296:b4ab:44c7:4070	14618 (AMAZON-AES) (AMAZON-AES)
2 4	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	13.249.39.128 13.249.39.128	16509 (AMAZON-02) (AMAZON-02)
2 2	2600:9000:215... 2600:9000:215f:4200:19:fc2c:a140:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	2600:9000:220... 2600:9000:2209:4200:1b:6b7d:2300:93a1	16509 (AMAZON-02) (AMAZON-02)
2	13.225.195.89 13.225.195.89	16509 (AMAZON-02) (AMAZON-02)
2	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	63.251.28.133 63.251.28.133	26558 (FREEWHEEL) (FREEWHEEL)
4 5	2600:1901:0:8... 2600:1901:0:8eee::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4 6	34.200.65.202 34.200.65.202	14618 (AMAZON-AES) (AMAZON-AES)
1 3	44.238.141.43 44.238.141.43	16509 (AMAZON-02) (AMAZON-02)
2	52.2.62.184 52.2.62.184	14618 (AMAZON-AES) (AMAZON-AES)
2	23.220.120.241 23.220.120.241	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	34.236.173.204 34.236.173.204	14618 (AMAZON-AES) (AMAZON-AES)
2 4	63.251.86.50 63.251.86.50	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2 4	35.244.154.8 35.244.154.8	15169 (GOOGLE) (GOOGLE)
3 5	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	172.253.115.156 172.253.115.156	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c07::68	15169 (GOOGLE) (GOOGLE)
2	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
4 4	142.251.163.155 142.251.163.155	15169 (GOOGLE) (GOOGLE)
167	46

51 20.118.17.184 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.imcu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.161.213.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-213-20.yul62.r.cloudfront.net

cdn.segmint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c06::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2305:400:6:9a19:88c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.rlets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 68.67.161.182 (Brooklyn, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.189.67.130 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

banno.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.232.252.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-252-94.compute-1.amazonaws.com

chat.agentiq.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.177.116.16 (San Jose, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-177-116-16.us-west-1.compute.amazonaws.com

birdeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 54.215.170.252 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-215-170-252.us-west-1.compute.amazonaws.com

widgets-v7.birdeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.75.237.118 (North Charleston, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.237.75.34.bc.googleusercontent.com

liqadprdct-capture-prod-east.gannettdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c08::9b (Ashburn, United States) 2 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21a2:1000:15:4bf9:2dc0:21 (United States)

ASN16509 (AMAZON-02, US)

dxussota4xxo7.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.205.164.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-164-221.compute-1.amazonaws.com

chat-service.imcu.agentiq.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f035:1a:face:b00c:0:3 (Querétaro City, Mexico)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.5.29.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com

agentiq-imcu-assets.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.162.93.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-93-82.iad61.r.cloudfront.net

ddjkm7nmu27lx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f103:83:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.45.67.236 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-67-236.compute-1.amazonaws.com

connect.segmint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.84.108.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-108-85.iad79.r.cloudfront.net

cdn.callrail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.callrail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.16.149 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: bl-in-f149.1e100.net

8136673.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8242951.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 34.150.170.96 (Washington, United States) 45 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 96.170.150.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.156.136.130 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-136-130.compute-1.amazonaws.com

maprtb.segmint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.86.70.109 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 109.70.86.34.bc.googleusercontent.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::9a (Ashburn, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2305:5600:1b:5138:8a40:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.20.43.192 (United States)

ASN27357 (RACKSPACE, US)

cs.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 199.127.204.171 (United States) 4 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.223.22.214 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:612b:4216:d296:b4ab:44c7:4070 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.249.39.128 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-249-39-128.iad89.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:215f:4200:19:fc2c:a140:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2209:4200:1b:6b7d:2300:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.195.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-195-89.yul62.r.cloudfront.net

sync1.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.251.28.133 (Secaucus, United States)

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1901:0:8eee:: (Kansas City, United States) 4 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbid.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.200.65.202 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.238.141.43 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-141-43.us-west-2.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.2.62.184 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-62-184.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.220.120.241 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-120-241.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.236.173.204 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-173-204.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 63.251.86.50 (United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.154.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.98.64.218 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.115.156 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: bg-in-f156.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c07::68 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.163.155 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: wv-in-f155.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	simpli.fi 45 redirects um.simpli.fi — Cisco Umbrella Rank: 795 tag.simpli.fi — Cisco Umbrella Rank: 4323 i.simpli.fi — Cisco Umbrella Rank: 3693	25 KB
51	imcu.com www.imcu.com — Cisco Umbrella Rank: 527663	7 MB
16	birdeye.com 1 redirects birdeye.com — Cisco Umbrella Rank: 44484 widgets-v7.birdeye.com — Cisco Umbrella Rank: 121856	103 KB
16	segmint.net cdn.segmint.net — Cisco Umbrella Rank: 40766 connect.segmint.net — Cisco Umbrella Rank: 46207 maprtb.segmint.net — Cisco Umbrella Rank: 68426	595 KB
11	doubleclick.net 8 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 78 8136673.fls.doubleclick.net — Cisco Umbrella Rank: 794942 8242951.fls.doubleclick.net — Cisco Umbrella Rank: 785303 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245	4 KB
6	yahoo.com 4 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 1460 ups.analytics.yahoo.com — Cisco Umbrella Rank: 327	996 B
5	openx.net 3 redirects us-u.openx.net — Cisco Umbrella Rank: 522	805 B
5	pro-market.net 4 redirects fei.pro-market.net — Cisco Umbrella Rank: 2436 pbid.pro-market.net — Cisco Umbrella Rank: 7860	2 KB
5	adnxs.com 1 redirects secure.adnxs.com — Cisco Umbrella Rank: 495 ib.adnxs.com — Cisco Umbrella Rank: 246	4 KB
4	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 415	982 B
4	lijit.com 2 redirects ce.lijit.com — Cisco Umbrella Rank: 882	2 KB
4	crwdcntrl.net 2 redirects bcp.crwdcntrl.net — Cisco Umbrella Rank: 887	1 KB
4	intentiq.com 2 redirects sync.intentiq.com — Cisco Umbrella Rank: 886 sync1.intentiq.com — Cisco Umbrella Rank: 2801	3 KB
4	agkn.com 4 redirects aa.agkn.com — Cisco Umbrella Rank: 560 d.agkn.com — Cisco Umbrella Rank: 755	2 KB
4	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 487	2 KB
4	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 417	1 KB
4	1rx.io 4 redirects sync.1rx.io — Cisco Umbrella Rank: 567	2 KB
4	google.com adservice.google.com — Cisco Umbrella Rank: 105 www.google.com — Cisco Umbrella Rank: 2	1 KB
3	exelator.com 1 redirects loadm.exelator.com — Cisco Umbrella Rank: 1743	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
3	banno.com banno.com — Cisco Umbrella Rank: 27652	12 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	251 KB
2	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 376	2 KB
2	googleadservices.com 2 redirects www.googleadservices.com — Cisco Umbrella Rank: 145	796 B
2	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 921	890 B
2	bfmio.com sync.bfmio.com — Cisco Umbrella Rank: 1749	842 B
2	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 566	1 KB
2	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 924	959 B
2	tremorhub.com simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 6321	349 B
2	unrulymedia.com sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268	904 B
2	lkqd.net cs.lkqd.net — Cisco Umbrella Rank: 2401	1 KB
2	smaato.net 2 redirects s.ad.smaato.net — Cisco Umbrella Rank: 716	1 KB
2	callrail.com cdn.callrail.com — Cisco Umbrella Rank: 9208 js.callrail.com — Cisco Umbrella Rank: 10472	18 KB
2	gstatic.com fonts.gstatic.com	32 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	87 KB
2	cloudfront.net dxussota4xxo7.cloudfront.net ddjkm7nmu27lx.cloudfront.net	33 KB
2	gannettdigital.com liqadprdct-capture-prod-east.gannettdigital.com — Cisco Umbrella Rank: 23731	783 B
2	agentiq.co chat.agentiq.co — Cisco Umbrella Rank: 202656 chat-service.imcu.agentiq.co — Cisco Umbrella Rank: 816104	49 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	185 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	1 KB
1	amazonaws.com agentiq-imcu-assets.s3.amazonaws.com	1 KB
1	rlets.com cdn.rlets.com — Cisco Umbrella Rank: 15282	2 KB
0	adsymptotic.com Failed p.adsymptotic.com Failed
0	surveycarrot.com Failed www.surveycarrot.com Failed
0	tiktok.com Failed analytics.tiktok.com Failed
167	45

	Domain	Requested by
51	um.simpli.fi	45 redirects tag.simpli.fi
51	www.imcu.com	www.imcu.com
15	widgets-v7.birdeye.com	www.imcu.com birdeye.com widgets-v7.birdeye.com
7	connect.segmint.net	cdn.segmint.net
7	cdn.segmint.net	www.imcu.com cdn.segmint.net
5	us-u.openx.net	3 redirects
5	ups.analytics.yahoo.com	3 redirects
4	cm.g.doubleclick.net	4 redirects
4	idsync.rlcdn.com	2 redirects
4	ce.lijit.com	2 redirects
4	bcp.crwdcntrl.net	2 redirects
4	fei.pro-market.net	4 redirects
4	pixel.tapad.com	2 redirects
4	eb2.3lift.com	2 redirects
4	sync.1rx.io	4 redirects
3	loadm.exelator.com	1 redirects
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	banno.com	www.imcu.com banno.com
3	secure.adnxs.com	1 redirects www.imcu.com
3	www.googletagmanager.com	www.imcu.com www.google-analytics.com
2	pixel.rubiconproject.com
2	ib.adnxs.com
2	www.google.com
2	googleads.g.doubleclick.net	2 redirects
2	www.googleadservices.com	2 redirects
2	stags.bluekai.com
2	sync.bfmio.com
2	ads.stickyadstv.com
2	image2.pubmatic.com
2	sync1.intentiq.com
2	sync.intentiq.com	2 redirects
2	d.agkn.com	2 redirects
2	aa.agkn.com	2 redirects
2	simplifi.partners.tremorhub.com
2	sync.targeting.unrulymedia.com
2	cs.lkqd.net
2	s.ad.smaato.net	2 redirects
2	i.simpli.fi	tag.simpli.fi
2	adservice.google.com	8136673.fls.doubleclick.net 8242951.fls.doubleclick.net
2	tag.simpli.fi	connect.segmint.net
2	maprtb.segmint.net	connect.segmint.net
2	8242951.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	8136673.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	fonts.gstatic.com	fonts.googleapis.com
2	connect.facebook.net	www.imcu.com connect.facebook.net
2	liqadprdct-capture-prod-east.gannettdigital.com	cdn.rlets.com
1	pbid.pro-market.net
1	cms.analytics.yahoo.com	1 redirects
1	js.callrail.com	cdn.callrail.com
1	cdn.callrail.com	www.googletagmanager.com
1	www.facebook.com	www.imcu.com
1	ddjkm7nmu27lx.cloudfront.net	widgets-v7.birdeye.com
1	fonts.googleapis.com	widgets-v7.birdeye.com
1	agentiq-imcu-assets.s3.amazonaws.com	chat-service.imcu.agentiq.co
1	chat-service.imcu.agentiq.co	chat.agentiq.co
1	dxussota4xxo7.cloudfront.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	birdeye.com	1 redirects
1	chat.agentiq.co	www.imcu.com
1	cdn.rlets.com	www.imcu.com
0	p.adsymptotic.com Failed
0	www.surveycarrot.com Failed	www.imcu.com
0	analytics.tiktok.com Failed	www.imcu.com
167	63

This site contains links to these domains. Also see Links.

Domain
get.adobe.com
imcuonline-cloud.lending360.com
internetloanapplication.cudl.com
nextgen.bakerhillsolutions.net
online.imcu.com
smartpay.profitstars.com
www.salliemae.com
connect.segmint.net
imf4kids.org
www.ordermychecks.com
www.facebook.com
twitter.com
instagram.com
www.linkedin.com
www.hud.gov
www.ncua.gov

Subject Issuer	Validity	Valid
www.imcu.com GeoTrust EV RSA CA G2	`2023-04-13` - `2024-04-15`	a year	crt.sh
*.segmint.net Amazon RSA 2048 M03	`2023-11-01` - `2024-11-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.rlets.com Amazon RSA 2048 M03	`2023-10-31` - `2024-11-27`	a year	crt.sh
*.banno.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-12-30` - `2024-01-06`	a year	crt.sh
*.agentiq.co Amazon RSA 2048 M01	`2023-07-29` - `2024-08-26`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.gannettdigital.com R3	`2023-10-09` - `2024-01-07`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.imcu.agentiq.co Amazon RSA 2048 M01	`2023-04-10` - `2024-05-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-27` - `2023-11-25`	3 months	crt.sh
*.birdeye.com Go Daddy Secure Certificate Authority - G2	`2023-09-17` - `2024-10-18`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
swappy.callrail.com Amazon RSA 2048 M02	`2023-07-11` - `2024-08-08`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.simpli.fi DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-12-07`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.imcu.com/
Frame ID: 3A41A05845E64793EB68ADEF0E5C1F01
Requests: 86 HTTP requests in this frame

Frame: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
Frame ID: D8CD8EAA1E33CA61FE34678C74BA37C5
Requests: 18 HTTP requests in this frame

Frame: https://connect.segmint.net/iframe/doughnut/en1Er9rn5M
Frame ID: 158F0971E2DDE989B9EBB1570A407AC4
Requests: 27 HTTP requests in this frame

Frame: https://8136673.fls.doubleclick.net/activityi;dc_pre=CPDA2u7wzYIDFX4DTwgdcnoHHQ;src=8136673;type=pagehit;cat=imcu-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9879383442839.389
Frame ID: C90FF8D99FE0125BEE184C64E894CB02
Requests: 1 HTTP requests in this frame

Frame: https://8242951.fls.doubleclick.net/activityi;dc_pre=CP7U2u7wzYIDFb6h0QQdAyoB-Q;src=8242951;type=pagehit;cat=aimcu006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5781155486274.194
Frame ID: 141362953349E48A668B4639F2C5DC36
Requests: 1 HTTP requests in this frame

Frame: https://connect.segmint.net/iframe/doughnut/en1Er9rn5M
Frame ID: 7E08655CE6F1A62F43370A5A0278961F
Requests: 27 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CPDA2u7wzYIDFX4DTwgdcnoHHQ;src=8136673;type=pagehit;cat=imcu-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9879383442839.389;~oref=https://www.imcu.com/
Frame ID: 4F9E943FE809F0756A8D75E0B3487D03
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CP7U2u7wzYIDFb6h0QQdAyoB-Q;src=8242951;type=pagehit;cat=aimcu006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5781155486274.194;~oref=https://www.imcu.com/
Frame ID: 6CB8F7778110EE8E3509614A30693244
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Indiana Members Credit Union: Keeping It Simple

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Birdeye (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

birdeye\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

167
Requests

69 %
HTTPS

31 %
IPv6

45
Domains

63
Subdomains

46
IPs

2
Countries

7939 kB
Transfer

9618 kB
Size

65
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: http://get.adobe.com/reader/
Title: Download Acrobat Reader 5.0 or higher to view PDF files.

Search URL Search Domain Scan URL

URL: https://imcuonline-cloud.lending360.com/AccountOpening/Application?membershipAnchorSet=True#/membership
Title: Join Today (Opens in a new Window)

Search URL Search Domain Scan URL

URL: https://internetloanapplication.cudl.com/imcu/LoanInformation.aspx
Title: Apply For A Loan (Opens in a new Window)

Search URL Search Domain Scan URL

URL: https://nextgen.bakerhillsolutions.net/clientportal/login/imcu
Title: Commercial Member Portal

Search URL Search Domain Scan URL

URL: https://online.imcu.com/imcuonlinebanking/uux.aspx#/login
Title: Digital Banking

Search URL Search Domain Scan URL

URL: https://smartpay.profitstars.com/sts/Account/Login?ReturnUrl=%2fsts%2fissue%2fwsfed%3fwa%3dwsignin1.0%26wtrealm%3dhttps%253a%252f%252fsmartpay.profitstars.com%252fbusiness%26wctx%3drm%253d0%2526id%253dpassive%2526ru%253d%25252fbusiness%25252flogin%25252fimcu%26wct%3d2020-03-03T19%253a20%253a26Z%26appId%3d1%26brandId%3dimcu&wa=wsignin1.0&wtrealm=https%3a%2f%2fsmartpay.profitstars.com%2fbusiness&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fbusiness%252flogin%252fimcu&wct=2020-03-03T19%3a20%3a26Z&appId=1&brandId=imcu
Title: Remote Deposit

Search URL Search Domain Scan URL

URL: https://online.imcu.com/imcuonlinebanking/uux.aspx#/login/resetPasswordUsername
Title: Forgot Password (Opens in a new Window)

Search URL Search Domain Scan URL

URL: https://online.imcu.com/imcuonlinebanking/sdk/AutoEnrollmentE2E
Title: Enroll - Consumer (Opens in a new Window)

Search URL Search Domain Scan URL

URL: https://online.imcu.com/imcuonlinebanking/sdk/BusinessEnrollmentE2E
Title: Enroll - Business (Opens in a new Window)

Search URL Search Domain Scan URL

URL: https://www.salliemae.com/landing/student-loans/?MPID=3000000188&dtd_cell=SMLRSOPACUCUCMOTAGFOTHRN010000
Title: Get Started

Search URL Search Domain Scan URL

URL: https://connect.segmint.net/trackclick/en1rr5rxMofqdM/?click=en1ER5nC6EGsdp7o&destination=8UBstjAbaeyIyt-82C3yiC3T1pgDTPGVAIKt9KfCzr4GKtAK2SVKDi6nvUXUCGPJwwZbpXjtD_j3WpaKSNQWPdX6dyUfedahSzjgKihsCSODPqGqN-oH2OwZtUQdCAQK3yk7IAkjV3MRkJydSJ_l_DUlW6BaCfdqaX5lxNX0qJs
Title: Get Started!

Search URL Search Domain Scan URL

URL: http://imf4kids.org/
Title: About Us (Opens in a new Window)

Search URL Search Domain Scan URL

URL: https://www.ordermychecks.com/login_a.jsp
Title: Reorder Checks

Search URL Search Domain Scan URL

URL: https://www.facebook.com/IndianaMembersCU
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/IndMembersCU
Title: Twitter

Search URL Search Domain Scan URL

URL: https://instagram.com/indmemberscu?igshid=t0exyjgleqkx
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/indiana-members-credit-union?trk=tyah&trkInfo=tarId:1421848154390,tas:indiana%20member,idx:1-1-1
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.hud.gov/

Search URL Search Domain Scan URL

URL: https://www.ncua.gov/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://secure.adnxs.com/seg?add=18206467&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D18206467%26t%3D1

Request Chain 33

https://birdeye.com/embed/v7/168150068519072/8/1234568071 HTTP 302
https://widgets-v7.birdeye.com/api/embed/v7/168150068519072/8/1234568071

Request Chain 101

https://8136673.fls.doubleclick.net/activityi;src=8136673;type=pagehit;cat=imcu-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9879383442839.389 HTTP 302
https://8136673.fls.doubleclick.net/activityi;dc_pre=CPDA2u7wzYIDFX4DTwgdcnoHHQ;src=8136673;type=pagehit;cat=imcu-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9879383442839.389

Request Chain 102

https://8242951.fls.doubleclick.net/activityi;src=8242951;type=pagehit;cat=aimcu006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5781155486274.194 HTTP 302
https://8242951.fls.doubleclick.net/activityi;dc_pre=CP7U2u7wzYIDFb6h0QQdAyoB-Q;src=8242951;type=pagehit;cat=aimcu006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5781155486274.194

Request Chain 103

https://um.simpli.fi/segmint HTTP 302
https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=B1739CCFBA16476C9850EF0653F2DD2B

Request Chain 109

https://um.simpli.fi/segmint HTTP 302
https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=AD11BC8ED322443E8F37718276809B76

Request Chain 120

https://um.simpli.fi/smaato HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=7A19DEE67BE241A5943EDCFDDB79585D HTTP 302
https://cs.lkqd.net/cs?partnerId=109&partnerUserId=6643b14a89&gdpr=0&gdpr_consent=

Request Chain 121

https://um.simpli.fi/nexxen HTTP 302
https://sync.1rx.io/usersync/simplifi/7A19DEE67BE241A5943EDCFDDB79585D HTTP 302
https://sync.1rx.io/usersync/simplifi/7A19DEE67BE241A5943EDCFDDB79585D?zcc=1&cb=1700321950523 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-506e20de-f929-4192-b618-3434c841a280-005

Request Chain 122

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=7A19DEE67BE241A5943EDCFDDB79585D&dongle=yf3 HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=7A19DEE67BE241A5943EDCFDDB79585D&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=

Request Chain 123

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=7A19DEE67BE241A5943EDCFDDB79585D

Request Chain 124

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=7A19DEE67BE241A5943EDCFDDB79585D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=7A19DEE67BE241A5943EDCFDDB79585D

Request Chain 125

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=7A19DEE67BE241A5943EDCFDDB79585D HTTP 302
https://d.agkn.com/pixel/10751/?che=1700321950531&ip=96.9.249.35&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D214700604704007979242 HTTP 302
https://um.simpli.fi/aa_px?sk=214700604704007979242 HTTP 302
https://um.simpli.fi/empty.gif

Request Chain 126

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=7A19DEE67BE241A5943EDCFDDB79585D HTTP 302
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=7A19DEE67BE241A5943EDCFDDB79585D&ckls=true&ci=wAgUVC59Em&nc=false&trid=-1103931988

Request Chain 127

https://um.simpli.fi/pubmatic HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:7A19DEE67BE241A5943EDCFDDB79585D

Request Chain 128

https://um.simpli.fi/freewheel HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=7A19DEE67BE241A5943EDCFDDB79585D

Request Chain 129

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=7A19DEE67BE241A5943EDCFDDB79585D;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=7A19DEE67BE241A5943EDCFDDB79585D;mimetype=img;sr HTTP 302
https://cms.analytics.yahoo.com/cms?partner_id=DATCS HTTP 302
https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS HTTP 302
https://pbid.pro-market.net/engine?du=81&mimetype=img&csync=y-FabFtFtE2pSrdkzIlJLIKt6hY1TSgT9gUjU-~A

Request Chain 130

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=7A19DEE67BE241A5943EDCFDDB79585D&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=7A19DEE67BE241A5943EDCFDDB79585D&j=0&xl8blockcheck=1

Request Chain 131

https://um.simpli.fi/yahoo HTTP 302
https://ups.analytics.yahoo.com/ups/55964/sync?uid=7A19DEE67BE241A5943EDCFDDB79585D HTTP 302
https://ups.analytics.yahoo.com/ups/55964/sync?uid=7A19DEE67BE241A5943EDCFDDB79585D&verify=true

Request Chain 132

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=7A19DEE67BE241A5943EDCFDDB79585D

Request Chain 133

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=7A19DEE67BE241A5943EDCFDDB79585D

Request Chain 134

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=7A19DEE67BE241A5943EDCFDDB79585D HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=7A19DEE67BE241A5943EDCFDDB79585D

Request Chain 135

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=7A19DEE67BE241A5943EDCFDDB79585D HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=7A19DEE67BE241A5943EDCFDDB79585D&dnr=1

Request Chain 136

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=7A19DEE67BE241A5943EDCFDDB79585D HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CO7NGRIrCicIARDuJBogN0ExOURFRTY3QkUyNDFBNTk0M0VEQ0ZEREI3OTU4NUQQABoNCJ6146oGEgUI6AcQAEIASgA HTTP 307
https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=6c7f2129-509e-47a6-94fe-a420a7ada107

Request Chain 137

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1700321950347&cv=7&fst=1700321950347&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=909029185&cv=7&fst=1700321950347&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=ntpYZYKkHYej_gT8m4aICw&sscte=1&crd=&pscrd=IhMIguvy7vDNggMVh5GfCh38jQGx HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=909029185&cv=7&fst=1700321950347&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIguvy7vDNggMVh5GfCh38jQGx&is_vtc=1&ocp_id=ntpYZYKkHYej_gT8m4aICw&cid=CAQSKQDICaaN5RSAqiTvBrlPoQq_klCSJzInU65MvI9WKVIib0n3GRrsXJ0S&random=1958178566

Request Chain 139

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=7A19DEE67BE241A5943EDCFDDB79585D

Request Chain 140

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=7A19DEE67BE241A5943EDCFDDB79585D&expires=365

Request Chain 141

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=7A19DEE67BE241A5943EDCFDDB79585D HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=7A19DEE67BE241A5943EDCFDDB79585D

