URL: https://www.imcu.com/
Submission: On November 18 via api from US — Scanned from US

Summary

This website contacted 46 IPs in 2 countries across 45 domains to perform 167 HTTP transactions. The main IP is 20.118.17.184, located in Des Moines, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.imcu.com. The Cisco Umbrella rank of the primary domain is 527663.
TLS certificate: Issued by GeoTrust EV RSA CA G2 on April 13th 2023. Valid for: a year.
This is the only time www.imcu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
51 20.118.17.184 8075 (MICROSOFT...)
7 3.161.213.20 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:230... 16509 (AMAZON-02)
1 5 68.67.161.182 29990 (ASN-APPNEX)
3 52.189.67.130 8075 (MICROSOFT...)
1 3.232.252.94 14618 (AMAZON-AES)
1 1 54.177.116.16 16509 (AMAZON-02)
15 54.215.170.252 16509 (AMAZON-02)
2 34.75.237.118 396982 (GOOGLE-CL...)
2 3 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:21a... 16509 (AMAZON-02)
1 34.205.164.221 14618 (AMAZON-AES)
2 2a03:2880:f03... 32934 (FACEBOOK)
1 3.5.29.142 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
1 3.162.93.82 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2a03:2880:f10... 32934 (FACEBOOK)
7 52.45.67.236 14618 (AMAZON-AES)
3 2001:4860:480... 15169 (GOOGLE)
2 99.84.108.85 16509 (AMAZON-02)
2 4 142.251.16.149 15169 (GOOGLE)
45 51 34.150.170.96 396982 (GOOGLE-CL...)
2 54.156.136.130 14618 (AMAZON-AES)
4 34.86.70.109 396982 (GOOGLE-CL...)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2 2600:9000:230... 16509 (AMAZON-02)
2 69.20.43.192 27357 (RACKSPACE)
4 6 199.127.204.171 26120 (RHYTHMONE)
2 4 52.223.22.214 16509 (AMAZON-02)
2 2600:1f18:612... 14618 (AMAZON-AES)
2 4 34.111.113.62 396982 (GOOGLE-CL...)
2 2 13.249.39.128 16509 (AMAZON-02)
2 2 2600:9000:215... 16509 (AMAZON-02)
2 2 2600:9000:220... 16509 (AMAZON-02)
2 13.225.195.89 16509 (AMAZON-02)
2 8.28.7.83 62713 (AS-PUBMATIC)
2 63.251.28.133 26558 (FREEWHEEL)
4 5 2600:1901:0:8... 396982 (GOOGLE-CL...)
4 6 34.200.65.202 14618 (AMAZON-AES)
1 3 44.238.141.43 16509 (AMAZON-02)
2 52.2.62.184 14618 (AMAZON-AES)
2 23.220.120.241 16625 (AKAMAI-AS)
2 4 34.236.173.204 14618 (AMAZON-AES)
2 4 63.251.86.50 32475 (SINGLEHOP...)
2 4 35.244.154.8 15169 (GOOGLE)
3 5 34.98.64.218 396982 (GOOGLE-CL...)
2 2 172.253.115.156 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 69.173.151.100 26667 (RUBICONPR...)
4 4 142.251.163.155 15169 (GOOGLE)
167 46
Apex Domain
Subdomains
Transfer
55 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 795
tag.simpli.fi — Cisco Umbrella Rank: 4323
i.simpli.fi — Cisco Umbrella Rank: 3693
25 KB
51 imcu.com
www.imcu.com — Cisco Umbrella Rank: 527663
7 MB
16 birdeye.com
birdeye.com — Cisco Umbrella Rank: 44484
widgets-v7.birdeye.com — Cisco Umbrella Rank: 121856
103 KB
16 segmint.net
cdn.segmint.net — Cisco Umbrella Rank: 40766
connect.segmint.net — Cisco Umbrella Rank: 46207
maprtb.segmint.net — Cisco Umbrella Rank: 68426
595 KB
11 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
8136673.fls.doubleclick.net — Cisco Umbrella Rank: 794942
8242951.fls.doubleclick.net — Cisco Umbrella Rank: 785303
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
4 KB
6 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1460