Request Chain 142

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEPKZkgkfoEAYKjC626_KFVI&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7A19DEE67BE241A5943EDCFDDB79585D HTTP 302
https://um.simpli.fi/g_match?id=

Request Chain 143

https://um.simpli.fi/smaato HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=7A19DEE67BE241A5943EDCFDDB79585D HTTP 302
https://cs.lkqd.net/cs?partnerId=109&partnerUserId=cfb443f2e2&gdpr=0&gdpr_consent=

Request Chain 144

https://um.simpli.fi/nexxen HTTP 302
https://sync.1rx.io/usersync/simplifi/7A19DEE67BE241A5943EDCFDDB79585D HTTP 302
https://sync.1rx.io/usersync/simplifi/7A19DEE67BE241A5943EDCFDDB79585D?zcc=1&cb=1700321950556 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-7f59a218-9230-46b3-b127-e5c5cef621da-005

Request Chain 145

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=7A19DEE67BE241A5943EDCFDDB79585D&dongle=yf3 HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=7A19DEE67BE241A5943EDCFDDB79585D&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=

Request Chain 146

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=7A19DEE67BE241A5943EDCFDDB79585D

Request Chain 147

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=7A19DEE67BE241A5943EDCFDDB79585D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=7A19DEE67BE241A5943EDCFDDB79585D

Request Chain 148

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=7A19DEE67BE241A5943EDCFDDB79585D HTTP 302
https://d.agkn.com/pixel/10751/?che=1700321950529&ip=96.9.249.35&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D212630604704007984171 HTTP 302
https://um.simpli.fi/aa_px?sk=212630604704007984171 HTTP 302
https://um.simpli.fi/empty.gif

Request Chain 149

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=7A19DEE67BE241A5943EDCFDDB79585D HTTP 302
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=7A19DEE67BE241A5943EDCFDDB79585D&ckls=true&ci=9mCowxeomW&nc=false&trid=-639575343

Request Chain 150

https://um.simpli.fi/pubmatic HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:7A19DEE67BE241A5943EDCFDDB79585D

Request Chain 151

https://um.simpli.fi/freewheel HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=7A19DEE67BE241A5943EDCFDDB79585D

Request Chain 152

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=7A19DEE67BE241A5943EDCFDDB79585D;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=7A19DEE67BE241A5943EDCFDDB79585D;mimetype=img;sr HTTP 302
https://idsync.rlcdn.com/400646.gif?partner_uid=850954027848977010

Request Chain 153

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=7A19DEE67BE241A5943EDCFDDB79585D&j=0

Request Chain 154

https://um.simpli.fi/yahoo HTTP 302
https://ups.analytics.yahoo.com/ups/55964/sync?uid=7A19DEE67BE241A5943EDCFDDB79585D HTTP 302
https://ups.analytics.yahoo.com/ups/55964/sync?uid=7A19DEE67BE241A5943EDCFDDB79585D&verify=true

Request Chain 155

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=7A19DEE67BE241A5943EDCFDDB79585D

Request Chain 156

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=7A19DEE67BE241A5943EDCFDDB79585D

Request Chain 157

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=7A19DEE67BE241A5943EDCFDDB79585D HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=7A19DEE67BE241A5943EDCFDDB79585D

Request Chain 158

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=7A19DEE67BE241A5943EDCFDDB79585D HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=7A19DEE67BE241A5943EDCFDDB79585D&dnr=1

Request Chain 159

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=7A19DEE67BE241A5943EDCFDDB79585D HTTP 307
https://pippio.com/api/sync?pid=5324&_=2 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpGgwInrXjqgYSBAgCEABCAEoA HTTP 302
https://pippio.com/api/sync/ddp?pid=2&m=CMwpGgwInrXjqgYSBAgCEABCAEoA&google_gid=CAESED6LKGBVM5_zQ6L7PEp2cfw&google_cver=1 HTTP 307
https://p.adsymptotic.com/d/px/?_pid=16257&_psign=5a9f251662be469b9732c38b03f11952&_redirect=https%3A%2F%2Fpippio.com%2Fapi%2Fsync%3Fpid%3D710202%26it%3D1%26iv%3D%24%7BUUID%7D&_rand=03548031

Request Chain 161

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=7A19DEE67BE241A5943EDCFDDB79585D

Request Chain 162

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=7A19DEE67BE241A5943EDCFDDB79585D&expires=365

Request Chain 163

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=7A19DEE67BE241A5943EDCFDDB79585D HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=7A19DEE67BE241A5943EDCFDDB79585D

Request Chain 164

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESELljDJI_IgQDAG-hFutel_g&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7A19DEE67BE241A5943EDCFDDB79585D HTTP 302
https://um.simpli.fi/g_match?id=

Request Chain 165

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1700321950350&cv=7&fst=1700321950350&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=503273521&cv=7&fst=1700321950350&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=ntpYZeWqHdCNoPMP5_CdiAI&sscte=1&crd=&pscrd=IhMI5fHy7vDNggMV0AZoCB1neAch HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=503273521&cv=7&fst=1700321950350&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI5fHy7vDNggMV0AZoCB1neAch&is_vtc=1&ocp_id=ntpYZeWqHdCNoPMP5_CdiAI&cid=CAQSKQDICaaNZg33BU6892kMPGjsECTv9OrhThLvpygP1msk6VGq3d3zTHs_&random=4278094487

167 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.imcu.com/ 55 KB
13 KB 344ms
206ms Document
text/html 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imcu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

2950b48f9b87db4589b282a759df682217f78541eca4c7d38329d8182fa2fbd7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' crownpeak.net .crownpeak.net https://.agentiq.co wss://.agentiq.co https://api.cobrowse.io wss://.cobrowse.io https://cobrowse.io .google-analytics.com .g.doubleclick.net .gannettdigital.com .rlets.com .reachlocalservices.com .facebook.net .rlcdn.com .gannettdigital.com .facebook.com .simpli.fi .googleservices.com .doubleclick.net .googleapis.com .segmint.net .banno.com https://banno.com https://s3.amazonaws.com; font-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com; frame-ancestors 'self' https://.agentiq.co https://chat-service.imcu.agentiq.co; frame-src 'self' https://app.imcu.com https://.imcu.com .youtube.com .google.com .vimeo.com https://.agentiq.co https://cobrowse.io .fls.doubleclick.net .baconpay.com .optimalblue.com .rlets.com .reachlocalservices.com .facebook.net .rlcdn.com .gannettdigital.com .facebook.com .simpli.fi .googleservices.com .doubleclick.net .segmint.net birdeye.com .birdeye.com; img-src 'self' https://imcuonline-cloud.lending360.com https://agentiq-imcu-assets.s3.amazonaws.com .google-analytics.com .googletagmanager.com banno.com .banno.com .googleapis.com .gstatic.com .facebook.com .rlets.com .reachlocalservices.com .facebook.net .rlcdn.com .gannettdigital.com .facebook.com .simpli.fi .googleservices.com .doubleclick.net .segmint.net data: .banno.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://imcuonline-cloud.lending360.com https://app.imcu.com .google-analytics.com .googletagmanager.com .googleadservices.com .googleapis.com banno.com .banno.com crownpeak.com .crownpeak.com https://.agentiq.co .cobrowse.io .rlets.com .adnxs.com .facebook.net .cloudfront.net .callrail.com .baconpay.com .rlets.com .reachlocalservices.com .facebook.net .rlcdn.com .gannettdigital.com .facebook.com .simpli.fi .googleservices.com .doubleclick.net https://www.google.com/recaptcha/api.js .gstatic.com .segmint.net birdeye.com .birdeye.com .banno.com; style-src 'self' 'unsafe-inline' .googleapis.com https://chat-service.imcu.agentiq.co
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: public, max-age=0
content-encoding: gzip
content-length: 11262
content-security-policy: default-src 'self'; connect-src 'self' crownpeak.net *.crownpeak.net https://*.agentiq.co wss://*.agentiq.co https://api.cobrowse.io wss://*.cobrowse.io https://cobrowse.io *.google-analytics.com *.g.doubleclick.net *.gannettdigital.com *.rlets.com *.reachlocalservices.com *.facebook.net *.rlcdn.com *.gannettdigital.com *.facebook.com *.simpli.fi *.googleservices.com *.doubleclick.net *.googleapis.com *.segmint.net *.banno.com https://banno.com https://s3.amazonaws.com; font-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com; frame-ancestors 'self' https://*.agentiq.co https://chat-service.imcu.agentiq.co; frame-src 'self' https://app.imcu.com https://*.imcu.com *.youtube.com *.google.com *.vimeo.com https://*.agentiq.co https://cobrowse.io *.fls.doubleclick.net *.baconpay.com *.optimalblue.com *.rlets.com *.reachlocalservices.com *.facebook.net *.rlcdn.com *.gannettdigital.com *.facebook.com *.simpli.fi *.googleservices.com *.doubleclick.net *.segmint.net birdeye.com *.birdeye.com; img-src 'self' https://imcuonline-cloud.lending360.com https://agentiq-imcu-assets.s3.amazonaws.com *.google-analytics.com *.googletagmanager.com banno.com *.banno.com *.googleapis.com *.gstatic.com *.facebook.com *.rlets.com *.reachlocalservices.com *.facebook.net *.rlcdn.com *.gannettdigital.com *.facebook.com *.simpli.fi *.googleservices.com *.doubleclick.net *.segmint.net data: *.banno.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://imcuonline-cloud.lending360.com https://app.imcu.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.googleapis.com banno.com *.banno.com crownpeak.com *.crownpeak.com https://*.agentiq.co *.cobrowse.io *.rlets.com *.adnxs.com *.facebook.net *.cloudfront.net *.callrail.com *.baconpay.com *.rlets.com *.reachlocalservices.com *.facebook.net *.rlcdn.com *.gannettdigital.com *.facebook.com *.simpli.fi *.googleservices.com *.doubleclick.net https://www.google.com/recaptcha/api.js *.gstatic.com *.segmint.net birdeye.com *.birdeye.com *.banno.com; style-src 'self' 'unsafe-inline' *.googleapis.com https://chat-service.imcu.agentiq.co
content-type: text/html; charset=utf-8
date: Sat, 18 Nov 2023 15:39:08 GMT
expires: Sat, 18 Nov 2023 15:39:08 GMT
server: nginx
strict-transport-security: max-age=16070400
vary: Accept-Encoding
via: varnish
x-ad-insert-result: no ads - index
x-b3-traceid: 8db3afe48403b4e0
x-content-type-options: nosniff
x-envoy-upstream-service-time: 104
x-frame-options: SAMEORIGIN
x-request-id: 19bdcd93-0832-9ace-bd81-dc9c3ebfec8a
x-varnish: 106376911
x-varnish-count: 0
x-varnish-hitmiss: MISS
x-varnish-ttl: 0.000
x-xss-protection: 1; mode=block

GET
H2 200 main.min.css
www.imcu.com/assets/css/ 401 KB
48 KB 55ms
53ms Stylesheet
text/css 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imcu.com/assets/css/main.min.css?v=1699977987544

Requested by

Host: www.imcu.com
URL: https://www.imcu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

e8340af2c2dc38ad3de763776e43ff7974757e11e5eb8cc10d6e75f16882ce9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=16070400
via: varnish
x-b3-traceid: c8f30588cebf156f
age: 81239
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="main.min.css"
content-length: 48088
x-xss-protection: 1; mode=block
x-request-id: 8d72ad9b-2178-9c7d-9dfe-bf8b39eb78f5
x-varnish-count: 3768
last-modified: Tue, 14 Nov 2023 17:04:40 GMT
server: nginx
etag: "4341b07f4098438e32302135198c4795"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
x-varnish: 105033051 86393053
cache-control: public, max-age=0
accept-ranges: bytes
expires: Fri, 17 Nov 2023 17:05:08 GMT

GET
H/1.1 200
OK segmint.min.js Show response
cdn.segmint.net/ 16 KB
16 KB 148ms
33ms Script
application/javascript 3.161.213.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segmint.net/segmint.min.js
Requested by: Host: www.imcu.com
URL: https://www.imcu.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.213.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-213-20.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8d5d3f4a44a4e9c6ea8f6c84f8dcc1fd7a31ad4c07df78b237c41c4d7fc10ecb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 19:18:42 GMT
Via: 1.1 e4319b693fea530a4675a1f616581394.cloudfront.net (CloudFront)
Last-Modified: Wed, 20 Sep 2023 12:33:41 GMT
Server: AmazonS3
X-Amz-Cf-Pop: YUL62-P1
Age: 73227
ETag: "6bdf8bf9c48aef3424ec8556d42ae32e"
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Cache-Control: max-age:900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16163
X-Amz-Cf-Id: vPjBSkKjiGWxJ7RU1XQZRHgd4X4CiasFf_019n-FUrzoIfLubAc6gQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 286 KB
94 KB 128ms
52ms Script
application/javascript 2607:f8b0:4004:c06::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q04TV61VH4

Requested by

Host: www.imcu.com
URL: https://www.imcu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2d1d436c3b4ab349ba84c9aaa450f895a59ba21cd57955429cbe8ccd7ce56ee6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96207
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 18 Nov 2023 15:39:08 GMT

GET
H2 200 mms.js Show response
cdn.rlets.com/capture_static/mms/ 3 KB
2 KB 130ms
32ms Script
application/javascript 2600:9000:2305:400:6:9a19:88c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rlets.com/capture_static/mms/mms.js
Requested by: Host: www.imcu.com
URL: https://www.imcu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2305:400:6:9a19:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 99c4e063fef9de92f780394db21c614a35cc62deea02801aa45df58b6f686be9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 19:19:14 GMT
content-encoding: br
via: 1.1 7a887c7cb9fe4a7abca02d85e8b196e8.cloudfront.net (CloudFront)
last-modified: Tue, 07 Nov 2023 21:02:14 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-P2
age: 73195
etag: W/"2793d2aa83c14466ab58d339eea320ec"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 1gU0T0ELeD92HoUSg55v4wCgirJxZPq6By16ITrS6CfpjQOvezKh2A==

GET
H2

200

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=18206467&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D18206467%26t%3D1

0
804 B

82ms
82ms

Script
application/javascript

68.67.161.182
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D18206467%26t%3D1

Requested by

Host: www.imcu.com
URL: https://www.imcu.com/

Protocol

Server

68.67.161.182 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 15:39:08 GMT
an-x-request-uuid: 2dbf4418-ecc3-4141-b91d-23444873901e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 96.9.249.35; 96.9.249.35; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 18 Nov 2023 15:39:08 GMT
an-x-request-uuid: 69c71b15-44b4-4e44-836a-2bdc19c3433f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D18206467%26t%3D1
x-proxy-origin: 96.9.249.35; 96.9.249.35; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 welcome-catnav.png
www.imcu.com/assets/img/ 2 KB
3 KB 52ms
52ms Image
image/png 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imcu.com/assets/img/welcome-catnav.png

Requested by

Host: www.imcu.com
URL: https://www.imcu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

deba2226480a94e33c151e7e6ba92e52520aea9d060976831c23289d6fbb3394

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
via: varnish
x-b3-traceid: 6ab315548dd0798e
age: 81237
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="welcome-catnav.png"
content-length: 2246
x-xss-protection: 1; mode=block
x-request-id: ccf4a780-1d86-99a2-93e6-c7bebca2eab0
x-varnish-count: 3733
last-modified: Tue, 14 Nov 2023 17:04:40 GMT
server: nginx
etag: "c9832c6924b9c21cda33e07763e0ac6f"
x-frame-options: SAMEORIGIN
content-type: image/png
x-varnish: 105065222 88353324
cache-control: public, max-age=0
accept-ranges: bytes
expires: Fri, 17 Nov 2023 17:05:11 GMT

GET
H2 200 welcome-nav.png
www.imcu.com/assets/img/ 194 KB
195 KB 105ms
105ms Image
image/png 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imcu.com/assets/img/welcome-nav.png

Requested by

Host: www.imcu.com
URL: https://www.imcu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

d2742b17a200523a46f49b6f1242f3b7e752b6bc7f371536afe845e5254f0ec8

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
via: varnish
x-b3-traceid: 9212768a3e750eed
age: 81225
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="welcome-nav.png"
content-length: 198678
x-xss-protection: 1; mode=block
x-request-id: 66055bbb-8f8d-90a6-986b-310b4ef60c67
x-varnish-count: 3666
last-modified: Tue, 14 Nov 2023 17:04:40 GMT
server: nginx
etag: "d2a2618763842dc8dec633363a536949"
x-frame-options: SAMEORIGIN
content-type: image/png
x-varnish: 105165205 87503135
cache-control: public, max-age=0
accept-ranges: bytes
expires: Fri, 17 Nov 2023 17:05:23 GMT

GET
H2 200 welcome-login.png
www.imcu.com/assets/img/ 39 KB
40 KB 151ms
150ms Image
image/png 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imcu.com/assets/img/welcome-login.png

Requested by

Host: www.imcu.com
URL: https://www.imcu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

05c0571b3ac8a93c190f84cbf95e00d67bd0839a277c29fb2d750d54c987990d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
via: varnish
x-b3-traceid: 7a85c032f76a4acf
age: 81234
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="welcome-login.png"
content-length: 40047
x-xss-protection: 1; mode=block
x-request-id: e4d8e25c-13de-989f-896e-fcb66bd2f641
x-varnish-count: 3732
last-modified: Tue, 14 Nov 2023 17:04:40 GMT
server: nginx
etag: "c2d9636e3493e66bd45028d6e556fd08"
x-frame-options: SAMEORIGIN
content-type: image/png
x-varnish: 105165206 86829818
cache-control: public, max-age=0
accept-ranges: bytes
expires: Fri, 17 Nov 2023 17:05:13 GMT

GET
H2 200 indiana-members-cu-logo@3x.png
www.imcu.com/assets/img/ 6 KB
7 KB 54ms
53ms Image
image/png 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imcu.com/assets/img/indiana-members-cu-logo@3x.png

Requested by

Host: www.imcu.com
URL: https://www.imcu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

de6d3acda35868aa8267832d374bf405a7618d5ff507d6648429dd510bd6b25d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
via: varnish
x-b3-traceid: 3f083f52a6e8a6a3
age: 81262
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="indiana-members-cu-logo@3x.png"
content-length: 6613
x-xss-protection: 1; mode=block
x-request-id: 075cbdf9-962a-9ca5-a7dd-bf8b2ab38c70
x-varnish-count: 4687
last-modified: Tue, 14 Nov 2023 17:04:40 GMT
server: nginx
etag: "b2bd6092cbf9dbf5a63463194435ef65"
x-frame-options: SAMEORIGIN
content-type: image/png
x-varnish: 104486873 48448263
cache-control: public, max-age=0
accept-ranges: bytes
expires: Fri, 17 Nov 2023 17:04:45 GMT

GET
H2 200 Toy-Drive-2022-Rotating-Banner.jpg
www.imcu.com/assets/files/of1iqyfG/ 332 KB
333 KB 63ms
62ms Image
image/jpeg 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imcu.com/assets/files/of1iqyfG/Toy-Drive-2022-Rotating-Banner.jpg

Requested by

Host: www.imcu.com
URL: https://www.imcu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

6c6a03ff6652de29b2cc7597dcc5754ba2cd0c946392859d88f5256a8cfaeca2

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
via: varnish
x-b3-traceid: 921f4029bc71a744
age: 0
x-varnish-hitmiss: MISS
x-envoy-upstream-service-time: 10
content-disposition: filename="Toy-Drive-2022-Rotating-Banner.jpg"
x-varnish-count: 0
x-xss-protection: 1; mode=block
x-request-id: 3a0b72d3-c139-9df7-bf78-ed4906ecc391
last-modified: Mon, 07 Nov 2022 13:04:36 GMT
server: nginx
etag: "73051b4af3a6a9d1d14c2a022b6b6ee0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-varnish: 104386244
cache-control: private
accept-ranges: bytes
expires: Sat, 18 Nov 2023 15:39:08 GMT

GET
H2 200 13-Month-Certificate-Rotating-Banner-10.2023.jpg
www.imcu.com/assets/files/iBzefd7y/ 792 KB
793 KB 69ms
61ms Image
image/jpeg 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imcu.com/assets/files/iBzefd7y/13-Month-Certificate-Rotating-Banner-10.2023.jpg

Requested by

Host: www.imcu.com
URL: https://www.imcu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

cff88ecc4da0fe4641c1d4ce57313b1801118b59426c09b1f9d7392ef33a5874

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
via: varnish
x-b3-traceid: dc0a1899fe90babe
age: 0
x-varnish-hitmiss: MISS
x-envoy-upstream-service-time: 4
content-disposition: filename="13-Month-Certificate-Rotating-Banner-10.2023.jpg"
x-varnish-count: 0
x-xss-protection: 1; mode=block
x-request-id: 7c6b97e1-6eb7-95f4-97e3-9ef4150187fb
last-modified: Fri, 29 Sep 2023 17:54:42 GMT
server: nginx
etag: "07a73c804a6b5dbc28299e99a1d8a885"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-varnish: 97283667
cache-control: private
accept-ranges: bytes
expires: Sat, 18 Nov 2023 15:39:08 GMT

GET
H2 200 Hiring-Open-House-2023-Rotating-Banner.jpg
www.imcu.com/assets/files/H0pnGJns/ 461 KB
462 KB 178ms
169ms Image
image/jpeg 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imcu.com/assets/files/H0pnGJns/Hiring-Open-House-2023-Rotating-Banner.jpg

Requested by

Host: www.imcu.com
URL: https://www.imcu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

8ee5ce60cbae1e58b5e55b571efe515a0e418f5e3967484ccec19ce9dfe59b2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
via: varnish
x-b3-traceid: ef5d56a43877a4b7
age: 0
x-varnish-hitmiss: MISS
x-envoy-upstream-service-time: 10
content-disposition: filename="Hiring-Open-House-2023-Rotating-Banner.jpg"
x-varnish-count: 0
x-xss-protection: 1; mode=block
x-request-id: d175db1b-5e67-9675-9a01-b68e54dd4678
last-modified: Mon, 06 Nov 2023 14:49:11 GMT
server: nginx
etag: "ab23a39368f4f6a7f97034b8edf4aef9"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-varnish: 107319161
cache-control: private
accept-ranges: bytes
expires: Sat, 18 Nov 2023 15:39:08 GMT

GET
H2 200 T-Mobile-2023-Rotating-Banner.jpg
www.imcu.com/assets/files/MrVTNGFD/ 367 KB
368 KB 140ms
132ms Image
image/jpeg 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imcu.com/assets/files/MrVTNGFD/T-Mobile-2023-Rotating-Banner.jpg

Requested by

Host: www.imcu.com
URL: https://www.imcu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

6da3c49e01d71fe6ad6c731dd3352fb5b43114024a7a53e6a0692657b1c63dd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
via: varnish
x-b3-traceid: df8f993162fa3bdf
age: 0
x-varnish-hitmiss: MISS
x-envoy-upstream-service-time: 7
content-disposition: filename="T-Mobile-2023-Rotating-Banner.jpg"
x-varnish-count: 0
x-xss-protection: 1; mode=block
x-request-id: 3305ec20-6720-9a2b-a7b6-d728f591fade
last-modified: Mon, 16 Oct 2023 17:58:14 GMT
server: nginx
etag: "ab20e3ae89461333ebd1c67500b68752"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-varnish: 98186890
cache-control: private
accept-ranges: bytes
expires: Sat, 18 Nov 2023 15:39:08 GMT

GET
H2 200 Sallie-Mae-Fall-2021-Rotating-Banner.jpg
www.imcu.com/assets/files/C4i0XSCv/ 492 KB
493 KB 145ms
137ms Image
image/jpeg 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imcu.com/assets/files/C4i0XSCv/Sallie-Mae-Fall-2021-Rotating-Banner.jpg

Requested by

Host: www.imcu.com
URL: https://www.imcu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

ee812a922fafe6ac67e8a6b135e812e58b24030def1850886bb862060817ce9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
via: varnish
x-b3-traceid: 5d237ab27fd6efc9
age: 0
x-varnish-hitmiss: MISS
x-envoy-upstream-service-time: 8
content-disposition: filename="Sallie-Mae-Fall-2021-Rotating-Banner.jpg"
x-varnish-count: 0
x-xss-protection: 1; mode=block
x-request-id: 36534a70-b2f1-9c7f-a9bc-0610eaa379e3
last-modified: Mon, 14 Nov 2022 13:18:21 GMT
server: nginx
etag: "910b304bd6e60a796fb1df5cdf1f19af"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-varnish: 105356975
cache-control: private
accept-ranges: bytes
expires: Sat, 18 Nov 2023 15:39:08 GMT

GET
H2 200 Special-Offers-Homepage-Icon.png
www.imcu.com/assets/files/0kb02QFZ/ 473 B
966 B 71ms
64ms Image
image/png 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imcu.com/assets/files/0kb02QFZ/Special-Offers-Homepage-Icon.png

Requested by

Host: www.imcu.com
URL: https://www.imcu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

043cc930881f6a402e33c1edb1cbdd67b5604900d08b847b57041a57a380ee5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
via: varnish
x-b3-traceid: d826a5dd5e534119
age: 0
x-varnish-hitmiss: MISS
x-envoy-upstream-service-time: 5
content-disposition: filename="Special-Offers-Homepage-Icon.png"
x-varnish-count: 0
x-xss-protection: 1; mode=block
x-request-id: dde89436-b6eb-9864-958d-51b324f9fbae
last-modified: Wed, 25 Jan 2023 17:01:40 GMT
server: nginx
etag: "f9e78b83f79314708c96b0eaecae2196"
x-frame-options: SAMEORIGIN
content-type: image/png
x-varnish: 100066109
cache-control: private
accept-ranges: bytes
expires: Sat, 18 Nov 2023 15:39:08 GMT

GET
H2 200 icon-mobile.png
www.imcu.com/assets/content/9X2ZqyZJ/ 620 B
1 KB 67ms
59ms Image
image/png 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imcu.com/assets/content/9X2ZqyZJ/icon-mobile.png

Requested by

Host: www.imcu.com
URL: https://www.imcu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

c36ee346b92890d2894b82e85526775efb3644c73834b6b86e77d2be8174af6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
via: varnish
x-b3-traceid: 57f0a87953613390
age: 81211
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="icon-mobile.png"
content-length: 620
x-xss-protection: 1; mode=block
x-request-id: a99f34b8-7206-93c8-be5c-2743bb4ac7c7
x-varnish-count: 1034
last-modified: Mon, 22 Oct 2018 21:04:46 GMT
server: nginx
etag: "baa4e6c3499f6233b5a351a4d0476fde"
x-frame-options: SAMEORIGIN
content-type: image/png
x-varnish: 105033052 85541407
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 17:05:36 GMT

GET
H2 200 icon-auto.png
www.imcu.com/assets/content/D91iHyeV/ 540 B
1 KB 68ms
60ms Image
image/png 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imcu.com/assets/content/D91iHyeV/icon-auto.png

Requested by

Host: www.imcu.com
URL: https://www.imcu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

a3b8f422d16861fae92e93ccd283bc85c68217193c4aaeed2059fa8f9290c7b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
via: varnish
x-b3-traceid: 98428697aa0ec5b7
age: 81201
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="icon-auto.png"
content-length: 540
x-xss-protection: 1; mode=block
x-request-id: f78ed21b-18da-9889-8b53-d5569046ab7c
x-varnish-count: 958
last-modified: Mon, 22 Oct 2018 21:04:44 GMT
server: nginx
etag: "17beb90294998e528a1159e4d3a7c118"
x-frame-options: SAMEORIGIN
content-type: image/png
x-varnish: 105065224 60436688
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 17:05:47 GMT

GET
H2 200 icon-binoculars.png
www.imcu.com/assets/content/kfaB86ca/ 645 B
1 KB 67ms
60ms Image
image/png 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imcu.com/assets/content/kfaB86ca/icon-binoculars.png

Requested by

Host: www.imcu.com
URL: https://www.imcu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

1c49de92a9d2aaf888a160f19745676220c659e62ed547f62a87f115e319d3e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
via: varnish
x-b3-traceid: d6b0972b96ffcdf8
age: 81186
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="icon-binoculars.png"
content-length: 645
x-xss-protection: 1; mode=block
x-request-id: 9c7b6ff1-c4bb-94ce-ad02-69b22563b072
x-varnish-count: 941
last-modified: Mon, 22 Oct 2018 21:04:44 GMT
server: nginx
etag: "dca376e40854549683fdcaad960cb3e1"
x-frame-options: SAMEORIGIN
content-type: image/png
x-varnish: 105526098 86701219
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 17:06:02 GMT

GET
H2 200 Homepage-Ad---Holiday-Promo-2023---708x472.jpg
www.imcu.com/assets/files/yGANEcCV/ 170 KB
170 KB 178ms
172ms Image
image/jpeg 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imcu.com/assets/files/yGANEcCV/Homepage-Ad---Holiday-Promo-2023---708x472.jpg

Requested by

Host: www.imcu.com
URL: https://www.imcu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

ce5e749ecdf9d387534d9de8b09f5740278e5eba5c24c8f978a1c88ca2eaae5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
via: varnish
x-b3-traceid: 5d7a261b090b85b5
age: 0
x-varnish-hitmiss: MISS
x-envoy-upstream-service-time: 10
content-disposition: filename="Homepage-Ad---Holiday-Promo-2023---708x472.jpg"
x-varnish-count: 0
x-xss-protection: 1; mode=block
x-request-id: 925d3d42-945d-93f1-b42a-6265e3559b78
last-modified: Mon, 30 Oct 2023 17:54:18 GMT
server: nginx
etag: "1e92bb0ea6fcdd794302393eea0b73a6"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-varnish: 96907749
cache-control: private
accept-ranges: bytes
expires: Sat, 18 Nov 2023 15:39:08 GMT

GET
H2 200 Check-Out-Our-Recent-Reviews---708x472.jpg
www.imcu.com/assets/files/YB11BLir/ 137 KB
138 KB 271ms
265ms Image
image/jpeg 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imcu.com/assets/files/YB11BLir/Check-Out-Our-Recent-Reviews---708x472.jpg

Requested by

Host: www.imcu.com
URL: https://www.imcu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

998b51877fdfbebabc2efe3ffc8ad41ca771915258bcd5169d623032ccacbf1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
via: varnish
x-b3-traceid: cb1cb3df747fdfdf
age: 0
x-varnish-hitmiss: MISS
x-envoy-upstream-service-time: 5
content-disposition: filename="Check-Out-Our-Recent-Reviews---708x472.jpg"
x-varnish-count: 0
x-xss-protection: 1; mode=block
x-request-id: 5771890a-bd6a-963b-b545-90dd3b15e923
last-modified: Wed, 13 Sep 2023 16:33:57 GMT
server: nginx
etag: "a8f8a5e02d910f3dcdfba743814b476b"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-varnish: 105165210
cache-control: private
accept-ranges: bytes
expires: Sat, 18 Nov 2023 15:39:08 GMT

GET
H2 200 large-p-certificate.jpg
www.imcu.com/assets/content/wLXmk3VS/ 264 KB
265 KB 225ms
219ms Image
image/jpeg 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imcu.com/assets/content/wLXmk3VS/large-p-certificate.jpg

Requested by

Host: www.imcu.com
URL: https://www.imcu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

b9067cbeb9d1f73d6d399fe3336d85ebfd394f52e5aa1ad843391c420dfe97d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
via: varnish
x-b3-traceid: e5b628316ad4451c
age: 81217
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="large-p-certificate.jpg"
content-length: 270023
x-xss-protection: 1; mode=block
x-request-id: 80417cd3-231a-9ea0-a428-edd923fc2952
x-varnish-count: 978
last-modified: Mon, 22 Oct 2018 21:04:48 GMT
server: nginx
etag: "1d5d218ae8b4b545ea3f1693ea17802d"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-varnish: 96907751 88386047
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 17:05:31 GMT

GET
H2 200 Josh-Hecker---245x275.jpg
www.imcu.com/assets/files/IMwa9Uit/ 63 KB
64 KB 276ms
270ms Image
image/jpeg 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imcu.com/assets/files/IMwa9Uit/Josh-Hecker---245x275.jpg

Requested by

Host: www.imcu.com
URL: https://www.imcu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

0d7499ba0c92fd337043c52c7d71c69a1181983270100ff83ca107e540a9444e

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
via: varnish
x-b3-traceid: 6549d45ab4ac1103
age: 0
x-varnish-hitmiss: MISS
x-envoy-upstream-service-time: 9
content-disposition: filename="Josh-Hecker---245x275.jpg"
x-varnish-count: 0
x-xss-protection: 1; mode=block
x-request-id: a25c925c-ccd6-9f8d-8753-54d7862891b0
last-modified: Fri, 04 Mar 2022 19:58:38 GMT
server: nginx
etag: "f88d99913ef8711b14661607fde607ba"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-varnish: 107319163
cache-control: private
accept-ranges: bytes
expires: Sat, 18 Nov 2023 15:39:08 GMT

GET
H2 200 David-Early---245x275.jpg
www.imcu.com/assets/files/pvLtMZvp/ 76 KB
77 KB 272ms
267ms Image
image/jpeg 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imcu.com/assets/files/pvLtMZvp/David-Early---245x275.jpg

Requested by

Host: www.imcu.com
URL: https://www.imcu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

dd58778debfd57758aa554e7feab13af49b532da094899e49d3ead894f7a3bfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
via: varnish
x-b3-traceid: 086bdac20a1f44d8
age: 0
x-varnish-hitmiss: MISS
x-envoy-upstream-service-time: 7
content-disposition: filename="David-Early---245x275.jpg"
x-varnish-count: 0
x-xss-protection: 1; mode=block
x-request-id: 53923c0c-2c86-9b29-91e7-f70ff1cddfb9
last-modified: Tue, 09 May 2023 12:22:41 GMT
server: nginx
etag: "869a2aa7ffd7c689fc5a978c60301f6c"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-varnish: 106766015
cache-control: private
accept-ranges: bytes
expires: Sat, 18 Nov 2023 15:39:08 GMT

GET
H2 200 Stephanie-Wade---245x275.jpg
www.imcu.com/assets/files/KI0I3J6o/ 49 KB
50 KB 274ms
269ms Image
image/jpeg 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imcu.com/assets/files/KI0I3J6o/Stephanie-Wade---245x275.jpg

Requested by

Host: www.imcu.com
URL: https://www.imcu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

5d509d9115052160a71214c89b2e7b37b696eae658d3a3d6fbc6dc35bff295a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
via: varnish
x-b3-traceid: 632f4c3bfee93f0d
age: 0
x-varnish-hitmiss: MISS
x-envoy-upstream-service-time: 7
content-disposition: filename="Stephanie-Wade---245x275.jpg"
x-varnish-count: 0
x-xss-protection: 1; mode=block
x-request-id: 1866c819-215f-94d1-8264-c6c6817ed410
last-modified: Mon, 20 Mar 2023 15:34:57 GMT
server: nginx
etag: "b46bb415d6463c634fdb1746a2d2a73f"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-varnish: 105911467
cache-control: private
accept-ranges: bytes
expires: Sat, 18 Nov 2023 15:39:08 GMT

GET
H2 200 eho.svg
www.imcu.com/assets/img/ 4 KB
2 KB 233ms
229ms Image
image/svg+xml 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imcu.com/assets/img/eho.svg

Requested by

Host: www.imcu.com
URL: https://www.imcu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

bbf9daa5df73b674be7b8b59c6ed2fcd65cf44e7f4e8d050f90fa2362d394004

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=16070400
via: varnish
x-b3-traceid: e4411a0ef6ec53bf
age: 81239
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="eho.svg"
content-length: 1297
x-xss-protection: 1; mode=block
x-request-id: aacc0a3f-466f-909c-b7a4-b24345c09ccf
x-varnish-count: 4738
last-modified: Tue, 14 Nov 2023 17:04:40 GMT
server: nginx
etag: "7626683c7ec90757b3643ff723c40e47"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-varnish: 105033053 86866319
cache-control: public, max-age=0
accept-ranges: bytes
expires: Fri, 17 Nov 2023 17:05:08 GMT

GET
H2 200 ncua-logo.svg
www.imcu.com/assets/img/ 29 KB
7 KB 237ms
232ms Image
image/svg+xml 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imcu.com/assets/img/ncua-logo.svg

Requested by

Host: www.imcu.com
URL: https://www.imcu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

bbf8730ba2b44b5e4a111ccee80bd8dd9cbbd2d61395e7155ecd5c7a36aa0922

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
content-encoding: gzip
x-b3-traceid: a776a26faaf2c056
age: 81262
via: varnish
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="ncua-logo.svg"
content-length: 6516
x-xss-protection: 1; mode=block
x-request-id: e73f77c2-968c-9601-b4b5-fe3c51e9baba
x-varnish-count: 4690
last-modified: Tue, 14 Nov 2023 17:04:40 GMT
server: nginx
etag: "1a5e85a38801c65b8e233f3fbd9bf05c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
x-varnish: 107059469 88905370
cache-control: public, max-age=0
accept-ranges: bytes
expires: Fri, 17 Nov 2023 17:04:45 GMT

GET
H2 200 badge.min.js Show response
banno.com/a/monitor/api/badge/ 10 KB
11 KB 178ms
52ms Script
application/javascript 52.189.67.130
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://banno.com/a/monitor/api/badge/badge.min.js

Requested by

Host: www.imcu.com
URL: https://www.imcu.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.189.67.130 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ce2d1625d64cf99434862d35e765ab587e571cef399186313aba59dfa55bc5d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security: max-age=15724800
last-modified: Mon, 17 Jul 2023 20:25:23 GMT
accept-ranges: bytes
etag: "2194018965877338"
content-length: 10640
content-type: application/javascript; charset=UTF-8

GET
H2 200 alliance-one-logo.svg
www.imcu.com/assets/img/ 12 KB
4 KB 231ms
227ms Image
image/svg+xml 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imcu.com/assets/img/alliance-one-logo.svg

Requested by

Host: www.imcu.com
URL: https://www.imcu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

df74b077c5ba3d5821e8f57eebf409f91da9ade0b6e1c946ddce475daca051f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
content-encoding: gzip
x-b3-traceid: 333b42c0dde04c84
age: 81262
via: varnish
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="alliance-one-logo.svg"
content-length: 3917
x-xss-protection: 1; mode=block
x-request-id: 7173c61b-d1ce-947b-ad71-cdc48f7bc7e1
x-varnish-count: 4687
last-modified: Tue, 14 Nov 2023 17:04:40 GMT
server: nginx
etag: "6da3b8f5f1310bb86accd6de043aac65"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
x-varnish: 105065225 88642290
cache-control: public, max-age=0
accept-ranges: bytes
expires: Fri, 17 Nov 2023 17:04:45 GMT

GET
H2 200 allpoint-logo.svg
www.imcu.com/assets/img/ 2 KB
2 KB 230ms
227ms Image
image/svg+xml 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imcu.com/assets/img/allpoint-logo.svg

Requested by

Host: www.imcu.com
URL: https://www.imcu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

6356bd985255864febb0109cc39be0305ef662ec3c406cc199f7c595d57d1fb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=16070400
via: varnish
x-b3-traceid: 9216bc6153994a54
age: 81234
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="allpoint-logo.svg"
content-length: 1017
x-xss-protection: 1; mode=block
x-request-id: 1a1e90b1-523f-9611-b534-782abf019f43
x-varnish-count: 4649
last-modified: Tue, 14 Nov 2023 17:04:40 GMT
server: nginx
etag: "673c94f3dec27085054071e31f195250"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-varnish: 105526099 88422302
cache-control: public, max-age=0
accept-ranges: bytes
expires: Fri, 17 Nov 2023 17:05:14 GMT

GET
H2 200 jquery.min.js Show response
www.imcu.com/assets/js/ 85 KB
30 KB 68ms
58ms Script
application/javascript 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imcu.com/assets/js/jquery.min.js?v=1699977987500

Requested by

Host: www.imcu.com
URL: https://www.imcu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

d31312e09389da45f7740c6c973c7d66cc9f9d501b67d07c0e3992bef2d233e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=16070400
via: varnish
x-b3-traceid: 7948d600132325bb
age: 81237
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="jquery.min.js"
content-length: 30341
x-xss-protection: 1; mode=block
x-request-id: 7a58bae2-0203-9878-8c25-b97ce0eeb8c4
x-varnish-count: 4612
last-modified: Tue, 14 Nov 2023 17:04:40 GMT
server: nginx
etag: "5ce6d7133f1c3a7b378706b4b921bde0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-varnish: 100193497 86760944
cache-control: public, max-age=0
accept-ranges: bytes
expires: Fri, 17 Nov 2023 17:05:10 GMT

GET
H2 200 script.min.js Show response
www.imcu.com/assets/js/ 176 KB
48 KB 236ms
233ms Script
application/javascript 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imcu.com/assets/js/script.min.js?v=1699977987500

Requested by

Host: www.imcu.com
URL: https://www.imcu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

af30c3ef9424b043e3d6d4db4b8573ec041dcad36330cacef75b8094807d9465

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=16070400
via: varnish
x-b3-traceid: bca06a656f2257a8
age: 81237
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="script.min.js"
content-length: 48358
x-xss-protection: 1; mode=block
x-request-id: b4371a4c-f702-929c-b732-2aa852d3bef4
x-varnish-count: 4775
last-modified: Tue, 14 Nov 2023 17:04:40 GMT
server: nginx
etag: "29a2005343c553294558097fd1eba334"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-varnish: 105133561 85975420
cache-control: public, max-age=0
accept-ranges: bytes
expires: Fri, 17 Nov 2023 17:05:11 GMT

GET
H2 200 disclaimers.js Show response
www.imcu.com/assets/target/ 3 KB
2 KB 235ms
233ms Script
application/javascript 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imcu.com/assets/target/disclaimers.js?bh=0eace5

Requested by

Host: www.imcu.com
URL: https://www.imcu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

e62bdb1248c7e4d856eb804738ef310e28d3d8b4a9ef40bccb0a5059a61313d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=16070400
via: varnish
x-b3-traceid: 0992ff66e975f66b
age: 235434
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-length: 1400
x-xss-protection: 1; mode=block
x-request-id: f5b21270-b686-903f-a2f0-7e734bcbb723
x-varnish-count: 6965
last-modified: Tue, 14 Nov 2023 19:40:18 GMT
server: nginx
etag: "36cac93161bc79b1507b5ed84ace1324"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
x-varnish: 105653277 45919413
cache-control: public, max-age=15552000
accept-ranges: bytes
expires: Mon, 13 May 2024 22:15:14 GMT

GET
H2 200 webchat.js Show response
chat.agentiq.co/ 141 KB
47 KB 308ms
64ms Script
text/javascript 3.232.252.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://chat.agentiq.co/webchat.js?app_id=aimb4v0c

Requested by

Host: www.imcu.com
URL: https://www.imcu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.252.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-232-252-94.compute-1.amazonaws.com

Software

/ Express

Resource Hash

72c6a1c05aa9c813cc6db519f9464e4d67478d3c46429251ac5d3fde75fcef1d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:08 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-powered-by: Express
x-dns-prefetch-control: off
x-xss-protection: 0
x-request-id: 9d19c670-8628-11ee-8e16-33509a1c260d
referrer-policy: no-referrer
etag: W/"23556-3vsCaoit8p9nY/6BmwEW42ws6Zw"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding

GET
H2

200

1234568071 Show response
widgets-v7.birdeye.com/api/embed/v7/168150068519072/8/
Redirect Chain

https://birdeye.com/embed/v7/168150068519072/8/1234568071
https://widgets-v7.birdeye.com/api/embed/v7/168150068519072/8/1234568071

1 KB
1 KB

270ms
83ms

Script
text/plain

54.215.170.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets-v7.birdeye.com/api/embed/v7/168150068519072/8/1234568071
Requested by: Host: www.imcu.com
URL: https://www.imcu.com/
Protocol: H2
Server: 54.215.170.252 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-215-170-252.us-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8ce8ceb4e04054456507d2fb780e5b8188be2a752f75caf380845205444398e0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:09 GMT
etag: "51d-BbfhKBok1I7wsDxRTyybptO6gz8"
content-length: 1309

Redirect headers

location: https://widgets-v7.birdeye.com:443/api/embed/v7/168150068519072/8/1234568071
date: Sat, 18 Nov 2023 15:39:08 GMT
server: awselb/2.0
content-length: 110
content-type: text/html

OPTIONS
H/1.1 200
OK 1cb1ecef-4911-4acc-b8a4-323103090a15.json
cdn.segmint.net/ Frame 0
0 173ms
115ms Preflight 3.161.213.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segmint.net/1cb1ecef-4911-4acc-b8a4-323103090a15.json
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.213.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-213-20.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.imcu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Via: 1.1 a128f556f38fd284f05c43da08257e96.cloudfront.net (CloudFront)
X-Amz-Cf-Id: cmBybOzKkNwNTExNy3QTf2flcjY0qLowPhVxEqvXba1tXw3FW3oZUA==
X-Amz-Cf-Pop: YUL62-P1
X-Cache: Miss from cloudfront
access-control-allow-headers: content-type
access-control-allow-methods: PUT, POST, DELETE, GET
access-control-allow-origin: *
access-control-max-age: 3000
date: Sat, 18 Nov 2023 15:39:09 GMT
server: AmazonS3
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H/1.1 200
OK 1cb1ecef-4911-4acc-b8a4-323103090a15.json Show response
cdn.segmint.net/ 313 B
959 B 352ms
351ms XHR
application/json 3.161.213.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segmint.net/1cb1ecef-4911-4acc-b8a4-323103090a15.json
Requested by: Host: cdn.segmint.net
URL: https://cdn.segmint.net/segmint.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.213.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-213-20.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 143e78d0fc535e02e2c719c0a29f9a6e2ac00959a552de99a3d62fb36b1e3cbf

Request headers

Referer: https://www.imcu.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

Date: Sat, 18 Nov 2023 15:39:09 GMT
Via: 1.1 a128f556f38fd284f05c43da08257e96.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: YUL62-P1
x-amz-server-side-encryption: AES256
X-Cache: RefreshHit from cloudfront
Connection: keep-alive
Content-Length: 313
Last-Modified: Thu, 02 Mar 2023 21:15:14 GMT
Server: AmazonS3
ETag: "9e8243276c884811a405bf54321be0b6"
access-control-max-age: 3000
access-control-allow-methods: PUT, POST, DELETE, GET
Content-Type: application/json
access-control-allow-origin: *
Cache-Control: max-age=900
Accept-Ranges: bytes
X-Amz-Cf-Id: kRpIJrvUQDY0qP026qgNyhguuwuyQ_D7RGLcN1lgwJGTrcL_ZDPf5g==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 231 KB
76 KB 156ms
87ms Script
application/javascript 2607:f8b0:4004:c06::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WDRHXN

Requested by

Host: www.imcu.com
URL: https://www.imcu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b837a0ca4ec882cc1e651e363063f5fc19bf8012d064d0eac49f93f31523ce38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77550
x-xss-protection: 0
last-modified: Sat, 18 Nov 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 18 Nov 2023 15:39:08 GMT

GET
H2 200 seg Show response
secure.adnxs.com/ 0
804 B 38ms
38ms Script
application/javascript 68.67.161.182
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/seg?add=18206467&t=1

Requested by

Host: www.imcu.com
URL: https://www.imcu.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.161.182 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 15:39:08 GMT
an-x-request-uuid: 60bc0cb9-3921-48db-b16b-29071e7997db
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 96.9.249.35; 96.9.249.35; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Icons.woff2
www.imcu.com/assets/font/ 4 KB
4 KB 218ms
218ms Font
application/octet-stream 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imcu.com/assets/font/Icons.woff2

Requested by

Host: www.imcu.com
URL: https://www.imcu.com/assets/css/main.min.css?v=1699977987544

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

ac3b923602f3dfae76ac778b79523b1281f9aedfda9e872cc0301a5568fd15d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.imcu.com/assets/css/main.min.css?v=1699977987544
Origin: https://www.imcu.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
via: varnish
x-b3-traceid: 73f7174b65f856bf
age: 81237
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="Icons.woff2"
content-length: 4032
x-xss-protection: 1; mode=block
x-request-id: 9e5414ac-85da-9fce-ac61-a34ff0a11ca0
x-varnish-count: 4481
last-modified: Tue, 14 Nov 2023 17:04:40 GMT
server: nginx
etag: "f0bfce138c575ae64f11ce4df9b42958"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
x-varnish: 98384041 87900879
cache-control: public, max-age=0
accept-ranges: bytes
expires: Fri, 17 Nov 2023 17:05:10 GMT

GET
H2 200 olb-background.jpg
www.imcu.com/assets/img/ 29 KB
30 KB 202ms
201ms Image
image/jpeg 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imcu.com/assets/img/olb-background.jpg

Requested by

Host: www.imcu.com
URL: https://www.imcu.com/assets/css/main.min.css?v=1699977987544