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
996 B
5 openx.net
us-u.openx.net — Cisco Umbrella Rank: 522
805 B
5 pro-market.net
fei.pro-market.net — Cisco Umbrella Rank: 2436
pbid.pro-market.net — Cisco Umbrella Rank: 7860
2 KB
5 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 495
ib.adnxs.com — Cisco Umbrella Rank: 246
4 KB
4 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 415
982 B
4 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 882
2 KB
4 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 887
1 KB
4 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 886
sync1.intentiq.com — Cisco Umbrella Rank: 2801
3 KB
4 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 560
d.agkn.com — Cisco Umbrella Rank: 755
2 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 487
2 KB
4 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 417
1 KB
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 567
2 KB
4 google.com
adservice.google.com — Cisco Umbrella Rank: 105
www.google.com — Cisco Umbrella Rank: 2
1 KB
3 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 1743
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
3 banno.com
banno.com — Cisco Umbrella Rank: 27652
12 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
251 KB
2 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 376
2 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145
796 B
2 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 921
890 B
2 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1749
842 B
2 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 566
1 KB
2 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 924
959 B
2 tremorhub.com
simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 6321
349 B
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268
904 B
2 lkqd.net
cs.lkqd.net — Cisco Umbrella Rank: 2401
1 KB
2 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 716
1 KB
2 callrail.com
cdn.callrail.com — Cisco Umbrella Rank: 9208
js.callrail.com — Cisco Umbrella Rank: 10472
18 KB
2 gstatic.com
fonts.gstatic.com
32 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
87 KB
2 cloudfront.net
dxussota4xxo7.cloudfront.net
ddjkm7nmu27lx.cloudfront.net
33 KB
2 gannettdigital.com
liqadprdct-capture-prod-east.gannettdigital.com — Cisco Umbrella Rank: 23731
783 B
2 agentiq.co
chat.agentiq.co — Cisco Umbrella Rank: 202656
chat-service.imcu.agentiq.co — Cisco Umbrella Rank: 816104
49 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
185 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
1 KB
1 amazonaws.com
agentiq-imcu-assets.s3.amazonaws.com
1 KB
1 rlets.com
cdn.rlets.com — Cisco Umbrella Rank: 15282
2 KB
0 adsymptotic.com Failed
p.adsymptotic.com Failed
0 surveycarrot.com Failed
www.surveycarrot.com Failed
0 tiktok.com Failed
analytics.tiktok.com Failed
167 45
Domain Requested by
51 um.simpli.fi 45 redirects tag.simpli.fi
51 www.imcu.com www.imcu.com
15 widgets-v7.birdeye.com www.imcu.com
birdeye.com
widgets-v7.birdeye.com
7 connect.segmint.net cdn.segmint.net
7 cdn.segmint.net www.imcu.com
cdn.segmint.net
5 us-u.openx.net 3 redirects
5 ups.analytics.yahoo.com 3 redirects
4 cm.g.doubleclick.net 4 redirects