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

3ba6c0fb90f1168c88deeb5a2ea1117bf88c214888f2a84c5a1dda96d0f9ce75

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/assets/css/main.min.css?v=1699977987544
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
via: varnish
x-b3-traceid: 0c9d8c548ec34aa5
age: 81237
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="olb-background.jpg"
content-length: 29949
x-xss-protection: 1; mode=block
x-request-id: f5799602-ed7d-9a31-b4d7-73683442c621
x-varnish-count: 4738
last-modified: Tue, 14 Nov 2023 17:04:40 GMT
server: nginx
etag: "865bd4d78b5020090dbfbd815d5d1f8a"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-varnish: 106105130 86885415
cache-control: public, max-age=0
accept-ranges: bytes
expires: Fri, 17 Nov 2023 17:05:10 GMT

OPTIONS
H/1.1 200
OK insights
liqadprdct-capture-prod-east.gannettdigital.com/capture_logger/api/v1/ Frame 0
0 152ms
44ms Preflight 34.75.237.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://liqadprdct-capture-prod-east.gannettdigital.com/capture_logger/api/v1/insights
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.75.237.118 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 118.237.75.34.bc.googleusercontent.com
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.imcu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
date: Sat, 18 Nov 2023 15:39:08 GMT
server: envoy
transfer-encoding: chunked
x-envoy-upstream-service-time: 0

POST
H/1.1 200
OK insights Show response
liqadprdct-capture-prod-east.gannettdigital.com/capture_logger/api/v1/ 16 B
783 B 48ms
48ms XHR
application/json 34.75.237.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://liqadprdct-capture-prod-east.gannettdigital.com/capture_logger/api/v1/insights

Requested by

Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_static/mms/mms.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.75.237.118 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.237.75.34.bc.googleusercontent.com

Software

envoy /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.imcu.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type: application/json

Response headers

date: Sat, 18 Nov 2023 15:39:08 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
transfer-encoding: chunked
x-envoy-upstream-service-time: 4
x-xss-protection: 1; mode=block
x-request-id: dcafd17c-8f4b-4569-a811-fd045ed8bda4
x-runtime: 0.002651
referrer-policy: strict-origin-when-cross-origin
server: envoy
etag: W/"c955e57777ec0d73639dca6748560d00"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers
vary: Accept, Origin
cache-control: max-age=0, private, must-revalidate
content-type: application/json; charset=utf-8

GET
H2 200 last-check Show response
banno.com/a/monitor/api/ 79 B
196 B 52ms
52ms Script
application/javascript 52.189.67.130
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://banno.com/a/monitor/api/last-check?url=https%3A%2F%2Fwww.imcu.com%2F&callback=jha.monitor.badgeCallback

Requested by

Host: banno.com
URL: https://banno.com/a/monitor/api/badge/badge.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.189.67.130 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

db972d0ea962e919605b331dfa106ef79ae41ca29aebb325eb88f57b608f97a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security: max-age=15724800
content-length: 79
content-type: application/javascript; charset=UTF-8

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
243 B 109ms
41ms Ping
text/plain 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Q04TV61VH4&cid=98233597.1700321949&gtm=45je3b81v9123591144&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q04TV61VH4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 15:39:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.imcu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tracking.min.js Show response
dxussota4xxo7.cloudfront.net/js/ 420 B
756 B 114ms
33ms Script
application/javascript 2600:9000:21a2:1000:15:4bf9:2dc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dxussota4xxo7.cloudfront.net/js/tracking.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRHXN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21a2:1000:15:4bf9:2dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a865230456a516d0d8adf08bd311599806c70bbd7b5637c696cfbfb3cf747387

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 02:07:17 GMT
via: 1.1 6e86c05ccf44b10b3a7071fb1573829a.cloudfront.net (CloudFront)
last-modified: Wed, 23 Sep 2020 04:04:24 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-C1
age: 49178
etag: "b7e214e920d0c529083be4aa78a105c2"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 420
x-amz-cf-id: qRksEtxkZ5Abm4NI4bePQ-Y3TkWPEdUp9ytKp8m6Wv5QLD6kG8AxOw==

GET events.js
analytics.tiktok.com/i18n/pixel/ 0
0

GET
H2 200 monitor-badge-dark.png
banno.com/a/monitor/api/badge/ 867 B
1 KB 52ms
51ms Image
image/png 52.189.67.130
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banno.com/a/monitor/api/badge/monitor-badge-dark.png

Requested by

Host: www.imcu.com
URL: https://www.imcu.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.189.67.130 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

29c0460945112db52539b1f8123ef386a79721884db9d5e06697ebaa2ac6ecfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security: max-age=15724800
last-modified: Mon, 17 Jul 2023 20:25:23 GMT
accept-ranges: bytes
etag: "c6c0018965877338"
content-length: 867
content-type: image/png

GET
H2 200 base.css
chat-service.imcu.agentiq.co/static/themes/ 9 KB
2 KB 167ms
46ms Stylesheet
text/css 34.205.164.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://chat-service.imcu.agentiq.co/static/themes/base.css

Requested by

Host: chat.agentiq.co
URL: https://chat.agentiq.co/webchat.js?app_id=aimb4v0c

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.205.164.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-205-164-221.compute-1.amazonaws.com

Software

/ Express

Resource Hash

8ba33bd694c9294a4d95b380a23e2b66c20f385862fdc30ae109e45485dcdaaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Tue, 07 Nov 2023 04:20:57 GMT
x-powered-by: Express
etag: W/"24a9-18ba8031828"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
x-request-id: 9d425d10-8628-11ee-8e16-33509a1c260d

GET image_view.js
www.surveycarrot.com/js/ 0
0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 250ms
83ms Script
application/x-javascript 2a03:2880:f035:1a:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.imcu.com
URL: https://www.imcu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f035:1a:face:b00c:0:3 Querétaro City, Mexico, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 18 Nov 2023 15:39:09 GMT
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: JVIVUrl7eRr5UbLtPUPxJ2B/ltjZn7ujYC+EyrbRhieX6mCrs6cqsWUvftMqMdgdMINE1nOobxpnXlO2DHbNQw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 disclaimer Show response
www.imcu.com/_/api/ 2 KB
1 KB 56ms
56ms XHR
application/json 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imcu.com/_/api/disclaimer

Requested by

Host: www.imcu.com
URL: https://www.imcu.com/assets/js/jquery.min.js?v=1699977987500

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

36435716fe9f709ba9ff30672d5812734a31f2a82e53161f9e3793a0956af652

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.imcu.com/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 18 Nov 2023 15:39:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=16070400
via: varnish
x-b3-traceid: 5da2478f5c558526
age: 0
x-varnish-ttl: 0.000
x-varnish-hitmiss: MISS
x-envoy-upstream-service-time: 4
content-length: 695
x-xss-protection: 1; mode=block
x-request-id: 85268981-bf68-9a79-b785-73bd93177191
x-varnish-count: 0
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-varnish: 106009179
cache-control: public, max-age=0
accept-ranges: bytes
expires: Sat, 18 Nov 2023 15:39:08 GMT

GET
H2 200 widgets Show response
widgets-v7.birdeye.com/api/ Frame D8CD 9 KB
9 KB 83ms
83ms Document
text/html 54.215.170.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
Requested by: Host: birdeye.com
URL: https://birdeye.com/embed/v7/168150068519072/8/1234568071
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.215.170.252 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-215-170-252.us-west-1.compute.amazonaws.com
Software: /
Resource Hash: d858813ec73f7f3a68240ddf430f965287e2d1c33e7136c9730574f0c8603976

Request headers

Referer: https://www.imcu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: https://app.birdeye.com
content-length: 9542
date: Sat, 18 Nov 2023 15:39:09 GMT
etag: "2546-C5l/uTHC8nyE94b23GNQnW5VmE8"
vary: Origin

GET
H/1.1 200
OK nqkCLztN_IMCU-Chat-Open-Icon---60x60-v01.png
agentiq-imcu-assets.s3.amazonaws.com/public/2023-09-01-17-08-11/ 917 B
1 KB 158ms
55ms Image
image/png 3.5.29.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agentiq-imcu-assets.s3.amazonaws.com/public/2023-09-01-17-08-11/nqkCLztN_IMCU-Chat-Open-Icon---60x60-v01.png
Requested by: Host: chat-service.imcu.agentiq.co
URL: https://chat-service.imcu.agentiq.co/static/themes/base.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.29.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2b566131a0f1a46661391af4a259ae22d79a47bd8754c86f156c33d0ea684435

Request headers

accept-language: en-US,en;q=0.9
Referer: https://chat-service.imcu.agentiq.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sat, 18 Nov 2023 15:39:10 GMT
Last-Modified: Mon, 09 Jan 2023 17:08:12 GMT
Server: AmazonS3
x-amz-request-id: EKB34N01XF112HW9
ETag: "8ac911d758112d888af549bf17486135"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 917
x-amz-id-2: 00vI+ldtO+b+DfyAzLLwoVM3lKZNBtGj0BSB79bb1bir706VVsiNSqzoYy07y7ffKw1x0S4BcFuDAvq1cz0tGIU/Y82gH+EVZ1X5IuHmcCI=

GET
H2 200 eda81cd4507e537c.css
widgets-v7.birdeye.com/_next/static/css/ Frame D8CD 16 KB
3 KB 83ms
83ms Stylesheet
text/css 54.215.170.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets-v7.birdeye.com/_next/static/css/eda81cd4507e537c.css
Requested by: Host: widgets-v7.birdeye.com
URL: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.215.170.252 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-215-170-252.us-west-1.compute.amazonaws.com
Software: /
Resource Hash: c7094491ea71a66e3154aa305ab7d97a543cb8fba7f7ff2319df08defc77c725

Request headers

accept-language: en-US,en;q=0.9
Referer: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:09 GMT
content-encoding: gzip
last-modified: Fri, 03 Nov 2023 03:00:12 GMT
etag: W/"3eca-18b931fba60"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 543b166e566793c9.css
widgets-v7.birdeye.com/_next/static/css/ Frame D8CD 6 KB
2 KB 82ms
82ms Stylesheet
text/css 54.215.170.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets-v7.birdeye.com/_next/static/css/543b166e566793c9.css
Requested by: Host: widgets-v7.birdeye.com
URL: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.215.170.252 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-215-170-252.us-west-1.compute.amazonaws.com
Software: /
Resource Hash: 0173900051eca3e73d1ff9febfe462216ec16101ca2020cf2e296cf03804861f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:09 GMT
content-encoding: gzip
last-modified: Fri, 03 Nov 2023 03:00:12 GMT
etag: W/"1754-18b931fba60"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 webpack-514908bffb652963.js Show response
widgets-v7.birdeye.com/_next/static/chunks/ Frame D8CD 1 KB
1004 B 84ms
82ms Script
application/javascript 54.215.170.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets-v7.birdeye.com/_next/static/chunks/webpack-514908bffb652963.js
Requested by: Host: widgets-v7.birdeye.com
URL: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.215.170.252 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-215-170-252.us-west-1.compute.amazonaws.com
Software: /
Resource Hash: 88b7b60abfbcd15997d22d2839830aa4593142a21fc2b7be01f6896ac3d27310

Request headers

accept-language: en-US,en;q=0.9
Referer: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:09 GMT
content-encoding: gzip
last-modified: Fri, 03 Nov 2023 03:00:12 GMT
etag: W/"5c0-18b931fba60"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 framework-91d7f78b5b4003c8.js Show response
widgets-v7.birdeye.com/_next/static/chunks/ Frame D8CD 127 KB
41 KB 145ms
142ms Script
application/javascript 54.215.170.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets-v7.birdeye.com/_next/static/chunks/framework-91d7f78b5b4003c8.js
Requested by: Host: widgets-v7.birdeye.com
URL: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.215.170.252 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-215-170-252.us-west-1.compute.amazonaws.com
Software: /
Resource Hash: ce3783d4091c989beac6560ce4ba0032d52339854010ac19358dfb702f226167

Request headers

accept-language: en-US,en;q=0.9
Referer: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:09 GMT
content-encoding: gzip
last-modified: Fri, 03 Nov 2023 03:00:12 GMT
etag: W/"1fc6a-18b931fba60"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 main-ba832cad11a030f7.js Show response
widgets-v7.birdeye.com/_next/static/chunks/ Frame D8CD 111 KB
31 KB 144ms
142ms Script
application/javascript 54.215.170.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets-v7.birdeye.com/_next/static/chunks/main-ba832cad11a030f7.js
Requested by: Host: widgets-v7.birdeye.com
URL: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.215.170.252 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-215-170-252.us-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8955274567e7fe987a9de393cf379bb4c3d4fa37e124414f5f2385d6c1e9e770

Request headers

accept-language: en-US,en;q=0.9
Referer: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:09 GMT
content-encoding: gzip
last-modified: Fri, 03 Nov 2023 03:00:12 GMT
etag: W/"1ba4a-18b931fba60"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 _app-9813aaabf7b75be1.js Show response
widgets-v7.birdeye.com/_next/static/chunks/pages/ Frame D8CD 4 KB
2 KB 143ms
142ms Script
application/javascript 54.215.170.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets-v7.birdeye.com/_next/static/chunks/pages/_app-9813aaabf7b75be1.js
Requested by: Host: widgets-v7.birdeye.com
URL: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.215.170.252 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-215-170-252.us-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1ec4fbec6b02a439bad4ece44d16811ebe29e374da31c611ab1218220e5a1d04

Request headers

accept-language: en-US,en;q=0.9
Referer: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:09 GMT
content-encoding: gzip
last-modified: Fri, 03 Nov 2023 03:00:12 GMT
etag: W/"11ed-18b931fba60"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 new-rotating-8a699c6e04dc2ec5.js Show response
widgets-v7.birdeye.com/_next/static/chunks/pages/v8/ Frame D8CD 12 KB
5 KB 85ms
83ms Script
application/javascript 54.215.170.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets-v7.birdeye.com/_next/static/chunks/pages/v8/new-rotating-8a699c6e04dc2ec5.js
Requested by: Host: widgets-v7.birdeye.com
URL: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.215.170.252 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-215-170-252.us-west-1.compute.amazonaws.com
Software: /
Resource Hash: f5df67e620930892df72a02097cd31909aea56ea0501dbe12f09a9a2f3f88731

Request headers

accept-language: en-US,en;q=0.9
Referer: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:09 GMT
content-encoding: gzip
last-modified: Fri, 03 Nov 2023 03:00:12 GMT
etag: W/"3101-18b931fba60"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 _buildManifest.js Show response
widgets-v7.birdeye.com/_next/static/kf_4G-AsMtcF60i4rIMFK/ Frame D8CD 3 KB
1 KB 225ms
223ms Script
application/javascript 54.215.170.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets-v7.birdeye.com/_next/static/kf_4G-AsMtcF60i4rIMFK/_buildManifest.js
Requested by: Host: widgets-v7.birdeye.com
URL: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.215.170.252 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-215-170-252.us-west-1.compute.amazonaws.com
Software: /
Resource Hash: 79e088ee3377eda0f358623fc79ab1a06ce8bd1558f0788f84e43d05bb8dfcdc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:09 GMT
content-encoding: gzip
last-modified: Fri, 03 Nov 2023 03:00:12 GMT
etag: W/"dc8-18b931fba60"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 _ssgManifest.js Show response
widgets-v7.birdeye.com/_next/static/kf_4G-AsMtcF60i4rIMFK/ Frame D8CD 77 B
289 B 222ms
221ms Script
application/javascript 54.215.170.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets-v7.birdeye.com/_next/static/kf_4G-AsMtcF60i4rIMFK/_ssgManifest.js
Requested by: Host: widgets-v7.birdeye.com
URL: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.215.170.252 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-215-170-252.us-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:09 GMT
last-modified: Fri, 03 Nov 2023 03:00:12 GMT
etag: W/"4d-18b931fba60"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 77

GET
H2 200 _middlewareManifest.js Show response
widgets-v7.birdeye.com/_next/static/kf_4G-AsMtcF60i4rIMFK/ Frame D8CD 92 B
304 B 224ms
223ms Script
application/javascript 54.215.170.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets-v7.birdeye.com/_next/static/kf_4G-AsMtcF60i4rIMFK/_middlewareManifest.js
Requested by: Host: widgets-v7.birdeye.com
URL: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.215.170.252 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-215-170-252.us-west-1.compute.amazonaws.com
Software: /
Resource Hash: de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:09 GMT
last-modified: Fri, 03 Nov 2023 03:00:21 GMT
etag: W/"5c-18b931fdd88"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 92

GET
H2 200 css2
fonts.googleapis.com/ Frame D8CD 7 KB
1 KB 116ms
44ms Stylesheet
text/css 2607:f8b0:4004:c1b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Requested by

Host: widgets-v7.birdeye.com
URL: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d5e4168c549beeeb7946e688c11e8ebec9ae7d2d53fd20a1992660551b7b3668

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://widgets-v7.birdeye.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 18 Nov 2023 15:39:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 18 Nov 2023 15:05:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 18 Nov 2023 15:39:09 GMT

GET
H2 200 23893b43a33e440e884869a9ffb7d0a7.png
ddjkm7nmu27lx.cloudfront.net/283679764/ Frame D8CD 32 KB
32 KB 133ms
39ms Image
image/png 3.162.93.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ddjkm7nmu27lx.cloudfront.net/283679764/23893b43a33e440e884869a9ffb7d0a7.png
Requested by: Host: widgets-v7.birdeye.com
URL: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.93.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-93-82.iad61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5d6c3b2fc4bc70d3f833e12d18f67e54ba75324c8700a7d74249e410ce95920a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://widgets-v7.birdeye.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 01:26:55 GMT
x-amz-version-id: pPAHM_cGm52xis51JWGd9QCrjlIHQETa
via: 1.1 95ad9d4dc596fb803e3114c8dbdc4b60.cloudfront.net (CloudFront)
last-modified: Fri, 17 Nov 2023 23:31:08 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P1
age: 51135
etag: "78ec1eefcf17d2396ec5f3b344a6685e"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
accept-ranges: bytes
content-length: 32708
x-amz-cf-id: rbKNB0efRZvV4AVr4uuqbIVlU-1uTqDaqjOINr-e8yNBFbv8yPCsUg==

GET
H2 200 left-arrow.png
widgets-v7.birdeye.com/ Frame D8CD 2 KB
2 KB 83ms
82ms Image
image/png 54.215.170.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets-v7.birdeye.com/left-arrow.png
Requested by: Host: widgets-v7.birdeye.com
URL: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.215.170.252 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-215-170-252.us-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2b7d3452288cef3342b8db2e74bd7320026c6dc8cd07d6b9568e0d4ddcfdac43

Request headers

accept-language: en-US,en;q=0.9
Referer: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:09 GMT
cache-control: public, max-age=0
last-modified: Fri, 03 Nov 2023 02:59:13 GMT
accept-ranges: bytes
etag: W/"746-18b931ed3e8"
content-length: 1862
content-type: image/png

GET
H2 200 right-arrow.png
widgets-v7.birdeye.com/ Frame D8CD 2 KB
2 KB 82ms
82ms Image
image/png 54.215.170.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets-v7.birdeye.com/right-arrow.png
Requested by: Host: widgets-v7.birdeye.com
URL: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.215.170.252 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-215-170-252.us-west-1.compute.amazonaws.com
Software: /
Resource Hash: c59f3ba94e761497a4b1e94125a40d4363b28c55b24003bdb73243660499905d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:09 GMT
cache-control: public, max-age=0
last-modified: Fri, 03 Nov 2023 02:59:13 GMT
accept-ranges: bytes
etag: W/"782-18b931ed3e8"
content-length: 1922
content-type: image/png

GET
H2 200 birdeye-logo.svg
widgets-v7.birdeye.com/ Frame D8CD 3 KB
2 KB 85ms
82ms Image
image/svg+xml 54.215.170.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets-v7.birdeye.com/birdeye-logo.svg
Requested by: Host: widgets-v7.birdeye.com
URL: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.215.170.252 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-215-170-252.us-west-1.compute.amazonaws.com
Software: /
Resource Hash: 19003bda0af25def358e5f521924bc2658b65dc47ca722fbba68684516a3ec48

Request headers

accept-language: en-US,en;q=0.9
Referer: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:09 GMT
content-encoding: gzip
last-modified: Fri, 03 Nov 2023 02:59:13 GMT
etag: W/"c2c-18b931ed3e8"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 336474686714648 Show response
connect.facebook.net/signals/config/ 124 KB
33 KB 162ms
161ms Script
application/x-javascript 2a03:2880:f035:1a:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/336474686714648?v=2.9.138&r=stable&domain=www.imcu.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f035:1a:face:b00c:0:3 Querétaro City, Mexico, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

18593949479827e48e87e970d17923131b0812675f4f13cf58a8b1d6bcf8234c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 18 Nov 2023 15:39:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: j2iKpZ514f7p9l8hEwkOKop5phG3zYPaJpa29d9TueyQ3Jo3uqbXyHxKEv7aN44RVqkAQzDGYNSG+33fHMNSjw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D8CD 16 KB
16 KB 103ms
34ms Font
font/woff2 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://widgets-v7.birdeye.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:42:05 GMT
x-content-type-options: nosniff
age: 143824
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 23:42:05 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D8CD 15 KB
15 KB 111ms
42ms Font
font/woff2 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://widgets-v7.birdeye.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:09:00 GMT
x-content-type-options: nosniff
age: 142209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 00:09:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 107ms
36ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=336474686714648&ev=PageView&dl=https%3A%2F%2Fwww.imcu.com&rl=&if=false&ts=1700321949565&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4124&fbp=fb.1.1700321949561.433224565&cs_est=true&pm=1&hrl=733a4a&ler=empty&it=1700321949361&coo=false&cs_cc=1&rqm=GET

Requested by

Host: www.imcu.com
URL: https://www.imcu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 18 Nov 2023 15:39:09 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

OPTIONS
H/1.1 204
No Content event
connect.segmint.net/ Frame 0
0 229ms
45ms Preflight 52.45.67.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.segmint.net/event
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.67.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-67-236.compute-1.amazonaws.com
Software: openresty /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.imcu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Auth-Username, X-Auth-Password, X-Auth-New-Password, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
Access-Control-Allow-Origin: https://www.imcu.com
Access-Control-Max-Age: 1728000
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Sat, 18 Nov 2023 15:39:09 GMT
Expires: 0
P3P: CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info."
Pragma: no-cache
Server: openresty

GET
H2 200 fonts.css Show response
www.imcu.com/assets/css/ 16 KB
2 KB 53ms
53ms XHR
text/css 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imcu.com/assets/css/fonts.css?v=1699977987413

Requested by

Host: www.imcu.com
URL: https://www.imcu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

e862c691893c4c35b8c83bf72079bcda4b2223096980fa54dba8e346c4b944a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:09 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
content-encoding: gzip
x-b3-traceid: 4f11edbff24fce31
age: 81239
via: varnish
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="fonts.css"
content-length: 1149
x-xss-protection: 1; mode=block
x-request-id: 94f8fef9-19d0-9d7c-a848-214d8712b5de
x-varnish-count: 1271
last-modified: Tue, 14 Nov 2023 17:04:40 GMT
server: nginx
etag: "f65a0181f7fba375fcbc27fa75f7b1f4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-varnish: 105165222 88089540
cache-control: public, max-age=0
accept-ranges: bytes
expires: Fri, 17 Nov 2023 17:05:09 GMT

GET
H2 200 slick.woff
www.imcu.com/assets/font/ 1 KB
2 KB 53ms
52ms Font
application/font-woff 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imcu.com/assets/font/slick.woff

Requested by

Host: www.imcu.com
URL: https://www.imcu.com/assets/css/main.min.css?v=1699977987544

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.imcu.com/assets/css/main.min.css?v=1699977987544
Origin: https://www.imcu.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=16070400
via: varnish
x-b3-traceid: b062cb450b7a3bd5
age: 81239
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="slick.woff"
content-length: 1343
x-xss-protection: 1; mode=block
x-request-id: 207a0c52-53e7-9f85-93fb-e6fa66604ab0
x-varnish-count: 3346
last-modified: Tue, 14 Nov 2023 17:04:41 GMT
server: nginx
etag: "68b7679274615f255c862e55e2a2ba3c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/font-woff
x-varnish: 98629723 86961055
cache-control: public, max-age=0
accept-ranges: bytes
expires: Fri, 17 Nov 2023 17:05:10 GMT