4 idsync.rlcdn.com 2 redirects
4 ce.lijit.com 2 redirects
4 bcp.crwdcntrl.net 2 redirects
4 fei.pro-market.net 4 redirects
4 pixel.tapad.com 2 redirects
4 eb2.3lift.com 2 redirects
4 sync.1rx.io 4 redirects
3 loadm.exelator.com 1 redirects
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 banno.com www.imcu.com
banno.com
3 secure.adnxs.com 1 redirects www.imcu.com
3 www.googletagmanager.com www.imcu.com
www.google-analytics.com
2 pixel.rubiconproject.com
2 ib.adnxs.com
2 www.google.com
2 googleads.g.doubleclick.net 2 redirects
2 www.googleadservices.com 2 redirects
2 stags.bluekai.com
2 sync.bfmio.com
2 ads.stickyadstv.com
2 image2.pubmatic.com
2 sync1.intentiq.com
2 sync.intentiq.com 2 redirects
2 d.agkn.com 2 redirects
2 aa.agkn.com 2 redirects
2 simplifi.partners.tremorhub.com
2 sync.targeting.unrulymedia.com
2 cs.lkqd.net
2 s.ad.smaato.net 2 redirects
2 i.simpli.fi tag.simpli.fi
2 adservice.google.com 8136673.fls.doubleclick.net
8242951.fls.doubleclick.net
2 tag.simpli.fi connect.segmint.net
2 maprtb.segmint.net connect.segmint.net
2 8242951.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 8136673.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 fonts.gstatic.com fonts.googleapis.com
2 connect.facebook.net www.imcu.com
connect.facebook.net
2 liqadprdct-capture-prod-east.gannettdigital.com cdn.rlets.com
1 pbid.pro-market.net
1 cms.analytics.yahoo.com 1 redirects
1 js.callrail.com cdn.callrail.com
1 cdn.callrail.com www.googletagmanager.com
1 www.facebook.com www.imcu.com
1 ddjkm7nmu27lx.cloudfront.net widgets-v7.birdeye.com
1 fonts.googleapis.com widgets-v7.birdeye.com
1 agentiq-imcu-assets.s3.amazonaws.com chat-service.imcu.agentiq.co
1 chat-service.imcu.agentiq.co chat.agentiq.co
1 dxussota4xxo7.cloudfront.net www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 birdeye.com 1 redirects
1 chat.agentiq.co www.imcu.com
1 cdn.rlets.com www.imcu.com
0 p.adsymptotic.com Failed
0 www.surveycarrot.com Failed www.imcu.com
0 analytics.tiktok.com Failed www.imcu.com
167 63
Subject Issuer Validity Valid
www.imcu.com
GeoTrust EV RSA CA G2
2023-04-13 -
2024-04-15
a year crt.sh
*.segmint.net
Amazon RSA 2048 M03
2023-11-01 -
2024-11-30
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.rlets.com
Amazon RSA 2048 M03
2023-10-31 -
2024-11-27
a year crt.sh
*.banno.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1
2022-12-30 -
2024-01-06
a year crt.sh
*.agentiq.co
Amazon RSA 2048 M01
2023-07-29 -
2024-08-26
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
*.gannettdigital.com
R3
2023-10-09 -
2024-01-07
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2023-10-10 -
2024-09-19
a year crt.sh
*.imcu.agentiq.co
Amazon RSA 2048 M01
2023-04-10 -
2024-05-09
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-08-27 -
2023-11-25
3 months crt.sh
*.birdeye.com
Go Daddy Secure Certificate Authority - G2
2023-09-17 -
2024-10-18
a year crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01
2023-10-10 -
2024-07-03
9 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
swappy.callrail.com
Amazon RSA 2048 M02
2023-07-11 -
2024-08-08
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-11-07 -
2024-12-07
a year crt.sh
*.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh

This page contains 8 frames:

Primary Page: https://www.imcu.com/
Frame ID: 3A41A05845E64793EB68ADEF0E5C1F01
Requests: 86 HTTP requests in this frame

Frame: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
Frame ID: D8CD8EAA1E33CA61FE34678C74BA37C5
Requests: 18 HTTP requests in this frame

Frame: https://connect.segmint.net/iframe/doughnut/en1Er9rn5M
Frame ID: 158F0971E2DDE989B9EBB1570A407AC4
Requests: 27 HTTP requests in this frame

Frame: https://8136673.fls.doubleclick.net/activityi;dc_pre=CPDA2u7wzYIDFX4DTwgdcnoHHQ;src=8136673;type=pagehit;cat=imcu-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9879383442839.389
Frame ID: C90FF8D99FE0125BEE184C64E894CB02
Requests: 1 HTTP requests in this frame

Frame: https://8242951.fls.doubleclick.net/activityi;dc_pre=CP7U2u7wzYIDFb6h0QQdAyoB-Q;src=8242951;type=pagehit;cat=aimcu006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5781155486274.194
Frame ID: 141362953349E48A668B4639F2C5DC36
Requests: 1 HTTP requests in this frame

Frame: https://connect.segmint.net/iframe/doughnut/en1Er9rn5M
Frame ID: 7E08655CE6F1A62F43370A5A0278961F
Requests: 27 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CPDA2u7wzYIDFX4DTwgdcnoHHQ;src=8136673;type=pagehit;cat=imcu-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9879383442839.389;~oref=https://www.imcu.com/
Frame ID: 4F9E943FE809F0756A8D75E0B3487D03
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CP7U2u7wzYIDFb6h0QQdAyoB-Q;src=8242951;type=pagehit;cat=aimcu006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5781155486274.194;~oref=https://www.imcu.com/
Frame ID: 6CB8F7778110EE8E3509614A30693244
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Indiana Members Credit Union: Keeping It Simple