GET
H/1.1 200
OK segmint.min.js Show response
cdn.segmint.net/ 16 KB
16 KB 34ms
33ms Script
application/javascript 3.161.213.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segmint.net/segmint.min.js
Requested by: Host: www.imcu.com
URL: https://www.imcu.com/assets/js/script.min.js?v=1699977987500
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.213.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-213-20.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8d5d3f4a44a4e9c6ea8f6c84f8dcc1fd7a31ad4c07df78b237c41c4d7fc10ecb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 19:18:42 GMT
Via: 1.1 e4319b693fea530a4675a1f616581394.cloudfront.net (CloudFront)
Last-Modified: Wed, 20 Sep 2023 12:33:41 GMT
Server: AmazonS3
X-Amz-Cf-Pop: YUL62-P1
Age: 73228
ETag: "6bdf8bf9c48aef3424ec8556d42ae32e"
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Cache-Control: max-age:900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16163
X-Amz-Cf-Id: xmTYMKDp_uzV5pKNauUgbiUoQzhBYs6GKuPL0Ejo1ROPdSugKoqCuw==

GET
H2 200 Sallie-Mae-Fall-2021-Rotating-Banner.jpg
www.imcu.com/assets/files/C4i0XSCv/ 492 KB
493 KB 108ms
106ms Image
image/jpeg 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imcu.com/assets/files/C4i0XSCv/Sallie-Mae-Fall-2021-Rotating-Banner.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

ee812a922fafe6ac67e8a6b135e812e58b24030def1850886bb862060817ce9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:09 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
via: varnish
x-b3-traceid: c062cb01dabd534f
age: 0
x-varnish-hitmiss: MISS
x-envoy-upstream-service-time: 8
content-disposition: filename="Sallie-Mae-Fall-2021-Rotating-Banner.jpg"
x-varnish-count: 0
x-xss-protection: 1; mode=block
x-request-id: 5d1cf53f-3b11-952e-8866-cab01bdeff68
last-modified: Mon, 14 Nov 2022 13:18:21 GMT
server: nginx
etag: "910b304bd6e60a796fb1df5cdf1f19af"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-varnish: 106168697
cache-control: private
accept-ranges: bytes
expires: Sat, 18 Nov 2023 15:39:09 GMT

GET
H2 200 Toy-Drive-2022-Rotating-Banner.jpg
www.imcu.com/assets/files/of1iqyfG/ 332 KB
333 KB 110ms
108ms Image
image/jpeg 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imcu.com/assets/files/of1iqyfG/Toy-Drive-2022-Rotating-Banner.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

6c6a03ff6652de29b2cc7597dcc5754ba2cd0c946392859d88f5256a8cfaeca2

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:09 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
via: varnish
x-b3-traceid: e135a2be63fbf8e2
age: 0
x-varnish-hitmiss: MISS
x-envoy-upstream-service-time: 8
content-disposition: filename="Toy-Drive-2022-Rotating-Banner.jpg"
x-varnish-count: 0
x-xss-protection: 1; mode=block
x-request-id: b88a6094-da6b-9bbf-b652-f362f19bc380
last-modified: Mon, 07 Nov 2022 13:04:36 GMT
server: nginx
etag: "73051b4af3a6a9d1d14c2a022b6b6ee0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-varnish: 105653283
cache-control: private
accept-ranges: bytes
expires: Sat, 18 Nov 2023 15:39:09 GMT

GET
H2 200 13-Month-Certificate-Rotating-Banner-10.2023.jpg
www.imcu.com/assets/files/iBzefd7y/ 792 KB
793 KB 114ms
112ms Image
image/jpeg 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imcu.com/assets/files/iBzefd7y/13-Month-Certificate-Rotating-Banner-10.2023.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

cff88ecc4da0fe4641c1d4ce57313b1801118b59426c09b1f9d7392ef33a5874

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:09 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
via: varnish
x-b3-traceid: b3b5727e85aa46d5
age: 0
x-varnish-hitmiss: MISS
x-envoy-upstream-service-time: 8
content-disposition: filename="13-Month-Certificate-Rotating-Banner-10.2023.jpg"
x-varnish-count: 0
x-xss-protection: 1; mode=block
x-request-id: c79d1034-2956-93ae-bcaa-e4e8c5f3feaa
last-modified: Fri, 29 Sep 2023 17:54:42 GMT
server: nginx
etag: "07a73c804a6b5dbc28299e99a1d8a885"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-varnish: 104325799
cache-control: private
accept-ranges: bytes
expires: Sat, 18 Nov 2023 15:39:09 GMT

GET
H2 200 Hiring-Open-House-2023-Rotating-Banner.jpg
www.imcu.com/assets/files/H0pnGJns/ 461 KB
462 KB 62ms
61ms Image
image/jpeg 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imcu.com/assets/files/H0pnGJns/Hiring-Open-House-2023-Rotating-Banner.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

8ee5ce60cbae1e58b5e55b571efe515a0e418f5e3967484ccec19ce9dfe59b2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:09 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
via: varnish
x-b3-traceid: ecb8f935ad4ae2d2
age: 0
x-varnish-hitmiss: MISS
x-envoy-upstream-service-time: 8
content-disposition: filename="Hiring-Open-House-2023-Rotating-Banner.jpg"
x-varnish-count: 0
x-xss-protection: 1; mode=block
x-request-id: 078c101f-33b3-9039-b3d0-cfc50ab3726c
last-modified: Mon, 06 Nov 2023 14:49:11 GMT
server: nginx
etag: "ab23a39368f4f6a7f97034b8edf4aef9"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-varnish: 106235935
cache-control: private
accept-ranges: bytes
expires: Sat, 18 Nov 2023 15:39:09 GMT

GET
H2 200 T-Mobile-2023-Rotating-Banner.jpg
www.imcu.com/assets/files/MrVTNGFD/ 367 KB
368 KB 59ms
58ms Image
image/jpeg 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imcu.com/assets/files/MrVTNGFD/T-Mobile-2023-Rotating-Banner.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

6da3c49e01d71fe6ad6c731dd3352fb5b43114024a7a53e6a0692657b1c63dd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:09 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
via: varnish
x-b3-traceid: 23aacf60bfc181ce
age: 0
x-varnish-hitmiss: MISS
x-envoy-upstream-service-time: 6
content-disposition: filename="T-Mobile-2023-Rotating-Banner.jpg"
x-varnish-count: 0
x-xss-protection: 1; mode=block
x-request-id: 70ba79a6-d212-966d-8f3e-54a4c40f39ec
last-modified: Mon, 16 Oct 2023 17:58:14 GMT
server: nginx
etag: "ab20e3ae89461333ebd1c67500b68752"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-varnish: 105620294
cache-control: private
accept-ranges: bytes
expires: Sat, 18 Nov 2023 15:39:09 GMT

GET
H2 200 large-p-certificate.jpg
www.imcu.com/assets/content/wLXmk3VS/ 264 KB
265 KB 53ms
53ms Image
image/jpeg 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imcu.com/assets/content/wLXmk3VS/large-p-certificate.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

b9067cbeb9d1f73d6d399fe3336d85ebfd394f52e5aa1ad843391c420dfe97d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:09 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
via: varnish
x-b3-traceid: cc2a59360f6c8751
age: 81202
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="large-p-certificate.jpg"
content-length: 270023
x-xss-protection: 1; mode=block
x-request-id: 2805afd1-e9a2-96b7-ad60-f291426695ef
x-varnish-count: 1008
last-modified: Mon, 22 Oct 2018 21:04:48 GMT
server: nginx
etag: "1d5d218ae8b4b545ea3f1693ea17802d"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-varnish: 105165223 87960979
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 17:05:47 GMT

POST
H/1.1 200
OK event Show response
connect.segmint.net/ 0
637 B 62ms
50ms XHR
text/plain 52.45.67.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.segmint.net/event
Requested by: Host: cdn.segmint.net
URL: https://cdn.segmint.net/segmint.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.67.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-67-236.compute-1.amazonaws.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.imcu.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Sat, 18 Nov 2023 15:39:08 GMT
Server: openresty
P3P: CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info."
Access-Control-Allow-Origin: https://www.imcu.com
Content-Type: text/plain;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-Application-Context: site-event-receiver-service:prod:7084
Expires: 0

GET
H/1.1 200
OK en1Er9rn5M Show response
connect.segmint.net/iframe/doughnut/ Frame 158F 509 B
1 KB 238ms
50ms Document
text/html 52.45.67.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.segmint.net/iframe/doughnut/en1Er9rn5M

Requested by

Host: cdn.segmint.net
URL: https://cdn.segmint.net/segmint.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.45.67.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-67-236.compute-1.amazonaws.com

Software

openresty /

Resource Hash

0aa49cded6c89343a514ac6a5bdf368cc49b43193c968852fa56a9b82e25cb32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.imcu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Language: en-US
Content-Length: 307
Content-Type: text/html;charset=UTF-8
Date: Sat, 18 Nov 2023 15:39:09 GMT
Expires: 0
P3P: CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info."
Pragma: no-cache
Server: openresty
Vary: Accept-Encoding
X-Application-Context: offer-delivery:prod:7074
X-B3-Sampled: 1
X-B3-SpanId: 1566679cf29378db
X-B3-TraceId: 1566679cf29378db
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK en1rr5rxMofqdM Show response
connect.segmint.net/bearclaw/invoke/ 2 KB
2 KB 241ms
50ms XHR
application/json 52.45.67.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.segmint.net/bearclaw/invoke/en1rr5rxMofqdM?new_window=true

Requested by

Host: cdn.segmint.net
URL: https://cdn.segmint.net/segmint.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.45.67.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-67-236.compute-1.amazonaws.com

Software

openresty /

Resource Hash

b55d22025050b8cf5c5b095cc4507098c1250fcac5f62c668b9d01880e2f9564

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sat, 18 Nov 2023 15:39:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Decision-Count: 1
X-B3-TraceId: cc598f68f02623ff
X-PartnerId: 87563015
P3P: CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info."
Connection: keep-alive
X-DecisionId: 2becd19a-6349-41e6-a07f-2f61aaa9b9d0
X-MediaId: 53181
X-Application-Context: offer-delivery:prod:7074
Content-Length: 697
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-Known-Consumer: false
Server: openresty
Vary: Accept-Encoding, Origin
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.imcu.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
X-B3-SpanId: cc598f68f02623ff
X-B3-Sampled: 1
X-Targeted: false
Expires: 0

GET
H2 200 montserrat-bold-webfont.woff2
www.imcu.com/assets/font/ 18 KB
19 KB 245ms
245ms Font
application/octet-stream 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imcu.com/assets/font/montserrat-bold-webfont.woff2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

e63a6b5008fdcd33d835ed9d11e4fa939639220adc592f0dc3e0537935366325

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.imcu.com/
Origin: https://www.imcu.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:09 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
via: varnish
x-b3-traceid: 18c86654eac44893
age: 81239
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="montserrat-bold-webfont.woff2"
content-length: 18616
x-xss-protection: 1; mode=block
x-request-id: 6f7a431b-24ca-91e4-a7ff-86b85aa8889e
x-varnish-count: 4016
last-modified: Tue, 14 Nov 2023 17:04:41 GMT
server: nginx
etag: "9f0fe404514ff7a8f05f6cf7f726a726"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
x-varnish: 105419233 85541169
cache-control: public, max-age=0
accept-ranges: bytes
expires: Fri, 17 Nov 2023 17:05:10 GMT

GET
H2 200 montserrat-extralight-webfont.woff2
www.imcu.com/assets/font/ 18 KB
18 KB 247ms
247ms Font
application/octet-stream 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imcu.com/assets/font/montserrat-extralight-webfont.woff2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

203fc1a4d3e07fd93d7afc29b41aa5e720343f8a126e446ceed930ec2746029d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.imcu.com/
Origin: https://www.imcu.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:09 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
via: varnish
x-b3-traceid: 9fdcb9cdb0b88a44
age: 81239
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="montserrat-extralight-webfont.woff2"
content-length: 18024
x-xss-protection: 1; mode=block
x-request-id: 9b3c9d81-f2e2-9399-ad35-2237fa34244a
x-varnish-count: 4357
last-modified: Tue, 14 Nov 2023 17:04:41 GMT
server: nginx
etag: "4303be735143b509feaba7a4d10dfd95"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
x-varnish: 106864804 88905605
cache-control: public, max-age=0
accept-ranges: bytes
expires: Fri, 17 Nov 2023 17:05:10 GMT

GET
H2 200 montserrat-light-webfont.woff2
www.imcu.com/assets/font/ 18 KB
18 KB 219ms
218ms Font
application/octet-stream 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imcu.com/assets/font/montserrat-light-webfont.woff2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

44de8d3c22224f052fa98c400574244686f2d34237b15f280ca46864bf3fb641

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.imcu.com/
Origin: https://www.imcu.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:09 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
via: varnish
x-b3-traceid: da89e704848da445
age: 81238
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="montserrat-light-webfont.woff2"
content-length: 18304
x-xss-protection: 1; mode=block
x-request-id: b996ff40-7290-9c15-bfd7-aa5cda4671e2
x-varnish-count: 4659
last-modified: Tue, 14 Nov 2023 17:04:41 GMT
server: nginx
etag: "45dca2b26dfb46bcb62318a0c82338c9"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
x-varnish: 106864805 88552251
cache-control: public, max-age=0
accept-ranges: bytes
expires: Fri, 17 Nov 2023 17:05:11 GMT

GET
H2 200 montserrat-regular-webfont.woff2
www.imcu.com/assets/font/ 18 KB
19 KB 219ms
219ms Font
application/octet-stream 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imcu.com/assets/font/montserrat-regular-webfont.woff2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

27f3557cf2b2a8e9ad2ca51eb3f3bf784a03e9dd4e149b50122179492480baaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.imcu.com/
Origin: https://www.imcu.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:09 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
via: varnish
x-b3-traceid: fee234b46d4ca898
age: 81236
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="montserrat-regular-webfont.woff2"
content-length: 18500
x-xss-protection: 1; mode=block
x-request-id: b3a0edb4-5d2f-9747-b227-46a318f69c97
x-varnish-count: 4546
last-modified: Tue, 14 Nov 2023 17:04:41 GMT
server: nginx
etag: "53eca2b5ec904d06652753d02b06fd30"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
x-varnish: 103866420 63485939
cache-control: public, max-age=0
accept-ranges: bytes
expires: Fri, 17 Nov 2023 17:05:12 GMT

GET
H2 200 montserrat-lightitalic-webfont.woff2
www.imcu.com/assets/font/ 20 KB
21 KB 217ms
215ms Font
application/octet-stream 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imcu.com/assets/font/montserrat-lightitalic-webfont.woff2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

b5e5860634bdd32e8c252820ec604974db116b506451fa7b4c2511d200547ade

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.imcu.com/
Origin: https://www.imcu.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:09 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
via: varnish
x-b3-traceid: e55f6d5479e037e6
age: 81239
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="montserrat-lightitalic-webfont.woff2"
content-length: 20952
x-xss-protection: 1; mode=block
x-request-id: 428149fe-23cb-9a8d-b902-5b016e57de2a
x-varnish-count: 3165
last-modified: Tue, 14 Nov 2023 17:04:41 GMT
server: nginx
etag: "a7fb4a29f4c5f62e384d31442f9ebfd3"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
x-varnish: 105165224 85654599
cache-control: public, max-age=0
accept-ranges: bytes
expires: Fri, 17 Nov 2023 17:05:10 GMT

GET
H2 200 big_noodle_titling-webfont.woff2
www.imcu.com/assets/font/ 7 KB
8 KB 221ms
219ms Font
application/octet-stream 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imcu.com/assets/font/big_noodle_titling-webfont.woff2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

63fd15be26a1aa843ba677f3013c0d0af56bd78e12e71dd8497bafd87baf47ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.imcu.com/
Origin: https://www.imcu.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:09 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
via: varnish
x-b3-traceid: 7192acd6d528dd0c
age: 81239
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="big_noodle_titling-webfont.woff2"
content-length: 7484
x-xss-protection: 1; mode=block
x-request-id: 838b0f7e-272f-9a3d-8cc6-e6eacf98c7fa
x-varnish-count: 4554
last-modified: Tue, 14 Nov 2023 17:04:41 GMT
server: nginx
etag: "6b1676b5c7c740bcfa57e8c94e2c784f"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
x-varnish: 104751234 87701255
cache-control: public, max-age=0
accept-ranges: bytes
expires: Fri, 17 Nov 2023 17:05:10 GMT

GET
H2 200 sourcesanspro-regular.woff2
www.imcu.com/assets/font/ 45 KB
46 KB 221ms
220ms Font
application/octet-stream 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imcu.com/assets/font/sourcesanspro-regular.woff2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

fe03463c16e34490f3ea189edc669bc48d45eacbeadfa2411f712697ff798ad1

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.imcu.com/
Origin: https://www.imcu.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:09 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
via: varnish
x-b3-traceid: 31063bc3a7af8bd3
age: 81239
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="sourcesanspro-regular.woff2"
content-length: 46132
x-xss-protection: 1; mode=block
x-request-id: 25ca1a1a-3e62-9590-b6be-62c46462ac3a
x-varnish-count: 4429
last-modified: Tue, 14 Nov 2023 17:04:41 GMT
server: nginx
etag: "c53bf4d759e26cf5ee64d22ab1e91fdb"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
x-varnish: 104906639 87936848
cache-control: public, max-age=0
accept-ranges: bytes
expires: Fri, 17 Nov 2023 17:05:10 GMT

GET
H2 200 sourcesanspro-light.woff2
www.imcu.com/assets/font/ 45 KB
46 KB 223ms
221ms Font
application/octet-stream 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imcu.com/assets/font/sourcesanspro-light.woff2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

d87970bf467a996cd954b95004295ec93a16448c279a91a9057e7d1c1aa9349c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.imcu.com/
Origin: https://www.imcu.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:09 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
via: varnish
x-b3-traceid: b0bec892cda15048
age: 81239
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="sourcesanspro-light.woff2"
content-length: 46108
x-xss-protection: 1; mode=block
x-request-id: e92c0c52-038f-9208-92a9-f4422e1a364c
x-varnish-count: 4644
last-modified: Tue, 14 Nov 2023 17:04:41 GMT
server: nginx
etag: "1d66e92b3708bed75317ef50795cf7a4"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
x-varnish: 96861472 88647075
cache-control: public, max-age=0
accept-ranges: bytes
expires: Fri, 17 Nov 2023 17:05:10 GMT

GET
H2 200 sourcesanspro-semibold.woff2
www.imcu.com/assets/font/ 45 KB
45 KB 219ms
218ms Font
application/octet-stream 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imcu.com/assets/font/sourcesanspro-semibold.woff2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

dfff06cba861f460a8e1fad3e324f973acb4879d52140d5b296d990463325837

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.imcu.com/
Origin: https://www.imcu.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:09 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
via: varnish
x-b3-traceid: 4f03194a28b20a6f
age: 81238
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="sourcesanspro-semibold.woff2"
content-length: 45936
x-xss-protection: 1; mode=block
x-request-id: bddec925-f587-9ff5-ac41-20ff6dfa1161
x-varnish-count: 4414
last-modified: Tue, 14 Nov 2023 17:04:41 GMT
server: nginx
etag: "b862dcfab752adadf80299425574f5aa"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
x-varnish: 104623162 64606525
cache-control: public, max-age=0
accept-ranges: bytes
expires: Fri, 17 Nov 2023 17:05:11 GMT

GET
H2 200 montserrat-thin-webfont.woff2
www.imcu.com/assets/font/ 17 KB
17 KB 295ms
295ms Font
application/octet-stream 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imcu.com/assets/font/montserrat-thin-webfont.woff2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

1771a218aed647200de0deda659d6ac94a25729b4e9cf7f78e2efa1c52b90b22

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.imcu.com/
Origin: https://www.imcu.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:09 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
via: varnish
x-b3-traceid: 24495e3b9cc96160
age: 81224
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="montserrat-thin-webfont.woff2"
content-length: 17260
x-xss-protection: 1; mode=block
x-request-id: f0023b75-51a2-99d4-8bf7-69ddf3c142ca
x-varnish-count: 3512
last-modified: Tue, 14 Nov 2023 17:04:41 GMT
server: nginx
etag: "0aad665492adfa220981fba714c2bc85"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
x-varnish: 105911477 88514777
cache-control: public, max-age=0
accept-ranges: bytes
expires: Fri, 17 Nov 2023 17:05:25 GMT

GET
H2 200 sourcesanspro-italic.woff2
www.imcu.com/assets/font/ 36 KB
37 KB 294ms
294ms Font
application/octet-stream 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imcu.com/assets/font/sourcesanspro-italic.woff2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

91db5317414cb41f684846ada251e11a6926ba2860a702cee2287e98b70c5dfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.imcu.com/
Origin: https://www.imcu.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:09 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
via: varnish
x-b3-traceid: a6e9a1d598d517c8
age: 81263
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="sourcesanspro-italic.woff2"
content-length: 37256
x-xss-protection: 1; mode=block
x-request-id: 3592edf4-152b-915a-bc0f-9e31d01e3512
x-varnish-count: 3536
last-modified: Tue, 14 Nov 2023 17:04:41 GMT
server: nginx
etag: "3c28ae2ca469f5f4f7dc664ae917c17c"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
x-varnish: 105419234 84997331
cache-control: public, max-age=0
accept-ranges: bytes
expires: Fri, 17 Nov 2023 17:04:45 GMT

GET
H2 200 sourcesanspro-extralight.woff2
www.imcu.com/assets/font/ 44 KB
45 KB 294ms
294ms Font
application/octet-stream 20.118.17.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imcu.com/assets/font/sourcesanspro-extralight.woff2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

46b1f1cb2341d81a988bb35b370ee6b4aaad6a2897c9134fe655d6e02404f2c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.imcu.com/
Origin: https://www.imcu.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:09 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
via: varnish
x-b3-traceid: 8f9fab5332a89193
age: 81239
x-varnish-ttl: 259200.000
x-varnish-hitmiss: HIT
x-envoy-upstream-service-time: 0
content-disposition: filename="sourcesanspro-extralight.woff2"
content-length: 45100
x-xss-protection: 1; mode=block
x-request-id: c8b8357f-eb10-918a-8eb7-675c574f4320
x-varnish-count: 4564
last-modified: Tue, 14 Nov 2023 17:04:41 GMT
server: nginx
etag: "ac5583a8382c06d5b1f1774461ec3bc4"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
x-varnish: 91345511 86393071
cache-control: public, max-age=0
accept-ranges: bytes
expires: Fri, 17 Nov 2023 17:05:10 GMT

GET
H/1.1 200
OK 1cb1ecef-4911-4acc-b8a4-323103090a15.json Show response
cdn.segmint.net/ 313 B
960 B 30ms
30ms XHR
application/json 3.161.213.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segmint.net/1cb1ecef-4911-4acc-b8a4-323103090a15.json
Requested by: Host: cdn.segmint.net
URL: https://cdn.segmint.net/segmint.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.213.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-213-20.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 143e78d0fc535e02e2c719c0a29f9a6e2ac00959a552de99a3d62fb36b1e3cbf

Request headers

Referer: https://www.imcu.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

Date: Sat, 18 Nov 2023 15:39:09 GMT
Via: 1.1 a128f556f38fd284f05c43da08257e96.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: YUL62-P1
Age: 1
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 313
Last-Modified: Thu, 02 Mar 2023 21:15:14 GMT
Server: AmazonS3
ETag: "9e8243276c884811a405bf54321be0b6"
access-control-max-age: 3000
access-control-allow-methods: PUT, POST, DELETE, GET
Content-Type: application/json
access-control-allow-origin: *
Cache-Control: max-age=900
Accept-Ranges: bytes
X-Amz-Cf-Id: qWc_MvJy9n-L3GyzvHDOb9yZgcdJNlPpNNQcNqVgFZWspoXbsAiG4w==

OPTIONS
H/1.1 200
OK 1cb1ecef-4911-4acc-b8a4-323103090a15.json
cdn.segmint.net/ Frame 0
0 111ms
111ms Preflight 3.161.213.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segmint.net/1cb1ecef-4911-4acc-b8a4-323103090a15.json
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.213.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-213-20.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.imcu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Via: 1.1 a128f556f38fd284f05c43da08257e96.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 08R50cwweFPSYuauQgNkrOc8-8eRLzXOHR4SI3muqOhAMkAFLLwUaw==
X-Amz-Cf-Pop: YUL62-P1
X-Cache: Miss from cloudfront
access-control-allow-headers: content-type
access-control-allow-methods: PUT, POST, DELETE, GET
access-control-allow-origin: *
access-control-max-age: 3000
date: Sat, 18 Nov 2023 15:39:10 GMT
server: AmazonS3
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 92ms
28ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRHXN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 18 Nov 2023 13:49:09 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6601
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 18 Nov 2023 15:49:09 GMT

GET
H2 200 swap.js Show response
cdn.callrail.com/companies/903706234/2b7b80f06241081c703b/12/ 36 KB
11 KB 150ms
51ms Script
text/javascript 99.84.108.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.callrail.com/companies/903706234/2b7b80f06241081c703b/12/swap.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRHXN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.108.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-108-85.iad79.r.cloudfront.net

Software

Resource Hash

8d4e19d4fbff09f97d19c07963009c1e4cda8e37c4e34150fee1888f49033431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 c640b1afa51b342db4c4d96d404a1eda.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: IAD79-C2
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
x-request-id: 56cd3888-3fda-4106-bb76-61d4be43d3be
x-runtime: 0.008817
referrer-policy: strict-origin-when-cross-origin
etag: W/"8d4e19d4fbff09f97d19c07963009c1e"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600, public
timing-allow-origin: *
x-amz-cf-id: knfTlBHLvuDlNZwuYsbFFzT_jB4oBCb4nleEaEvHYwdnlV_cfJkH3w==

GET
H2

200

activityi;dc_pre=CPDA2u7wzYIDFX4DTwgdcnoHHQ;src=8136673;type=pagehit;cat=imcu-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9879383442839.389 Show response
8136673.fls.doubleclick.net/ Frame C90F
Redirect Chain

https://8136673.fls.doubleclick.net/activityi;src=8136673;type=pagehit;cat=imcu-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9879383442839.389?
https://8136673.fls.doubleclick.net/activityi;dc_pre=CPDA2u7wzYIDFX4DTwgdcnoHHQ;src=8136673;type=pagehit;cat=imcu-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9879383442839.389?