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • birdeye\.com

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

167
Requests

69 %
HTTPS

31 %
IPv6

45
Domains

63
Subdomains

46
IPs

2
Countries

7939 kB
Transfer

9618 kB
Size

65
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://secure.adnxs.com/seg?add=18206467&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D18206467%26t%3D1
Request Chain 33
  • https://birdeye.com/embed/v7/168150068519072/8/1234568071 HTTP 302
  • https://widgets-v7.birdeye.com/api/embed/v7/168150068519072/8/1234568071
Request Chain 101
  • https://8136673.fls.doubleclick.net/activityi;src=8136673;type=pagehit;cat=imcu-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9879383442839.389 HTTP 302
  • https://8136673.fls.doubleclick.net/activityi;dc_pre=CPDA2u7wzYIDFX4DTwgdcnoHHQ;src=8136673;type=pagehit;cat=imcu-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9879383442839.389
Request Chain 102
  • https://8242951.fls.doubleclick.net/activityi;src=8242951;type=pagehit;cat=aimcu006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5781155486274.194 HTTP 302
  • https://8242951.fls.doubleclick.net/activityi;dc_pre=CP7U2u7wzYIDFb6h0QQdAyoB-Q;src=8242951;type=pagehit;cat=aimcu006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5781155486274.194
Request Chain 103
  • https://um.simpli.fi/segmint HTTP 302
  • https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=B1739CCFBA16476C9850EF0653F2DD2B
Request Chain 109
  • https://um.simpli.fi/segmint HTTP 302
  • https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=AD11BC8ED322443E8F37718276809B76
Request Chain 120
  • https://um.simpli.fi/smaato HTTP 302
  • https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=7A19DEE67BE241A5943EDCFDDB79585D HTTP 302
  • https://cs.lkqd.net/cs?partnerId=109&partnerUserId=6643b14a89&gdpr=0&gdpr_consent=
Request Chain 121
  • https://um.simpli.fi/nexxen HTTP 302
  • https://sync.1rx.io/usersync/simplifi/7A19DEE67BE241A5943EDCFDDB79585D HTTP 302
  • https://sync.1rx.io/usersync/simplifi/7A19DEE67BE241A5943EDCFDDB79585D?zcc=1&cb=1700321950523 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-506e20de-f929-4192-b618-3434c841a280-005
Request Chain 122
  • https://um.simpli.fi/triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=7969&xuid=7A19DEE67BE241A5943EDCFDDB79585D&dongle=yf3 HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=7A19DEE67BE241A5943EDCFDDB79585D&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
Request Chain 123
  • https://um.simpli.fi/telaria_p HTTP 302
  • https://simplifi.partners.tremorhub.com/sync?UISF=7A19DEE67BE241A5943EDCFDDB79585D
Request Chain 124
  • https://um.simpli.fi/tapad HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=7A19DEE67BE241A5943EDCFDDB79585D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=7A19DEE67BE241A5943EDCFDDB79585D
Request Chain 125
  • https://um.simpli.fi/ad_advisor HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=7A19DEE67BE241A5943EDCFDDB79585D HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1700321950531&ip=96.9.249.35&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D214700604704007979242 HTTP 302
  • https://um.simpli.fi/aa_px?sk=214700604704007979242 HTTP 302
  • https://um.simpli.fi/empty.gif
Request Chain 126
  • https://um.simpli.fi/intentiq HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=7A19DEE67BE241A5943EDCFDDB79585D HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=7A19DEE67BE241A5943EDCFDDB79585D&ckls=true&ci=wAgUVC59Em&nc=false&trid=-1103931988
Request Chain 127
  • https://um.simpli.fi/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:7A19DEE67BE241A5943EDCFDDB79585D
Request Chain 128
  • https://um.simpli.fi/freewheel HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=7A19DEE67BE241A5943EDCFDDB79585D
Request Chain 129
  • https://um.simpli.fi/dtnx HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=7A19DEE67BE241A5943EDCFDDB79585D;mimetype=img; HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=7A19DEE67BE241A5943EDCFDDB79585D;mimetype=img;sr HTTP 302
  • https://cms.analytics.yahoo.com/cms?partner_id=DATCS HTTP 302
  • https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS HTTP 302
  • https://pbid.pro-market.net/engine?du=81&mimetype=img&csync=y-FabFtFtE2pSrdkzIlJLIKt6hY1TSgT9gUjU-~A