485 B
429 B

52ms
51ms

Document
text/html

142.251.16.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8136673.fls.doubleclick.net/activityi;dc_pre=CPDA2u7wzYIDFX4DTwgdcnoHHQ;src=8136673;type=pagehit;cat=imcu-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9879383442839.389?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRHXN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f149.1e100.net

Software

cafe /

Resource Hash

de22750f89cea82841b7b6ead68d8cc193db8fa0c8f3592abdd7cebd250e751c

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.imcu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 253
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 15:39:10 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 15:39:10 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8136673.fls.doubleclick.net/activityi;dc_pre=CPDA2u7wzYIDFX4DTwgdcnoHHQ;src=8136673;type=pagehit;cat=imcu-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9879383442839.389?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CP7U2u7wzYIDFb6h0QQdAyoB-Q;src=8242951;type=pagehit;cat=aimcu006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5781155486274.194 Show response
8242951.fls.doubleclick.net/ Frame 1413
Redirect Chain

https://8242951.fls.doubleclick.net/activityi;src=8242951;type=pagehit;cat=aimcu006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5781155486274.194?
https://8242951.fls.doubleclick.net/activityi;dc_pre=CP7U2u7wzYIDFb6h0QQdAyoB-Q;src=8242951;type=pagehit;cat=aimcu006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5781155486274.194?

487 B
431 B

53ms
52ms

Document
text/html

142.251.16.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8242951.fls.doubleclick.net/activityi;dc_pre=CP7U2u7wzYIDFb6h0QQdAyoB-Q;src=8242951;type=pagehit;cat=aimcu006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5781155486274.194?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRHXN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f149.1e100.net

Software

cafe /

Resource Hash

9d9e8457110d2ca22a907b4e96bcba6be1d71d5170631b6ec4df967ec2a9f5e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.imcu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 255
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 15:39:10 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 15:39:10 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8242951.fls.doubleclick.net/activityi;dc_pre=CP7U2u7wzYIDFb6h0QQdAyoB-Q;src=8242951;type=pagehit;cat=aimcu006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5781155486274.194?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

cookie-mapper
maprtb.segmint.net/rtb/simpli-fi/ Frame 158F
Redirect Chain

https://um.simpli.fi/segmint
https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=B1739CCFBA16476C9850EF0653F2DD2B

43 B
412 B

210ms
51ms

Image
image/gif

54.156.136.130
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=B1739CCFBA16476C9850EF0653F2DD2B
Requested by: Host: connect.segmint.net
URL: https://connect.segmint.net/iframe/doughnut/en1Er9rn5M
Protocol: HTTP/1.1
Server: 54.156.136.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-136-130.compute-1.amazonaws.com
Software: openresty /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 18 Nov 2023 15:39:10 GMT
Server: openresty
X-B3-TraceId: dca78790458e0006
Content-Type: image/gif; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-B3-SpanId: dca78790458e0006
X-B3-Sampled: 1
Connection: keep-alive
Content-Length: 43
X-Application-Context: cookie-mapper:prod:7077
Expires: 0

Redirect headers

date: Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=B1739CCFBA16476C9850EF0653F2DD2B
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 17 Nov 2023 15:39:10 GMT

GET
H2 200 ec0a3730-0bdd-0139-387d-06abc14c0bc6 Show response
tag.simpli.fi/sifitag/ Frame 158F 3 KB
2 KB 111ms
34ms Script
application/javascript 34.86.70.109
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/ec0a3730-0bdd-0139-387d-06abc14c0bc6
Requested by: Host: connect.segmint.net
URL: https://connect.segmint.net/iframe/doughnut/en1Er9rn5M
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.86.70.109 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 109.70.86.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: 173dd338673eb7e21df3c0ff3a86e0f1f752bf33468b01d1d89d09ac39e64132

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 15:39:10 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
x-request-id: F5jBzg54Fz-yILr9LAZE
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK ee5b6330c3944208b58bc655228eba30.jpg
cdn.segmint.net/ 554 KB
554 KB 183ms
183ms Image
image/jpeg 3.161.213.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.segmint.net/ee5b6330c3944208b58bc655228eba30.jpg?cb=863473897
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.213.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-213-20.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d8303ffbf48b58f448e60a347abd105d8d1e6d81fff60c3c3b62a55dadac686c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sat, 18 Nov 2023 15:39:11 GMT
Via: 1.1 e4319b693fea530a4675a1f616581394.cloudfront.net (CloudFront)
Last-Modified: Tue, 07 Nov 2023 14:43:32 GMT
Server: AmazonS3
X-Amz-Cf-Pop: YUL62-P1
ETag: "aa89bde08ecf0ed8272d3fb441f29e2a"
x-amz-server-side-encryption: AES256
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 567026
X-Amz-Cf-Id: guzBEcMB8x5BkQ-4g7s8X3q6ONGlHk74txkXwtm-C7Y9iewpi_uxag==

OPTIONS
H/1.1 204
No Content event
connect.segmint.net/ Frame 0
0 44ms
44ms Preflight 52.45.67.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.segmint.net/event
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.67.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-67-236.compute-1.amazonaws.com
Software: openresty /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.imcu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Auth-Username, X-Auth-Password, X-Auth-New-Password, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
Access-Control-Allow-Origin: https://www.imcu.com
Access-Control-Max-Age: 1728000
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Sat, 18 Nov 2023 15:39:08 GMT
Expires: 0
P3P: CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info."
Pragma: no-cache
Server: openresty

POST
H/1.1 200
OK event Show response
connect.segmint.net/ 0
637 B 60ms
60ms XHR
text/plain 52.45.67.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.segmint.net/event
Requested by: Host: cdn.segmint.net
URL: https://cdn.segmint.net/segmint.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.67.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-67-236.compute-1.amazonaws.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.imcu.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Sat, 18 Nov 2023 15:38:56 GMT
Server: openresty
P3P: CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info."
Access-Control-Allow-Origin: https://www.imcu.com
Content-Type: text/plain;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-Application-Context: site-event-receiver-service:prod:7084
Expires: 0

GET
H/1.1 200
OK en1Er9rn5M Show response
connect.segmint.net/iframe/doughnut/ Frame 7E08 509 B
1 KB 64ms
64ms Document
text/html 52.45.67.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.segmint.net/iframe/doughnut/en1Er9rn5M

Requested by

Host: cdn.segmint.net
URL: https://cdn.segmint.net/segmint.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.45.67.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-67-236.compute-1.amazonaws.com

Software

openresty /

Resource Hash

0aa49cded6c89343a514ac6a5bdf368cc49b43193c968852fa56a9b82e25cb32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.imcu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Language: en-US
Content-Length: 307
Content-Type: text/html;charset=UTF-8
Date: Sat, 18 Nov 2023 15:39:08 GMT
Expires: 0
P3P: CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info."
Pragma: no-cache
Server: openresty
Vary: Accept-Encoding
X-Application-Context: offer-delivery:prod:7074
X-B3-Sampled: 1
X-B3-SpanId: bf5bbc06a29d81e1
X-B3-TraceId: bf5bbc06a29d81e1
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1

200
OK

cookie-mapper
maprtb.segmint.net/rtb/simpli-fi/ Frame 7E08
Redirect Chain

https://um.simpli.fi/segmint
https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=AD11BC8ED322443E8F37718276809B76

43 B
412 B

182ms
49ms

Image
image/gif

54.156.136.130
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=AD11BC8ED322443E8F37718276809B76
Requested by: Host: connect.segmint.net
URL: https://connect.segmint.net/iframe/doughnut/en1Er9rn5M
Protocol: HTTP/1.1
Server: 54.156.136.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-136-130.compute-1.amazonaws.com
Software: openresty /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 18 Nov 2023 15:39:10 GMT
Server: openresty
X-B3-TraceId: f1d5c0eed93a9b4a
Content-Type: image/gif; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-B3-SpanId: f1d5c0eed93a9b4a
X-B3-Sampled: 1
Connection: keep-alive
Content-Length: 43
X-Application-Context: cookie-mapper:prod:7077
Expires: 0

Redirect headers

date: Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=AD11BC8ED322443E8F37718276809B76
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 17 Nov 2023 15:39:10 GMT

GET
H2 200 ec0a3730-0bdd-0139-387d-06abc14c0bc6 Show response
tag.simpli.fi/sifitag/ Frame 7E08 3 KB
2 KB 35ms
35ms Script
application/javascript 34.86.70.109
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/ec0a3730-0bdd-0139-387d-06abc14c0bc6
Requested by: Host: connect.segmint.net
URL: https://connect.segmint.net/iframe/doughnut/en1Er9rn5M
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.86.70.109 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 109.70.86.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: 173dd338673eb7e21df3c0ff3a86e0f1f752bf33468b01d1d89d09ac39e64132

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 15:39:10 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
x-request-id: F5jBzhAENbzf6-IVL5kF
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
219 B 42ms
41ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=327066531&t=pageview&_s=1&dl=https%3A%2F%2Fwww.imcu.com%2F&ul=en-us&de=UTF-8&dt=Indiana%20Members%20Credit%20Union%3A%20Keeping%20It%20Simple&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAAC~&jid=1874321647&gjid=478859456&cid=98233597.1700321949&tid=UA-101576590-3&_gid=50734388.1700321950&_r=1&_slc=1&gtm=45He3b81n71WDRHXNv72671689&gcd=11l1l1l1l1&dma=0&z=407715034

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a5b94a48260f3b7d6b48c4f1a0516a1d3d7bc3e466e4e22b6440348fe46140b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.imcu.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 15:39:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.imcu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 external_forms.js Show response
js.callrail.com/companies/903706234/ 23 KB
7 KB 81ms
40ms Script
text/javascript 99.84.108.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.callrail.com/companies/903706234/external_forms.js?t=1700321950134&

Requested by

Host: cdn.callrail.com
URL: https://cdn.callrail.com/companies/903706234/2b7b80f06241081c703b/12/swap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.108.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-108-85.iad79.r.cloudfront.net

Software

Resource Hash

bb520d834b4b8107e8cd589e6fb93cf0fd70c6282bc711c597978eb1598fa40c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 c640b1afa51b342db4c4d96d404a1eda.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: IAD79-C2
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
x-request-id: 973f77d2-b91e-44ed-beed-8b6814078d07
x-runtime: 0.002370
referrer-policy: strict-origin-when-cross-origin
etag: W/"bb520d834b4b8107e8cd589e6fb93cf0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-amz-cf-id: 7JoTyMk4MupoNdvQPOy1ERvTN8RbYGJ9EF_5Nk8AJHE5lachd2qgBQ==

POST swap_session.json
js.callrail.com/group/0/2b7b80f06241081c703b/12/ 0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
81 KB 52ms
51ms Script
application/javascript 2607:f8b0:4004:c06::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YV4CDMLBMQ&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6c66c5eb9ab098979bb75d6f8b7a9f562e42c9439a98b16e5012b96c8919cf61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82741
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 18 Nov 2023 15:39:10 GMT

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CPDA2u7wzYIDFX4DTwgdcnoHHQ;src=8136673;type=pagehit;cat=imcu-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9879383442839.389;~oref=https://www.imcu.... Frame 4F9E 194 B
440 B 131ms
61ms Document
text/html 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CPDA2u7wzYIDFX4DTwgdcnoHHQ;src=8136673;type=pagehit;cat=imcu-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9879383442839.389;~oref=https://www.imcu.com/

Requested by

Host: 8136673.fls.doubleclick.net
URL: https://8136673.fls.doubleclick.net/activityi;dc_pre=CPDA2u7wzYIDFX4DTwgdcnoHHQ;src=8136673;type=pagehit;cat=imcu-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9879383442839.389?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8136673.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 15:39:10 GMT
expires: Sat, 18 Nov 2023 15:39:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CP7U2u7wzYIDFb6h0QQdAyoB-Q;src=8242951;type=pagehit;cat=aimcu006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5781155486274.194;~oref=https://www.imc... Frame 6CB8 194 B
150 B 129ms
62ms Document
text/html 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CP7U2u7wzYIDFb6h0QQdAyoB-Q;src=8242951;type=pagehit;cat=aimcu006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5781155486274.194;~oref=https://www.imcu.com/

Requested by

Host: 8242951.fls.doubleclick.net
URL: https://8242951.fls.doubleclick.net/activityi;dc_pre=CP7U2u7wzYIDFb6h0QQdAyoB-Q;src=8242951;type=pagehit;cat=aimcu006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5781155486274.194?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8242951.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 15:39:10 GMT
expires: Sat, 18 Nov 2023 15:39:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 42ms
42ms Ping
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-YV4CDMLBMQ&gtm=45je3b81v9124186657&_p=1700321948368&gcd=11l1l1l1l2&dma=0&ul=en-us&sr=1600x1200&cid=98233597.1700321949&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.imcu.com%2F&dt=Indiana%20Members%20Credit%20Union%3A%20Keeping%20It%20Simple&sid=1700321950&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2398
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YV4CDMLBMQ&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.imcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 15:39:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.imcu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p Show response
i.simpli.fi/ Frame 7E08 804 B
767 B 38ms
34ms Script
application/javascript 34.86.70.109
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.simpli.fi/p?cid=283320&cb=sifi_att_27612299117._hp
Requested by: Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/ec0a3730-0bdd-0139-387d-06abc14c0bc6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.86.70.109 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 109.70.86.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: b40ca771601612c31b766c4d2832765849d664971039722319cbd79f9fe15058

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 15:39:10 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 p Show response
i.simpli.fi/ Frame 158F 804 B
766 B 36ms
36ms Script
application/javascript 34.86.70.109
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.simpli.fi/p?cid=283320&cb=sifi_att_27612299117._hp
Requested by: Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/ec0a3730-0bdd-0139-387d-06abc14c0bc6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.86.70.109 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 109.70.86.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: 32b22d2da0448a339ab64e56f8502a00c34a301cff780cf1000bf30eee8f534e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 15:39:10 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

cs
cs.lkqd.net/ Frame 7E08
Redirect Chain

https://um.simpli.fi/smaato
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=7A19DEE67BE241A5943EDCFDDB79585D
https://cs.lkqd.net/cs?partnerId=109&partnerUserId=6643b14a89&gdpr=0&gdpr_consent=

43 B
521 B

112ms
36ms

Image
image/gif

69.20.43.192
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=109&partnerUserId=6643b14a89&gdpr=0&gdpr_consent=
Protocol: H2
Server: 69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:10 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

date: Sat, 18 Nov 2023 15:39:10 GMT
via: 1.1 782e548cb0b1b64c63d995fc59568b48.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: IAD89-P2
x-cache: Miss from cloudfront
location: https://cs.lkqd.net/cs?partnerId=109&partnerUserId=6643b14a89&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: 3gi1BxEuC2maRmYGLXzdVSl-ER7MqVqHqSl_5T_4yd22vVlOFclEqQ==

GET
H/1.1

200
OK

RX-506e20de-f929-4192-b618-3434c841a280-005
sync.targeting.unrulymedia.com/csync/ Frame 7E08
Redirect Chain

https://um.simpli.fi/nexxen
https://sync.1rx.io/usersync/simplifi/7A19DEE67BE241A5943EDCFDDB79585D
https://sync.1rx.io/usersync/simplifi/7A19DEE67BE241A5943EDCFDDB79585D?zcc=1&cb=1700321950523
https://sync.targeting.unrulymedia.com/csync/RX-506e20de-f929-4192-b618-3434c841a280-005

43 B
452 B

195ms
42ms

Image
image/gif

199.127.204.171
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-506e20de-f929-4192-b618-3434c841a280-005
Protocol: HTTP/1.1
Server: 199.127.204.171 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sat, 18 Nov 2023 15:39:10 GMT
Server: Tengine
Connection: keep-alive
Content-Length: 43
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma: no-cache
Date: Sat, 18 Nov 2023 15:39:10 GMT
Server: Tengine
Transfer-Encoding: chunked
Content-Type: text/html
Location: https://sync.targeting.unrulymedia.com/csync/RX-506e20de-f929-4192-b618-3434c841a280-005
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2

200

xuid
eb2.3lift.com/ Frame 7E08
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=7A19DEE67BE241A5943EDCFDDB79585D&dongle=yf3
https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=7A19DEE67BE241A5943EDCFDDB79585D&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=

37 B
354 B

56ms
55ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=7A19DEE67BE241A5943EDCFDDB79585D&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
Protocol: H2
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif
date: Sat, 18 Nov 2023 15:39:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7969&xuid=7A19DEE67BE241A5943EDCFDDB79585D&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
date: Sat, 18 Nov 2023 15:39:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

sync
simplifi.partners.tremorhub.com/ Frame 7E08
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=7A19DEE67BE241A5943EDCFDDB79585D

43 B
175 B

108ms
32ms

Image
image/gif

2600:1f18:612b:4216:d296:b4ab:44c7:4070
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=7A19DEE67BE241A5943EDCFDDB79585D
Protocol: H2
Server: 2600:1f18:612b:4216:d296:b4ab:44c7:4070 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Sat, 18 Nov 2023 15:39:10 GMT
server: nginx
content-type: image/gif

Redirect headers

date: Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://simplifi.partners.tremorhub.com/sync?UISF=7A19DEE67BE241A5943EDCFDDB79585D
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 17 Nov 2023 15:39:10 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 7E08
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=7A19DEE67BE241A5943EDCFDDB79585D
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=7A19DEE67BE241A5943EDCFDDB79585D

95 B
436 B

55ms
49ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=7A19DEE67BE241A5943EDCFDDB79585D

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=7A19DEE67BE241A5943EDCFDDB79585D
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

empty.gif
um.simpli.fi/ Frame 7E08
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=7A19DEE67BE241A5943EDCFDDB79585D
https://d.agkn.com/pixel/10751/?che=1700321950531&ip=96.9.249.35&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D214700604704007979242
https://um.simpli.fi/aa_px?sk=214700604704007979242
https://um.simpli.fi/empty.gif

43 B
361 B

33ms
33ms

Image
image/gif

34.150.170.96
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/empty.gif

Protocol

Server

34.150.170.96 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

96.170.150.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

Redirect headers

date: Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: /empty.gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142

GET
H2

200

ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame 7E08
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=7A19DEE67BE241A5943EDCFDDB79585D
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=7A19DEE67BE241A5943EDCFDDB79585D&ckls=true&ci=wAgUVC59Em&nc=false&trid=-1103931988

43 B
562 B

150ms
71ms

Image
image/gif

13.225.195.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=7A19DEE67BE241A5943EDCFDDB79585D&ckls=true&ci=wAgUVC59Em&nc=false&trid=-1103931988
Protocol: H2
Server: 13.225.195.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-195-89.yul62.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 15:39:10 GMT
via: 1.1 a1ba4b0527e41da66664ba375de24b7c.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: YUL62-C1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: 2drMLsvfdjMt1npcjDO6gwcZ5K_IT1cHmkVvn1njtsreqaH1pXmCiQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 18 Nov 2023 15:39:10 GMT
via: 1.1 ae9634deb2e9d6f8d396fc6f1e0586fa.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=7A19DEE67BE241A5943EDCFDDB79585D&ckls=true&ci=wAgUVC59Em&nc=false&trid=-1103931988
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
patent: https://www.almondnet.com/ip
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: hCTQ-QQnhrw8ZXUmEifpqBHf5cD9GHYVhvh_-zwAeIA4MaAFkVZIHQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 7E08
Redirect Chain

https://um.simpli.fi/pubmatic
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:7A19DEE67BE241A5943EDCFDDB79585D

42 B
554 B

117ms
33ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:7A19DEE67BE241A5943EDCFDDB79585D
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 18 Nov 2023 15:39:08 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date: Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:7A19DEE67BE241A5943EDCFDDB79585D
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 17 Nov 2023 15:39:10 GMT

GET
H/1.1

200

user-registering
ads.stickyadstv.com/ Frame 7E08
Redirect Chain

https://um.simpli.fi/freewheel
https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=7A19DEE67BE241A5943EDCFDDB79585D

43 B
651 B

111ms
37ms

Image
image/gif

63.251.28.133
FREEWHEEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=7A19DEE67BE241A5943EDCFDDB79585D
Protocol: HTTP/1.1
Server: 63.251.28.133 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 18 Nov 2023 15:39:10 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1700321950489035-255

Redirect headers

date: Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=7A19DEE67BE241A5943EDCFDDB79585D
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 17 Nov 2023 15:39:10 GMT

GET
H2

200

engine
pbid.pro-market.net/ Frame 7E08
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=7A19DEE67BE241A5943EDCFDDB79585D;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=7A19DEE67BE241A5943EDCFDDB79585D;mimetype=img;sr
https://cms.analytics.yahoo.com/cms?partner_id=DATCS
https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS
https://pbid.pro-market.net/engine?du=81&mimetype=img&csync=y-FabFtFtE2pSrdkzIlJLIKt6hY1TSgT9gUjU-~A

43 B
418 B

57ms
55ms

Image
image/gif

2600:1901:0:8eee::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbid.pro-market.net/engine?du=81&mimetype=img&csync=y-FabFtFtE2pSrdkzIlJLIKt6hY1TSgT9gUjU-~A
Protocol: H2
Server: 2600:1901:0:8eee:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 15:39:10 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp2
content-type: image/gif
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 43
expires: Mon, 1 Jan 1990 0:0:0 GMT

Redirect headers

location: https://pbid.pro-market.net/engine?du=81&mimetype=img&csync=y-FabFtFtE2pSrdkzIlJLIKt6hY1TSgT9gUjU-~A
date: Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

/
loadm.exelator.com/load/ Frame 7E08
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=7A19DEE67BE241A5943EDCFDDB79585D&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=7A19DEE67BE241A5943EDCFDDB79585D&j=0&xl8blockcheck=1

0
771 B

88ms
88ms

Image
text/plain

44.238.141.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=7A19DEE67BE241A5943EDCFDDB79585D&j=0&xl8blockcheck=1
Protocol: H2
Server: 44.238.141.43 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-238-141-43.us-west-2.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:10 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Sat, 18 Nov 2023 15:39:10 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=7A19DEE67BE241A5943EDCFDDB79585D&j=0&xl8blockcheck=1
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55964/ Frame 7E08
Redirect Chain

https://um.simpli.fi/yahoo
https://ups.analytics.yahoo.com/ups/55964/sync?uid=7A19DEE67BE241A5943EDCFDDB79585D
https://ups.analytics.yahoo.com/ups/55964/sync?uid=7A19DEE67BE241A5943EDCFDDB79585D&verify=true

0
121 B

44ms
42ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55964/sync?uid=7A19DEE67BE241A5943EDCFDDB79585D&verify=true

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55964/sync?uid=7A19DEE67BE241A5943EDCFDDB79585D&verify=true
date: Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

204

sync
sync.bfmio.com/ Frame 7E08
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=7A19DEE67BE241A5943EDCFDDB79585D

0
421 B

216ms
39ms

Image
text/plain

52.2.62.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=7A19DEE67BE241A5943EDCFDDB79585D
Protocol: HTTP/1.1
Server: 52.2.62.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-2-62-184.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Connection: keep-alive
Date: Sat, 18 Nov 2023 15:39:10 GMT

Redirect headers

date: Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.bfmio.com/sync?pid=141&uid=7A19DEE67BE241A5943EDCFDDB79585D
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 17 Nov 2023 15:39:10 GMT

GET
H2

200

29931
stags.bluekai.com/site/ Frame 7E08
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=7A19DEE67BE241A5943EDCFDDB79585D

62 B
445 B

215ms
106ms

Image
image/gif

23.220.120.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=7A19DEE67BE241A5943EDCFDDB79585D
Protocol: H2
Server: 23.220.120.241 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-220-120-241.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Sat, 18 Nov 2023 15:39:10 GMT
content-length: 62
content-type: image/gif

Redirect headers

date: Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://stags.bluekai.com/site/29931?id=7A19DEE67BE241A5943EDCFDDB79585D
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 17 Nov 2023 15:39:10 GMT

GET
H2

200

tpid=7A19DEE67BE241A5943EDCFDDB79585D
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/ Frame 7E08
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=7A19DEE67BE241A5943EDCFDDB79585D
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=7A19DEE67BE241A5943EDCFDDB79585D

49 B
265 B

98ms
97ms

Image
image/gif

34.236.173.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=7A19DEE67BE241A5943EDCFDDB79585D
Protocol: H2
Server: 34.236.173.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-173-204.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 15:39:10 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.60.202
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 18 Nov 2023 15:39:10 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=7A19DEE67BE241A5943EDCFDDB79585D
cache-control: no-cache
x-server: 10.40.15.180
content-length: 0
expires: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 7E08
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=7A19DEE67BE241A5943EDCFDDB79585D
https://ce.lijit.com/merge?pid=2&3pid=7A19DEE67BE241A5943EDCFDDB79585D&dnr=1

43 B
679 B

49ms
48ms

Image
image/gif

63.251.86.50
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=7A19DEE67BE241A5943EDCFDDB79585D&dnr=1
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 18 Nov 2023 15:39:10 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 18 Nov 2023 15:39:10 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=2&3pid=7A19DEE67BE241A5943EDCFDDB79585D&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H3

200

396846.gif
idsync.rlcdn.com/ Frame 7E08
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=7A19DEE67BE241A5943EDCFDDB79585D
https://idsync.rlcdn.com/1000.gif?memo=CO7NGRIrCicIARDuJBogN0ExOURFRTY3QkUyNDFBNTk0M0VEQ0ZEREI3OTU4NUQQABoNCJ6146oGEgUI6AcQAEIASgA
https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=6c7f2129-509e-47a6-94fe-a420a7ada107

42 B
60 B

58ms
58ms

Image
image/gif

35.244.154.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=6c7f2129-509e-47a6-94fe-a420a7ada107
Protocol: H3
Server: 35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:10 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Sat, 18 Nov 2023 15:39:10 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=6c7f2129-509e-47a6-94fe-a420a7ada107
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

/
www.google.com/pagead/1p-conversion/1026675585/ Frame 7E08
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1700321950347&cv=7&fst=1700321950347&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=909029185&cv=7&fst=1700321950347&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=n...
https://www.google.com/pagead/1p-conversion/1026675585/?random=909029185&cv=7&fst=1700321950347&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIguvy7v...