Request Chain 130
  • https://um.simpli.fi/exelatem HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=7A19DEE67BE241A5943EDCFDDB79585D&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=7A19DEE67BE241A5943EDCFDDB79585D&j=0&xl8blockcheck=1
Request Chain 131
  • https://um.simpli.fi/yahoo HTTP 302
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=7A19DEE67BE241A5943EDCFDDB79585D HTTP 302
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=7A19DEE67BE241A5943EDCFDDB79585D&verify=true
Request Chain 132
  • https://um.simpli.fi/beachfront HTTP 302
  • https://sync.bfmio.com/sync?pid=141&uid=7A19DEE67BE241A5943EDCFDDB79585D
Request Chain 133
  • https://um.simpli.fi/bluekai HTTP 302
  • https://stags.bluekai.com/site/29931?id=7A19DEE67BE241A5943EDCFDDB79585D
Request Chain 134
  • https://um.simpli.fi/crwdcntrl HTTP 302
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=7A19DEE67BE241A5943EDCFDDB79585D HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=7A19DEE67BE241A5943EDCFDDB79585D
Request Chain 135
  • https://um.simpli.fi/lj_match HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=7A19DEE67BE241A5943EDCFDDB79585D HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=7A19DEE67BE241A5943EDCFDDB79585D&dnr=1
Request Chain 136
  • https://um.simpli.fi/liveramp_match HTTP 302
  • https://idsync.rlcdn.com/419566.gif?partner_uid=7A19DEE67BE241A5943EDCFDDB79585D HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CO7NGRIrCicIARDuJBogN0ExOURFRTY3QkUyNDFBNTk0M0VEQ0ZEREI3OTU4NUQQABoNCJ6146oGEgUI6AcQAEIASgA HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=6c7f2129-509e-47a6-94fe-a420a7ada107
Request Chain 137
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1700321950347&cv=7&fst=1700321950347&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=909029185&cv=7&fst=1700321950347&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=ntpYZYKkHYej_gT8m4aICw&sscte=1&crd=&pscrd=IhMIguvy7vDNggMVh5GfCh38jQGx HTTP 302
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=909029185&cv=7&fst=1700321950347&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIguvy7vDNggMVh5GfCh38jQGx&is_vtc=1&ocp_id=ntpYZYKkHYej_gT8m4aICw&cid=CAQSKQDICaaN5RSAqiTvBrlPoQq_klCSJzInU65MvI9WKVIib0n3GRrsXJ0S&random=1958178566
Request Chain 139
  • https://um.simpli.fi/an HTTP 302
  • https://ib.adnxs.com/setuid?entity=66&code=7A19DEE67BE241A5943EDCFDDB79585D
Request Chain 140
  • https://um.simpli.fi/rb_match HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=7A19DEE67BE241A5943EDCFDDB79585D&expires=365
Request Chain 141
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=7A19DEE67BE241A5943EDCFDDB79585D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=7A19DEE67BE241A5943EDCFDDB79585D
Request Chain 142
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEPKZkgkfoEAYKjC626_KFVI&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7A19DEE67BE241A5943EDCFDDB79585D HTTP 302
  • https://um.simpli.fi/g_match?id=
Request Chain 143
  • https://um.simpli.fi/smaato HTTP 302
  • https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=7A19DEE67BE241A5943EDCFDDB79585D HTTP 302
  • https://cs.lkqd.net/cs?partnerId=109&partnerUserId=cfb443f2e2&gdpr=0&gdpr_consent=
Request Chain 144
  • https://um.simpli.fi/nexxen HTTP 302
  • https://sync.1rx.io/usersync/simplifi/7A19DEE67BE241A5943EDCFDDB79585D HTTP 302
  • https://sync.1rx.io/usersync/simplifi/7A19DEE67BE241A5943EDCFDDB79585D?zcc=1&cb=1700321950556 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-7f59a218-9230-46b3-b127-e5c5cef621da-005
Request Chain 145
  • https://um.simpli.fi/triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=7969&xuid=7A19DEE67BE241A5943EDCFDDB79585D&dongle=yf3 HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=7A19DEE67BE241A5943EDCFDDB79585D&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
Request Chain 146
  • https://um.simpli.fi/telaria_p HTTP 302
  • https://simplifi.partners.tremorhub.com/sync?UISF=7A19DEE67BE241A5943EDCFDDB79585D
Request Chain 147
  • https://um.simpli.fi/tapad HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=7A19DEE67BE241A5943EDCFDDB79585D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=7A19DEE67BE241A5943EDCFDDB79585D
Request Chain 148