42 B
108 B

117ms
50ms

Image
image/gif

2607:f8b0:4004:c07::68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/1026675585/?random=909029185&cv=7&fst=1700321950347&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIguvy7vDNggMVh5GfCh38jQGx&is_vtc=1&ocp_id=ntpYZYKkHYej_gT8m4aICw&cid=CAQSKQDICaaN5RSAqiTvBrlPoQq_klCSJzInU65MvI9WKVIib0n3GRrsXJ0S&random=1958178566

Protocol

Server

2607:f8b0:4004:c07::68 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 15:39:10 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 18 Nov 2023 15:39:10 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.google.com/pagead/1p-conversion/1026675585/?random=909029185&cv=7&fst=1700321950347&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIguvy7vDNggMVh5GfCh38jQGx&is_vtc=1&ocp_id=ntpYZYKkHYej_gT8m4aICw&cid=CAQSKQDICaaN5RSAqiTvBrlPoQq_klCSJzInU65MvI9WKVIib0n3GRrsXJ0S&random=1958178566
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 spotx_match
um.simpli.fi/ Frame 7E08 0
272 B 78ms
68ms Image
text/plain 34.150.170.96
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/spotx_match

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.150.170.96 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

96.170.150.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS

GET
H2

200

setuid
ib.adnxs.com/ Frame 7E08
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=7A19DEE67BE241A5943EDCFDDB79585D

43 B
847 B

47ms
37ms

Image
image/gif

68.67.161.182
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=66&code=7A19DEE67BE241A5943EDCFDDB79585D

Protocol

Server

68.67.161.182 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 15:39:10 GMT
an-x-request-uuid: 44ba9aa6-04e0-4172-99e4-8e32975e2661
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 96.9.249.35; 96.9.249.35; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

date: Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ib.adnxs.com/setuid?entity=66&code=7A19DEE67BE241A5943EDCFDDB79585D
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 17 Nov 2023 15:39:10 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 7E08
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=7A19DEE67BE241A5943EDCFDDB79585D&expires=365

42 B
775 B

221ms
36ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=7A19DEE67BE241A5943EDCFDDB79585D&expires=365
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 574abe46412f7df61ec8713ff1a5b646
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=7A19DEE67BE241A5943EDCFDDB79585D&expires=365
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 17 Nov 2023 15:39:10 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 7E08
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=7A19DEE67BE241A5943EDCFDDB79585D
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=7A19DEE67BE241A5943EDCFDDB79585D

43 B
180 B

51ms
51ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=7A19DEE67BE241A5943EDCFDDB79585D
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 15:39:10 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=7A19DEE67BE241A5943EDCFDDB79585D
date: Sat, 18 Nov 2023 15:39:10 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

204

g_match
um.simpli.fi/ Frame 7E08
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://um.simpli.fi/g_match?id=&google_gid=CAESEPKZkgkfoEAYKjC626_KFVI&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7A19DEE67BE241A5943EDCFDDB79585D
https://um.simpli.fi/g_match?id=

0
320 B

33ms
32ms

Image
text/plain

34.150.170.96
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Protocol

Server

34.150.170.96 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

96.170.150.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Fri, 17 Nov 2023 15:39:10 GMT

Redirect headers

pragma: no-cache
date: Sat, 18 Nov 2023 15:39:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://um.simpli.fi/g_match?id=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cs
cs.lkqd.net/ Frame 158F
Redirect Chain

https://um.simpli.fi/smaato
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=7A19DEE67BE241A5943EDCFDDB79585D
https://cs.lkqd.net/cs?partnerId=109&partnerUserId=cfb443f2e2&gdpr=0&gdpr_consent=

43 B
520 B

108ms
36ms

Image
image/gif

69.20.43.192
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=109&partnerUserId=cfb443f2e2&gdpr=0&gdpr_consent=
Protocol: H2
Server: 69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:10 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

date: Sat, 18 Nov 2023 15:39:10 GMT
via: 1.1 782e548cb0b1b64c63d995fc59568b48.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: IAD89-P2
x-cache: Miss from cloudfront
location: https://cs.lkqd.net/cs?partnerId=109&partnerUserId=cfb443f2e2&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: _ysTX82wMEwBUdc9QpoejeireohEsCNQcmZiyFnK_5lXtwUfZ1m8CQ==

GET
H/1.1

200
OK

RX-7f59a218-9230-46b3-b127-e5c5cef621da-005
sync.targeting.unrulymedia.com/csync/ Frame 158F
Redirect Chain

https://um.simpli.fi/nexxen
https://sync.1rx.io/usersync/simplifi/7A19DEE67BE241A5943EDCFDDB79585D
https://sync.1rx.io/usersync/simplifi/7A19DEE67BE241A5943EDCFDDB79585D?zcc=1&cb=1700321950556
https://sync.targeting.unrulymedia.com/csync/RX-7f59a218-9230-46b3-b127-e5c5cef621da-005

43 B
452 B

168ms
45ms

Image
image/gif

199.127.204.171
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-7f59a218-9230-46b3-b127-e5c5cef621da-005
Protocol: HTTP/1.1
Server: 199.127.204.171 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sat, 18 Nov 2023 15:39:10 GMT
Server: Tengine
Connection: keep-alive
Content-Length: 43
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma: no-cache
Date: Sat, 18 Nov 2023 15:39:10 GMT
Server: Tengine
Transfer-Encoding: chunked
Content-Type: text/html
Location: https://sync.targeting.unrulymedia.com/csync/RX-7f59a218-9230-46b3-b127-e5c5cef621da-005
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2

200

xuid
eb2.3lift.com/ Frame 158F
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=7A19DEE67BE241A5943EDCFDDB79585D&dongle=yf3
https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=7A19DEE67BE241A5943EDCFDDB79585D&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=

37 B
354 B

54ms
54ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=7A19DEE67BE241A5943EDCFDDB79585D&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
Protocol: H2
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif
date: Sat, 18 Nov 2023 15:39:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7969&xuid=7A19DEE67BE241A5943EDCFDDB79585D&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
date: Sat, 18 Nov 2023 15:39:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

sync
simplifi.partners.tremorhub.com/ Frame 158F
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=7A19DEE67BE241A5943EDCFDDB79585D

43 B
174 B

71ms
33ms

Image
image/gif

2600:1f18:612b:4216:d296:b4ab:44c7:4070
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=7A19DEE67BE241A5943EDCFDDB79585D
Protocol: H2
Server: 2600:1f18:612b:4216:d296:b4ab:44c7:4070 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Sat, 18 Nov 2023 15:39:10 GMT
server: nginx
content-type: image/gif

Redirect headers

date: Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://simplifi.partners.tremorhub.com/sync?UISF=7A19DEE67BE241A5943EDCFDDB79585D
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 17 Nov 2023 15:39:10 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 158F
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=7A19DEE67BE241A5943EDCFDDB79585D
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=7A19DEE67BE241A5943EDCFDDB79585D

95 B
425 B

52ms
49ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=7A19DEE67BE241A5943EDCFDDB79585D

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=7A19DEE67BE241A5943EDCFDDB79585D
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

empty.gif
um.simpli.fi/ Frame 158F
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=7A19DEE67BE241A5943EDCFDDB79585D
https://d.agkn.com/pixel/10751/?che=1700321950529&ip=96.9.249.35&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D212630604704007984171
https://um.simpli.fi/aa_px?sk=212630604704007984171
https://um.simpli.fi/empty.gif

43 B
361 B

33ms
33ms

Image
image/gif

34.150.170.96
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/empty.gif

Protocol

Server

34.150.170.96 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

96.170.150.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

Redirect headers

date: Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: /empty.gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142

GET
H2

200

ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame 158F
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=7A19DEE67BE241A5943EDCFDDB79585D
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=7A19DEE67BE241A5943EDCFDDB79585D&ckls=true&ci=9mCowxeomW&nc=false&trid=-639575343

43 B
1 KB

122ms
49ms

Image
image/gif

13.225.195.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=7A19DEE67BE241A5943EDCFDDB79585D&ckls=true&ci=9mCowxeomW&nc=false&trid=-639575343
Protocol: H2
Server: 13.225.195.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-195-89.yul62.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 15:39:10 GMT
via: 1.1 a1ba4b0527e41da66664ba375de24b7c.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: YUL62-C1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: dGpatDHiArvNlXQ_l_VUXkR1OAcu-LAOawIPMkOKyzaZZRVU15rjtg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 18 Nov 2023 15:39:10 GMT
via: 1.1 ae9634deb2e9d6f8d396fc6f1e0586fa.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=7A19DEE67BE241A5943EDCFDDB79585D&ckls=true&ci=9mCowxeomW&nc=false&trid=-639575343
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
patent: https://www.almondnet.com/ip
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: WROg6hUgs89E2BAkXzTGLwuPbT_eKJkFuHvIpPgZTPU8JSq4l4aD8Q==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 158F
Redirect Chain

https://um.simpli.fi/pubmatic
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:7A19DEE67BE241A5943EDCFDDB79585D

42 B
405 B

80ms
33ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:7A19DEE67BE241A5943EDCFDDB79585D
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 18 Nov 2023 15:39:09 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date: Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:7A19DEE67BE241A5943EDCFDDB79585D
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 17 Nov 2023 15:39:10 GMT

GET
H/1.1

200

user-registering
ads.stickyadstv.com/ Frame 158F
Redirect Chain

https://um.simpli.fi/freewheel
https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=7A19DEE67BE241A5943EDCFDDB79585D

43 B
656 B

113ms
36ms

Image
image/gif

63.251.28.133
FREEWHEEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=7A19DEE67BE241A5943EDCFDDB79585D
Protocol: HTTP/1.1
Server: 63.251.28.133 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 18 Nov 2023 15:39:10 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1700321950523063-1163

Redirect headers

date: Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=7A19DEE67BE241A5943EDCFDDB79585D
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 17 Nov 2023 15:39:10 GMT

GET
H3

200

400646.gif
idsync.rlcdn.com/ Frame 158F
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=7A19DEE67BE241A5943EDCFDDB79585D;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=7A19DEE67BE241A5943EDCFDDB79585D;mimetype=img;sr
https://idsync.rlcdn.com/400646.gif?partner_uid=850954027848977010

42 B
60 B

57ms
56ms

Image
image/gif

35.244.154.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/400646.gif?partner_uid=850954027848977010
Protocol: H3
Server: 35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:10 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Sat, 18 Nov 2023 15:39:10 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp7.us1
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
location: https://idsync.rlcdn.com/400646.gif?partner_uid=850954027848977010
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
expires: Mon, 1 Jan 1990 0:0:0 GMT

GET
H2

204

/
loadm.exelator.com/load/ Frame 158F
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=7A19DEE67BE241A5943EDCFDDB79585D&j=0

0
93 B

762ms
587ms

Image
text/plain

44.238.141.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=7A19DEE67BE241A5943EDCFDDB79585D&j=0
Protocol: H2
Server: 44.238.141.43 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-238-141-43.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:11 GMT
server: nginx
server-timing: total;dur=0.500
etag: "60ed0efd-0"

Redirect headers

date: Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=7A19DEE67BE241A5943EDCFDDB79585D&j=0
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 17 Nov 2023 15:39:10 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55964/ Frame 158F
Redirect Chain

https://um.simpli.fi/yahoo
https://ups.analytics.yahoo.com/ups/55964/sync?uid=7A19DEE67BE241A5943EDCFDDB79585D
https://ups.analytics.yahoo.com/ups/55964/sync?uid=7A19DEE67BE241A5943EDCFDDB79585D&verify=true

0
17 B

44ms
43ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55964/sync?uid=7A19DEE67BE241A5943EDCFDDB79585D&verify=true

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55964/sync?uid=7A19DEE67BE241A5943EDCFDDB79585D&verify=true
date: Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

204

sync
sync.bfmio.com/ Frame 158F
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=7A19DEE67BE241A5943EDCFDDB79585D

0
421 B

213ms
40ms

Image
text/plain

52.2.62.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=7A19DEE67BE241A5943EDCFDDB79585D
Protocol: HTTP/1.1
Server: 52.2.62.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-2-62-184.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Connection: keep-alive
Date: Sat, 18 Nov 2023 15:39:09 GMT

Redirect headers

date: Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.bfmio.com/sync?pid=141&uid=7A19DEE67BE241A5943EDCFDDB79585D
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 17 Nov 2023 15:39:10 GMT

GET
H2

200

29931
stags.bluekai.com/site/ Frame 158F
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=7A19DEE67BE241A5943EDCFDDB79585D

62 B
445 B

206ms
100ms

Image
image/gif

23.220.120.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=7A19DEE67BE241A5943EDCFDDB79585D
Protocol: H2
Server: 23.220.120.241 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-220-120-241.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Sat, 18 Nov 2023 15:39:10 GMT
content-length: 62
content-type: image/gif

Redirect headers

date: Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://stags.bluekai.com/site/29931?id=7A19DEE67BE241A5943EDCFDDB79585D
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 17 Nov 2023 15:39:10 GMT

GET
H2

200

tpid=7A19DEE67BE241A5943EDCFDDB79585D
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/ Frame 158F
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=7A19DEE67BE241A5943EDCFDDB79585D
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=7A19DEE67BE241A5943EDCFDDB79585D

49 B
544 B

56ms
54ms

Image
image/gif

34.236.173.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=7A19DEE67BE241A5943EDCFDDB79585D
Protocol: H2
Server: 34.236.173.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-173-204.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 15:39:10 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.0.240
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 18 Nov 2023 15:39:10 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=7A19DEE67BE241A5943EDCFDDB79585D
cache-control: no-cache
x-server: 10.40.54.222
content-length: 0
expires: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 158F
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=7A19DEE67BE241A5943EDCFDDB79585D
https://ce.lijit.com/merge?pid=2&3pid=7A19DEE67BE241A5943EDCFDDB79585D&dnr=1

43 B
679 B

35ms
35ms

Image
image/gif

63.251.86.50
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=7A19DEE67BE241A5943EDCFDDB79585D&dnr=1
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 18 Nov 2023 15:39:10 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 18 Nov 2023 15:39:10 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=2&3pid=7A19DEE67BE241A5943EDCFDDB79585D&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET

/
p.adsymptotic.com/d/px/ Frame 158F
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=7A19DEE67BE241A5943EDCFDDB79585D
https://pippio.com/api/sync?pid=5324&_=2
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpGgwInrXjqgYSBAgCEABCAEoA
https://pippio.com/api/sync/ddp?pid=2&m=CMwpGgwInrXjqgYSBAgCEABCAEoA&google_gid=CAESED6LKGBVM5_zQ6L7PEp2cfw&google_cver=1
https://p.adsymptotic.com/d/px/?_pid=16257&_psign=5a9f251662be469b9732c38b03f11952&_redirect=https%3A%2F%2Fpippio.com%2Fapi%2Fsync%3Fpid%3D710202%26it%3D1%26iv%3D%24%7BUUID%7D&_rand=03548031

0
0

GET
H2 204 spotx_match
um.simpli.fi/ Frame 158F 0
272 B 104ms
100ms Image
text/plain 34.150.170.96
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/spotx_match

Requested by

Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/ec0a3730-0bdd-0139-387d-06abc14c0bc6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.150.170.96 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

96.170.150.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS

GET
H2

200

setuid
ib.adnxs.com/ Frame 158F
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=7A19DEE67BE241A5943EDCFDDB79585D

43 B
847 B

50ms
49ms

Image
image/gif

68.67.161.182
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=66&code=7A19DEE67BE241A5943EDCFDDB79585D

Protocol

Server

68.67.161.182 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 15:39:10 GMT
an-x-request-uuid: 90da5ba1-a06c-4350-83f6-c8b6c1fd66fd
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 96.9.249.35; 96.9.249.35; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

date: Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ib.adnxs.com/setuid?entity=66&code=7A19DEE67BE241A5943EDCFDDB79585D
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 17 Nov 2023 15:39:10 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 158F
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=7A19DEE67BE241A5943EDCFDDB79585D&expires=365

42 B
775 B

193ms
36ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=7A19DEE67BE241A5943EDCFDDB79585D&expires=365
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 2fcb300b847bad3e7dd1184ec8a1c2f5
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=7A19DEE67BE241A5943EDCFDDB79585D&expires=365
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 17 Nov 2023 15:39:10 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 158F
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=7A19DEE67BE241A5943EDCFDDB79585D
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=7A19DEE67BE241A5943EDCFDDB79585D

43 B
106 B

231ms
231ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=7A19DEE67BE241A5943EDCFDDB79585D
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 15:39:10 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=7A19DEE67BE241A5943EDCFDDB79585D
date: Sat, 18 Nov 2023 15:39:10 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

204

g_match
um.simpli.fi/ Frame 158F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://um.simpli.fi/g_match?id=&google_gid=CAESELljDJI_IgQDAG-hFutel_g&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7A19DEE67BE241A5943EDCFDDB79585D
https://um.simpli.fi/g_match?id=

0
320 B

33ms
33ms

Image
text/plain

34.150.170.96
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Protocol

Server

34.150.170.96 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

96.170.150.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Fri, 17 Nov 2023 15:39:10 GMT

Redirect headers

pragma: no-cache
date: Sat, 18 Nov 2023 15:39:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://um.simpli.fi/g_match?id=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.com/pagead/1p-conversion/1026675585/ Frame 158F
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1700321950350&cv=7&fst=1700321950350&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=503273521&cv=7&fst=1700321950350&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=n...
https://www.google.com/pagead/1p-conversion/1026675585/?random=503273521&cv=7&fst=1700321950350&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI5fHy7v...

42 B
455 B

114ms
48ms

Image
image/gif

2607:f8b0:4004:c07::68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/1026675585/?random=503273521&cv=7&fst=1700321950350&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI5fHy7vDNggMV0AZoCB1neAch&is_vtc=1&ocp_id=ntpYZeWqHdCNoPMP5_CdiAI&cid=CAQSKQDICaaNZg33BU6892kMPGjsECTv9OrhThLvpygP1msk6VGq3d3zTHs_&random=4278094487

Protocol

Server

2607:f8b0:4004:c07::68 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://connect.segmint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 15:39:10 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 18 Nov 2023 15:39:10 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.google.com/pagead/1p-conversion/1026675585/?random=503273521&cv=7&fst=1700321950350&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI5fHy7vDNggMV0AZoCB1neAch&is_vtc=1&ocp_id=ntpYZeWqHdCNoPMP5_CdiAI&cid=CAQSKQDICaaNZg33BU6892kMPGjsECTv9OrhThLvpygP1msk6VGq3d3zTHs_&random=4278094487
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CE7OEJRC77UA05OMSG6G&lib=ttq

Domain: www.surveycarrot.com
URL: https://www.surveycarrot.com/js/image_view.js

Domain: js.callrail.com
URL: https://js.callrail.com/group/0/2b7b80f06241081c703b/12/swap_session.json

Domain: p.adsymptotic.com
URL: https://p.adsymptotic.com/d/px/?_pid=16257&_psign=5a9f251662be469b9732c38b03f11952&_redirect=https%3A%2F%2Fpippio.com%2Fapi%2Fsync%3Fpid%3D710202%26it%3D1%26iv%3D%24%7BUUID%7D&_rand=03548031