  • https://um.simpli.fi/ad_advisor HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=7A19DEE67BE241A5943EDCFDDB79585D HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1700321950529&ip=96.9.249.35&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D212630604704007984171 HTTP 302
  • https://um.simpli.fi/aa_px?sk=212630604704007984171 HTTP 302
  • https://um.simpli.fi/empty.gif
Request Chain 149
  • https://um.simpli.fi/intentiq HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=7A19DEE67BE241A5943EDCFDDB79585D HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=7A19DEE67BE241A5943EDCFDDB79585D&ckls=true&ci=9mCowxeomW&nc=false&trid=-639575343
Request Chain 150
  • https://um.simpli.fi/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:7A19DEE67BE241A5943EDCFDDB79585D
Request Chain 151
  • https://um.simpli.fi/freewheel HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=7A19DEE67BE241A5943EDCFDDB79585D
Request Chain 152
  • https://um.simpli.fi/dtnx HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=7A19DEE67BE241A5943EDCFDDB79585D;mimetype=img; HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=7A19DEE67BE241A5943EDCFDDB79585D;mimetype=img;sr HTTP 302
  • https://idsync.rlcdn.com/400646.gif?partner_uid=850954027848977010
Request Chain 153
  • https://um.simpli.fi/exelatem HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=7A19DEE67BE241A5943EDCFDDB79585D&j=0
Request Chain 154
  • https://um.simpli.fi/yahoo HTTP 302
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=7A19DEE67BE241A5943EDCFDDB79585D HTTP 302
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=7A19DEE67BE241A5943EDCFDDB79585D&verify=true
Request Chain 155
  • https://um.simpli.fi/beachfront HTTP 302
  • https://sync.bfmio.com/sync?pid=141&uid=7A19DEE67BE241A5943EDCFDDB79585D
Request Chain 156
  • https://um.simpli.fi/bluekai HTTP 302
  • https://stags.bluekai.com/site/29931?id=7A19DEE67BE241A5943EDCFDDB79585D
Request Chain 157
  • https://um.simpli.fi/crwdcntrl HTTP 302
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=7A19DEE67BE241A5943EDCFDDB79585D HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=7A19DEE67BE241A5943EDCFDDB79585D
Request Chain 158
  • https://um.simpli.fi/lj_match HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=7A19DEE67BE241A5943EDCFDDB79585D HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=7A19DEE67BE241A5943EDCFDDB79585D&dnr=1
Request Chain 159
  • https://um.simpli.fi/liveramp_match HTTP 302
  • https://idsync.rlcdn.com/419566.gif?partner_uid=7A19DEE67BE241A5943EDCFDDB79585D HTTP 307
  • https://pippio.com/api/sync?pid=5324&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpGgwInrXjqgYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpGgwInrXjqgYSBAgCEABCAEoA&google_gid=CAESED6LKGBVM5_zQ6L7PEp2cfw&google_cver=1 HTTP 307
  • https://p.adsymptotic.com/d/px/?_pid=16257&_psign=5a9f251662be469b9732c38b03f11952&_redirect=https%3A%2F%2Fpippio.com%2Fapi%2Fsync%3Fpid%3D710202%26it%3D1%26iv%3D%24%7BUUID%7D&_rand=03548031
Request Chain 161
  • https://um.simpli.fi/an HTTP 302
  • https://ib.adnxs.com/setuid?entity=66&code=7A19DEE67BE241A5943EDCFDDB79585D
Request Chain 162
  • https://um.simpli.fi/rb_match HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=7A19DEE67BE241A5943EDCFDDB79585D&expires=365
Request Chain 163
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=7A19DEE67BE241A5943EDCFDDB79585D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=7A19DEE67BE241A5943EDCFDDB79585D
Request Chain 164
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
  • https://um.simpli.fi/g_match?id=&google_gid=CAESELljDJI_IgQDAG-hFutel_g&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7A19DEE67BE241A5943EDCFDDB79585D HTTP 302
  • https://um.simpli.fi/g_match?id=
Request Chain 165
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1700321950350&cv=7&fst=1700321950350&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=503273521&cv=7&fst=1700321950350&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=ntpYZeWqHdCNoPMP5_CdiAI&sscte=1&crd=&pscrd=IhMI5fHy7vDNggMV0AZoCB1neAch HTTP 302
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=503273521&cv=7&fst=1700321950350&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI5fHy7vDNggMV0AZoCB1neAch&is_vtc=1&ocp_id=ntpYZeWqHdCNoPMP5_CdiAI&cid=CAQSKQDICaaNZg33BU6892kMPGjsECTv9OrhThLvpygP1msk6VGq3d3zTHs_&random=4278094487