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

65 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.imcu.com/	1970-01-20 16:19:14	Name: PLAY_SESSION Value: 61c522b509deb39b11b286c8afcb935f26615d4a-v=1
.adnxs.com/	1970-01-20 18:28:17	Name: uuid2 Value: 1064269266825681869
.imcu.com/	1970-01-21 01:54:41	Name: _ga_Q04TV61VH4 Value: GS1.1.1700321948.1.0.1700321948.60.0.0
.imcu.com/	1970-01-20 18:28:17	Name: _gcl_au Value: 1.1.212071980.1700321949
.imcu.com/	1970-01-20 18:28:17	Name: _fbp Value: fb.1.1700321949561.433224565
.imcu.com/	1970-01-21 01:54:41	Name: _ga Value: GA1.2.98233597.1700321949
.imcu.com/	1970-01-20 16:20:08	Name: _gid Value: GA1.2.50734388.1700321950
.segmint.net/	1970-01-21 01:54:41	Name: SegmintId Value: 33caa11e34c2467982d8c9362bcb05af
.imcu.com/	1970-01-20 16:18:42	Name: _gat_UA-101576590-3 Value: 1
.simpli.fi/	1970-01-21 01:05:44	Name: suid Value: 7A19DEE67BE241A5943EDCFDDB79585D
.imcu.com/	1970-01-21 01:04:17	Name: calltrk_referrer Value: direct
.imcu.com/	1970-01-21 01:04:17	Name: calltrk_landing Value: https%3A//www.imcu.com/
.imcu.com/	1970-01-21 01:04:17	Name: calltrk_session_id Value: f3c21c53-59d3-460e-a0bc-5124faf8751b
.imcu.com/	1970-01-21 01:04:17	Name: calltrk_fcid Value: dd61c87d-af39-478f-8c87-4d8475f67ef3
.imcu.com/	1970-01-21 01:54:41	Name: _ga_YV4CDMLBMQ Value: GS1.2.1700321950.1.0.1700321950.0.0.0
.simpli.fi/	1970-01-20 16:28:46	Name: uid_syncd_secure Value: true
.doubleclick.net/	1970-01-21 01:54:41	Name: IDE Value: AHWqTUlLxXzi22yyJwnsbozAu335SD8xYZXIgosIxioHKas1GtIsRgxOYjZAphCKKA0
.adnxs.com/	1970-01-20 18:28:17	Name: anj Value: dTM7k!M4.FE:2jUF']wIg2GVJj_q2?!]tbl8i_jC:lq+Z*:3[eYW7RF]2m_!TL3m(XvjXeQ9].B_c_q5TM`RmOwP!Kb[M8w^y9ZT3PVX23nXm/!0t#lGbJK<
.tapad.com/	1970-01-20 17:45:05	Name: TapAd_TS Value: 1700321950504
.tapad.com/	1970-01-20 17:45:05	Name: TapAd_DID Value: e6f43b94-dee2-4cab-932b-8b1aee56601e
.ads.stickyadstv.com/	1970-01-20 16:20:08	Name: uid-bp-26865 Value: 7A19DEE67BE241A5943EDCFDDB79585D
.intentiq.com/	1970-01-21 01:54:41	Name: IQver Value: 1.9
.pubmatic.com/	1970-01-20 17:01:53	Name: KRTBCOOKIE_148 Value: 19421-uid:7A19DEE67BE241A5943EDCFDDB79585D&KRTB&23486-uid:7A19DEE67BE241A5943EDCFDDB79585D&KRTB&23489-uid:7A19DEE67BE241A5943EDCFDDB79585D&KRTB&23539-uid:7A19DEE67BE241A5943EDCFDDB79585D
.pubmatic.com/	1970-01-20 17:01:53	Name: PugT Value: 1700321949
.intentiq.com/	1970-01-21 01:54:41	Name: intentIQ Value: 9mCowxeomW
.ads.stickyadstv.com/	1970-01-20 17:01:53	Name: UID Value: 26d556d45aedc0bb1fc49cc3b6c32134
.rlcdn.com/	1970-01-21 01:04:17	Name: rlas3 Value: e1GvHuv1pALtG4EQ/GA86+J4MAaf6shf44w0DUdLFgo=
.1rx.io/	1970-01-21 01:04:17	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-7f59a218-9230-46b3-b127-e5c5cef621da-005%22%7D
.tapad.com/	1970-01-20 17:45:05	Name: TapAd_3WAY_SYNCS Value:
.smaato.net/	1970-01-20 16:48:56	Name: SCM Value: cfb443f2e2
.smaato.net/	1970-01-20 16:48:56	Name: SCMv Value: cfb443f2e2
.smaato.net/	1970-01-20 16:48:56	Name: SCM1001136 Value: cfb443f2e2
.yahoo.com/	1970-01-21 01:04:39	Name: A3 Value: d=AQABBJ7aWGUCEIBbx1UKVtY4vn8DbQ_V5v4FEgEBAQEsWmViZdxS0iMA_eMAAA&S=AQAAAiXtCPJdBYBoh7MnkvIXsf4
.3lift.com/	1970-01-20 18:28:17	Name: tluid Value: 749748872012984606137
.openx.net/	1970-01-21 01:04:17	Name: i Value: ea156116-345e-4e31-9151-ec3bfa11f322\|1700321950
.lijit.com/	1970-01-21 01:04:17	Name: _ljtrtb_2 Value: 7A19DEE67BE241A5943EDCFDDB79585D
.rlcdn.com/	1970-01-20 17:45:05	Name: pxrc Value: CJ6146oGEgUI6AcQABIFCOhHEAASBgi46wEQAA==
.lijit.com/	1970-01-21 01:04:17	Name: ljt_reader Value: HrXLiQZHfNx824prRySnmfW4
.crwdcntrl.net/	1970-01-20 22:47:28	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 22:47:28	Name: _cc_id Value: 1d713b0768f37ce29d2c323a1edb755b
.bluekai.com/	1970-01-20 20:40:46	Name: bkpa Value: KJy9nyexd02pSUHknp/8mE1hwtkAwE5O1EkWHDDtB6Ja1MxhxED8BeBaHWBsHWHYBpANmePW9y9LoyFG
.intentiq.com/	1970-01-21 01:54:41	Name: CSDT Value: UEQ6MTAwNDNfMCZUdnliY2wx
.intentiq.com/	1970-01-21 01:54:41	Name: ASDT Value: 0
.intentiq.com/	1970-01-21 01:54:41	Name: intentIQCDate Value: 1700321950642
.intentiq.com/	1970-01-21 01:54:41	Name: IQPData Value: 1611266339#1700321950639#0#1700321950639
.bluekai.com/	1970-01-20 20:40:46	Name: bku Value: blx99JfSVsVLw3Lr
.bfmio.com/	1970-01-21 01:04:17	Name: __141_cid Value: 7A19DEE67BE241A5943EDCFDDB79585D
.bfmio.com/	1970-01-21 01:04:17	Name: __io_cid Value: 0bf3ced385c5a8e38ca7e61a67a332ebf607833c
.rubiconproject.com/	1970-01-21 01:04:17	Name: khaos Value: LP47SDS2-25-BBVR
.rubiconproject.com/	1970-01-21 01:04:17	Name: audit Value: 1\|G0caGGDqZ0wsv1AEwHyt9Mh7rPixMpc+Ux+YNSsp8+Phj9K5Ghav9TJj4kU66pes4wW6gaNWIpkwHTRO1/p4iGfsp8ABdinMMf+s+oisr/4vWQxfhEZGUUAexola9NojJZW7Rk6yMEisU3BcDJq8RqAvV7tZh6Vydeodiyl5GGjz2vDHqR/c6KfkLNxlFhbb
.pippio.com/	1970-01-21 01:04:17	Name: did Value: YA_U8NXhEPVDEXMg
.pippio.com/	1970-01-21 01:04:17	Name: didts Value: 1700321950
.pippio.com/	1970-01-20 17:45:05	Name: nnls Value:
.lkqd.net/	1970-01-21 01:04:17	Name: lkqdidts Value: 1700321950
.lkqd.net/	1970-01-21 01:04:17	Name: sr109 Value: 1\|cfb443f2e2\|1700321950
.lkqd.net/	1970-01-21 01:04:17	Name: lkqdid Value: KV6qLLK6AxE
.agkn.com/	1970-01-21 01:04:17	Name: u Value: C\|0AAAAAAAALOuXHgAAAAAA
.agkn.com/	1970-01-21 01:04:17	Name: ab Value: 0001%3AvPtSrMfVcIX5deRZXCaIdbJCdB5FNBnD
.exelator.com/	1970-01-20 19:11:29	Name: EE Value: "9f0b7fd0b661e531c540e5657c006914"
.pro-market.net/	1970-01-20 17:01:53	Name: anHistory Value: "1jz6pgs20sh3f+2+!$7%/%Z#_`-7')%Z#_`-"
.targeting.unrulymedia.com/	1970-01-21 01:04:17	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-7f59a218-9230-46b3-b127-e5c5cef621da-005%22%7D
.pippio.com/	1970-01-20 17:45:05	Name: pxrc Value: CJ6146oGEgQIAhAAEgYI36wrEAA=
.exelator.com/	1970-01-20 19:11:29	Name: ud Value: "eJxrXxzq6XKLQcEyzSDJPC3FIMnMzDDV1Ngw2dTEINXUzNQ82cDAzNLQZHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQckl%252BUWb6otDgxUUpaQyLSopPBR%252F92A0Ae00qZg%253D%253D"
.analytics.yahoo.com/	1970-01-21 01:04:17	Name: IDSYNC Value: "176k~2f4f:19ba~2f4f"
.pro-market.net/	1970-01-20 20:37:53	Name: anProfile Value: "1jz6pgs20sh3f+1+1f=1+1g=1+1j=57:1+rs=s+rt=2602FFC8000201040000000000000017+s2=(s4bsta)+vm=24-7A19DEE67BE241A5943EDCFDDB79585D:81-y-FabFtFtE2pSrdkzIlJLIKt6hY1TSgT9gUjU-%7EA"

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-Q04TV61VH4(Line 201) Message: Refused to connect to 'https://analytics.google.com/g/collect?v=2&tid=G-Q04TV61VH4&gtm=45je3b81v9123591144&_p=1700321948368&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=98233597.1700321949&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700321948&sct=1&seg=0&dl=https%3A%2F%2Fwww.imcu.com%2F&dt=Indiana%20Members%20Credit%20Union%3A%20Keeping%20It%20Simple&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=900' because it violates the following Content Security Policy directive: "connect-src 'self' crownpeak.net .crownpeak.net https://.agentiq.co wss://.agentiq.co https://api.cobrowse.io wss://.cobrowse.io https://cobrowse.io .google-analytics.com .g.doubleclick.net .gannettdigital.com .rlets.com .reachlocalservices.com .facebook.net .rlcdn.com .gannettdigital.com .facebook.com .simpli.fi .googleservices.com .doubleclick.net .googleapis.com .segmint.net *.banno.com https://banno.com https://s3.amazonaws.com".
security	error	(Line 1) Message: Refused to load the script 'https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CE7OEJRC77UA05OMSG6G&lib=ttq' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' https://imcuonline-cloud.lending360.com https://app.imcu.com .google-analytics.com .googletagmanager.com .googleadservices.com .googleapis.com banno.com .banno.com crownpeak.com .crownpeak.com https://.agentiq.co .cobrowse.io .rlets.com .adnxs.com .facebook.net .cloudfront.net .callrail.com .baconpay.com .rlets.com .reachlocalservices.com .facebook.net .rlcdn.com .gannettdigital.com .facebook.com .simpli.fi .googleservices.com .doubleclick.net https://www.google.com/recaptcha/api.js .gstatic.com .segmint.net birdeye.com .birdeye.com *.banno.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.imcu.com/ Message: Refused to load the script 'https://www.surveycarrot.com/js/image_view.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' https://imcuonline-cloud.lending360.com https://app.imcu.com .google-analytics.com .googletagmanager.com .googleadservices.com .googleapis.com banno.com .banno.com crownpeak.com .crownpeak.com https://.agentiq.co .cobrowse.io .rlets.com .adnxs.com .facebook.net .cloudfront.net .callrail.com .baconpay.com .rlets.com .reachlocalservices.com .facebook.net .rlcdn.com .gannettdigital.com .facebook.com .simpli.fi .googleservices.com .doubleclick.net https://www.google.com/recaptcha/api.js .gstatic.com .segmint.net birdeye.com .birdeye.com *.banno.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://cdn.callrail.com/companies/903706234/2b7b80f06241081c703b/12/swap.js Message: Refused to connect to 'https://js.callrail.com/group/0/2b7b80f06241081c703b/12/swap_session.json' because it violates the following Content Security Policy directive: "connect-src 'self' crownpeak.net .crownpeak.net https://.agentiq.co wss://.agentiq.co https://api.cobrowse.io wss://.cobrowse.io https://cobrowse.io .google-analytics.com .g.doubleclick.net .gannettdigital.com .rlets.com .reachlocalservices.com .facebook.net .rlcdn.com .gannettdigital.com .facebook.com .simpli.fi .googleservices.com .doubleclick.net .googleapis.com .segmint.net *.banno.com https://banno.com https://s3.amazonaws.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' crownpeak.net .crownpeak.net https://.agentiq.co wss://.agentiq.co https://api.cobrowse.io wss://.cobrowse.io https://cobrowse.io .google-analytics.com .g.doubleclick.net .gannettdigital.com .rlets.com .reachlocalservices.com .facebook.net .rlcdn.com .gannettdigital.com .facebook.com .simpli.fi .googleservices.com .doubleclick.net .googleapis.com .segmint.net .banno.com https://banno.com https://s3.amazonaws.com; font-src 'self' 'unsafe-inline' .googleapis.com .gstatic.com; frame-ancestors 'self' https://.agentiq.co https://chat-service.imcu.agentiq.co; frame-src 'self' https://app.imcu.com https://.imcu.com .youtube.com .google.com .vimeo.com https://.agentiq.co https://cobrowse.io .fls.doubleclick.net .baconpay.com .optimalblue.com .rlets.com .reachlocalservices.com .facebook.net .rlcdn.com .gannettdigital.com .facebook.com .simpli.fi .googleservices.com .doubleclick.net .segmint.net birdeye.com .birdeye.com; img-src 'self' https://imcuonline-cloud.lending360.com https://agentiq-imcu-assets.s3.amazonaws.com .google-analytics.com .googletagmanager.com banno.com .banno.com .googleapis.com .gstatic.com .facebook.com .rlets.com .reachlocalservices.com .facebook.net .rlcdn.com .gannettdigital.com .facebook.com .simpli.fi .googleservices.com .doubleclick.net .segmint.net data: .banno.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://imcuonline-cloud.lending360.com https://app.imcu.com .google-analytics.com .googletagmanager.com .googleadservices.com .googleapis.com banno.com .banno.com crownpeak.com .crownpeak.com https://.agentiq.co .cobrowse.io .rlets.com .adnxs.com .facebook.net .cloudfront.net .callrail.com .baconpay.com .rlets.com .reachlocalservices.com .facebook.net .rlcdn.com .gannettdigital.com .facebook.com .simpli.fi .googleservices.com .doubleclick.net https://www.google.com/recaptcha/api.js .gstatic.com .segmint.net birdeye.com .birdeye.com .banno.com; style-src 'self' 'unsafe-inline' .googleapis.com https://chat-service.imcu.agentiq.co
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8136673.fls.doubleclick.net
8242951.fls.doubleclick.net
aa.agkn.com
ads.stickyadstv.com
adservice.google.com
agentiq-imcu-assets.s3.amazonaws.com
analytics.tiktok.com
banno.com
bcp.crwdcntrl.net
birdeye.com
cdn.callrail.com
cdn.rlets.com
cdn.segmint.net
ce.lijit.com
chat-service.imcu.agentiq.co
chat.agentiq.co
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
connect.segmint.net
cs.lkqd.net
d.agkn.com
ddjkm7nmu27lx.cloudfront.net
dxussota4xxo7.cloudfront.net
eb2.3lift.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
js.callrail.com
liqadprdct-capture-prod-east.gannettdigital.com
loadm.exelator.com
maprtb.segmint.net
p.adsymptotic.com
pbid.pro-market.net
pixel.rubiconproject.com
pixel.tapad.com
s.ad.smaato.net
secure.adnxs.com
simplifi.partners.tremorhub.com
stags.bluekai.com
stats.g.doubleclick.net
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
sync.targeting.unrulymedia.com
sync1.intentiq.com
tag.simpli.fi
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
widgets-v7.birdeye.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.imcu.com
www.surveycarrot.com
analytics.tiktok.com
js.callrail.com
p.adsymptotic.com
www.surveycarrot.com
13.225.195.89
13.249.39.128
142.251.16.149
142.251.163.155
172.253.115.156
199.127.204.171
20.118.17.184
2001:4860:4802:32::178
23.220.120.241
2600:1901:0:8eee::
2600:1f18:612b:4216:d296:b4ab:44c7:4070
2600:9000:215f:4200:19:fc2c:a140:93a1
2600:9000:21a2:1000:15:4bf9:2dc0:21
2600:9000:2209:4200:1b:6b7d:2300:93a1
2600:9000:2305:400:6:9a19:88c0:93a1
2600:9000:2305:5600:1b:5138:8a40:93a1
2607:f8b0:4004:c06::61
2607:f8b0:4004:c07::68
2607:f8b0:4004:c08::5e
2607:f8b0:4004:c08::9a
2607:f8b0:4004:c08::9b
2607:f8b0:4004:c1b::5f
2a03:2880:f035:1a:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
3.161.213.20
3.162.93.82
3.232.252.94
3.5.29.142
34.111.113.62
34.150.170.96
34.200.65.202
34.205.164.221
34.236.173.204
34.75.237.118
34.86.70.109
34.98.64.218
35.244.154.8
44.238.141.43
52.189.67.130
52.2.62.184
52.223.22.214
52.45.67.236
54.156.136.130
54.177.116.16
54.215.170.252
63.251.28.133
63.251.86.50
68.67.161.182
69.173.151.100
69.20.43.192
8.28.7.83
99.84.108.85
0173900051eca3e73d1ff9febfe462216ec16101ca2020cf2e296cf03804861f
043cc930881f6a402e33c1edb1cbdd67b5604900d08b847b57041a57a380ee5a
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
05c0571b3ac8a93c190f84cbf95e00d67bd0839a277c29fb2d750d54c987990d
0aa49cded6c89343a514ac6a5bdf368cc49b43193c968852fa56a9b82e25cb32
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0d7499ba0c92fd337043c52c7d71c69a1181983270100ff83ca107e540a9444e
143e78d0fc535e02e2c719c0a29f9a6e2ac00959a552de99a3d62fb36b1e3cbf
173dd338673eb7e21df3c0ff3a86e0f1f752bf33468b01d1d89d09ac39e64132
1771a218aed647200de0deda659d6ac94a25729b4e9cf7f78e2efa1c52b90b22
18593949479827e48e87e970d17923131b0812675f4f13cf58a8b1d6bcf8234c
19003bda0af25def358e5f521924bc2658b65dc47ca722fbba68684516a3ec48
1c49de92a9d2aaf888a160f19745676220c659e62ed547f62a87f115e319d3e1
1ec4fbec6b02a439bad4ece44d16811ebe29e374da31c611ab1218220e5a1d04
203fc1a4d3e07fd93d7afc29b41aa5e720343f8a126e446ceed930ec2746029d
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
27f3557cf2b2a8e9ad2ca51eb3f3bf784a03e9dd4e149b50122179492480baaa
2950b48f9b87db4589b282a759df682217f78541eca4c7d38329d8182fa2fbd7
29c0460945112db52539b1f8123ef386a79721884db9d5e06697ebaa2ac6ecfa
2b566131a0f1a46661391af4a259ae22d79a47bd8754c86f156c33d0ea684435
2b7d3452288cef3342b8db2e74bd7320026c6dc8cd07d6b9568e0d4ddcfdac43
2d1d436c3b4ab349ba84c9aaa450f895a59ba21cd57955429cbe8ccd7ce56ee6
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
32b22d2da0448a339ab64e56f8502a00c34a301cff780cf1000bf30eee8f534e
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
36435716fe9f709ba9ff30672d5812734a31f2a82e53161f9e3793a0956af652
3ba6c0fb90f1168c88deeb5a2ea1117bf88c214888f2a84c5a1dda96d0f9ce75
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
44de8d3c22224f052fa98c400574244686f2d34237b15f280ca46864bf3fb641
46b1f1cb2341d81a988bb35b370ee6b4aaad6a2897c9134fe655d6e02404f2c8
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5d509d9115052160a71214c89b2e7b37b696eae658d3a3d6fbc6dc35bff295a8
5d6c3b2fc4bc70d3f833e12d18f67e54ba75324c8700a7d74249e410ce95920a
6356bd985255864febb0109cc39be0305ef662ec3c406cc199f7c595d57d1fb2
63fd15be26a1aa843ba677f3013c0d0af56bd78e12e71dd8497bafd87baf47ec
6c66c5eb9ab098979bb75d6f8b7a9f562e42c9439a98b16e5012b96c8919cf61
6c6a03ff6652de29b2cc7597dcc5754ba2cd0c946392859d88f5256a8cfaeca2
6da3c49e01d71fe6ad6c731dd3352fb5b43114024a7a53e6a0692657b1c63dd1
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
72c6a1c05aa9c813cc6db519f9464e4d67478d3c46429251ac5d3fde75fcef1d
79e088ee3377eda0f358623fc79ab1a06ce8bd1558f0788f84e43d05bb8dfcdc
88b7b60abfbcd15997d22d2839830aa4593142a21fc2b7be01f6896ac3d27310
8955274567e7fe987a9de393cf379bb4c3d4fa37e124414f5f2385d6c1e9e770
8ba33bd694c9294a4d95b380a23e2b66c20f385862fdc30ae109e45485dcdaaa
8ce8ceb4e04054456507d2fb780e5b8188be2a752f75caf380845205444398e0
8d4e19d4fbff09f97d19c07963009c1e4cda8e37c4e34150fee1888f49033431
8d5d3f4a44a4e9c6ea8f6c84f8dcc1fd7a31ad4c07df78b237c41c4d7fc10ecb
8ee5ce60cbae1e58b5e55b571efe515a0e418f5e3967484ccec19ce9dfe59b2f
91db5317414cb41f684846ada251e11a6926ba2860a702cee2287e98b70c5dfb
998b51877fdfbebabc2efe3ffc8ad41ca771915258bcd5169d623032ccacbf1c
99c4e063fef9de92f780394db21c614a35cc62deea02801aa45df58b6f686be9
9d9e8457110d2ca22a907b4e96bcba6be1d71d5170631b6ec4df967ec2a9f5e5
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3b8f422d16861fae92e93ccd283bc85c68217193c4aaeed2059fa8f9290c7b3
a5b94a48260f3b7d6b48c4f1a0516a1d3d7bc3e466e4e22b6440348fe46140b0
a865230456a516d0d8adf08bd311599806c70bbd7b5637c696cfbfb3cf747387
ac3b923602f3dfae76ac778b79523b1281f9aedfda9e872cc0301a5568fd15d9
af30c3ef9424b043e3d6d4db4b8573ec041dcad36330cacef75b8094807d9465
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b40ca771601612c31b766c4d2832765849d664971039722319cbd79f9fe15058
b55d22025050b8cf5c5b095cc4507098c1250fcac5f62c668b9d01880e2f9564
b5e5860634bdd32e8c252820ec604974db116b506451fa7b4c2511d200547ade
b837a0ca4ec882cc1e651e363063f5fc19bf8012d064d0eac49f93f31523ce38
b9067cbeb9d1f73d6d399fe3336d85ebfd394f52e5aa1ad843391c420dfe97d6
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb520d834b4b8107e8cd589e6fb93cf0fd70c6282bc711c597978eb1598fa40c
bbf8730ba2b44b5e4a111ccee80bd8dd9cbbd2d61395e7155ecd5c7a36aa0922
bbf9daa5df73b674be7b8b59c6ed2fcd65cf44e7f4e8d050f90fa2362d394004
c36ee346b92890d2894b82e85526775efb3644c73834b6b86e77d2be8174af6b
c59f3ba94e761497a4b1e94125a40d4363b28c55b24003bdb73243660499905d
c7094491ea71a66e3154aa305ab7d97a543cb8fba7f7ff2319df08defc77c725
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
ce2d1625d64cf99434862d35e765ab587e571cef399186313aba59dfa55bc5d2
ce3783d4091c989beac6560ce4ba0032d52339854010ac19358dfb702f226167
ce5e749ecdf9d387534d9de8b09f5740278e5eba5c24c8f978a1c88ca2eaae5e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff88ecc4da0fe4641c1d4ce57313b1801118b59426c09b1f9d7392ef33a5874
d2742b17a200523a46f49b6f1242f3b7e752b6bc7f371536afe845e5254f0ec8
d31312e09389da45f7740c6c973c7d66cc9f9d501b67d07c0e3992bef2d233e7
d5e4168c549beeeb7946e688c11e8ebec9ae7d2d53fd20a1992660551b7b3668
d8303ffbf48b58f448e60a347abd105d8d1e6d81fff60c3c3b62a55dadac686c
d858813ec73f7f3a68240ddf430f965287e2d1c33e7136c9730574f0c8603976
d87970bf467a996cd954b95004295ec93a16448c279a91a9057e7d1c1aa9349c
db972d0ea962e919605b331dfa106ef79ae41ca29aebb325eb88f57b608f97a4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd58778debfd57758aa554e7feab13af49b532da094899e49d3ead894f7a3bfb
de22750f89cea82841b7b6ead68d8cc193db8fa0c8f3592abdd7cebd250e751c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
de6d3acda35868aa8267832d374bf405a7618d5ff507d6648429dd510bd6b25d
deba2226480a94e33c151e7e6ba92e52520aea9d060976831c23289d6fbb3394
df74b077c5ba3d5821e8f57eebf409f91da9ade0b6e1c946ddce475daca051f9
dfff06cba861f460a8e1fad3e324f973acb4879d52140d5b296d990463325837
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62bdb1248c7e4d856eb804738ef310e28d3d8b4a9ef40bccb0a5059a61313d7
e63a6b5008fdcd33d835ed9d11e4fa939639220adc592f0dc3e0537935366325
e8340af2c2dc38ad3de763776e43ff7974757e11e5eb8cc10d6e75f16882ce9f
e862c691893c4c35b8c83bf72079bcda4b2223096980fa54dba8e346c4b944a5
ee812a922fafe6ac67e8a6b135e812e58b24030def1850886bb862060817ce9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5df67e620930892df72a02097cd31909aea56ea0501dbe12f09a9a2f3f88731
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fe03463c16e34490f3ea189edc669bc48d45eacbeadfa2411f712697ff798ad1

www.imcu.com Open in urlscan Pro 20.118.17.184 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

167 Requests

69 %HTTPS

31 %IPv6

45 Domains

63 Subdomains

46 IPs

2 Countries

7939 kBTransfer

9618 kBSize

65 Cookies

19 Outgoing links

Redirected requests

167 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.imcu.com Open in urlscan Pro
20.118.17.184 Public Scan

Screenshot
Live screenshot

Full Image

167
Requests

69 %
HTTPS

31 %
IPv6

45
Domains

63
Subdomains

46
IPs

2
Countries

7939 kB
Transfer

9618 kB
Size

65
Cookies

167 HTTP transactions
0 data transactions