167 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.imcu.com/
55 KB
13 KB
Document
General
Full URL
https://www.imcu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
2950b48f9b87db4589b282a759df682217f78541eca4c7d38329d8182fa2fbd7
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' crownpeak.net *.crownpeak.net https://*.agentiq.co wss://*.agentiq.co https://api.cobrowse.io wss://*.cobrowse.io https://cobrowse.io *.google-analytics.com *.g.doubleclick.net *.gannettdigital.com *.rlets.com *.reachlocalservices.com *.facebook.net *.rlcdn.com *.gannettdigital.com *.facebook.com *.simpli.fi *.googleservices.com *.doubleclick.net *.googleapis.com *.segmint.net *.banno.com https://banno.com https://s3.amazonaws.com; font-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com; frame-ancestors 'self' https://*.agentiq.co https://chat-service.imcu.agentiq.co; frame-src 'self' https://app.imcu.com https://*.imcu.com *.youtube.com *.google.com *.vimeo.com https://*.agentiq.co https://cobrowse.io *.fls.doubleclick.net *.baconpay.com *.optimalblue.com *.rlets.com *.reachlocalservices.com *.facebook.net *.rlcdn.com *.gannettdigital.com *.facebook.com *.simpli.fi *.googleservices.com *.doubleclick.net *.segmint.net birdeye.com *.birdeye.com; img-src 'self' https://imcuonline-cloud.lending360.com https://agentiq-imcu-assets.s3.amazonaws.com *.google-analytics.com *.googletagmanager.com banno.com *.banno.com *.googleapis.com *.gstatic.com *.facebook.com *.rlets.com *.reachlocalservices.com *.facebook.net *.rlcdn.com *.gannettdigital.com *.facebook.com *.simpli.fi *.googleservices.com *.doubleclick.net *.segmint.net data: *.banno.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://imcuonline-cloud.lending360.com https://app.imcu.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.googleapis.com banno.com *.banno.com crownpeak.com *.crownpeak.com https://*.agentiq.co *.cobrowse.io *.rlets.com *.adnxs.com *.facebook.net *.cloudfront.net *.callrail.com *.baconpay.com *.rlets.com *.reachlocalservices.com *.facebook.net *.rlcdn.com *.gannettdigital.com *.facebook.com *.simpli.fi *.googleservices.com *.doubleclick.net https://www.google.com/recaptcha/api.js *.gstatic.com *.segmint.net birdeye.com *.birdeye.com *.banno.com; style-src 'self' 'unsafe-inline' *.googleapis.com https://chat-service.imcu.agentiq.co
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
public, max-age=0
content-encoding
gzip
content-length
11262
content-security-policy
default-src 'self'; connect-src 'self' crownpeak.net *.crownpeak.net https://*.agentiq.co wss://*.agentiq.co https://api.cobrowse.io wss://*.cobrowse.io https://cobrowse.io *.google-analytics.com *.g.doubleclick.net *.gannettdigital.com *.rlets.com *.reachlocalservices.com *.facebook.net *.rlcdn.com *.gannettdigital.com *.facebook.com *.simpli.fi *.googleservices.com *.doubleclick.net *.googleapis.com *.segmint.net *.banno.com https://banno.com https://s3.amazonaws.com; font-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com; frame-ancestors 'self' https://*.agentiq.co https://chat-service.imcu.agentiq.co; frame-src 'self' https://app.imcu.com https://*.imcu.com *.youtube.com *.google.com *.vimeo.com https://*.agentiq.co https://cobrowse.io *.fls.doubleclick.net *.baconpay.com *.optimalblue.com *.rlets.com *.reachlocalservices.com *.facebook.net *.rlcdn.com *.gannettdigital.com *.facebook.com *.simpli.fi *.googleservices.com *.doubleclick.net *.segmint.net birdeye.com *.birdeye.com; img-src 'self' https://imcuonline-cloud.lending360.com https://agentiq-imcu-assets.s3.amazonaws.com *.google-analytics.com *.googletagmanager.com banno.com *.banno.com *.googleapis.com *.gstatic.com *.facebook.com *.rlets.com *.reachlocalservices.com *.facebook.net *.rlcdn.com *.gannettdigital.com *.facebook.com *.simpli.fi *.googleservices.com *.doubleclick.net *.segmint.net data: *.banno.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://imcuonline-cloud.lending360.com https://app.imcu.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.googleapis.com banno.com *.banno.com crownpeak.com *.crownpeak.com https://*.agentiq.co *.cobrowse.io *.rlets.com *.adnxs.com *.facebook.net *.cloudfront.net *.callrail.com *.baconpay.com *.rlets.com *.reachlocalservices.com *.facebook.net *.rlcdn.com *.gannettdigital.com *.facebook.com *.simpli.fi *.googleservices.com *.doubleclick.net https://www.google.com/recaptcha/api.js *.gstatic.com *.segmint.net birdeye.com *.birdeye.com *.banno.com; style-src 'self' 'unsafe-inline' *.googleapis.com https://chat-service.imcu.agentiq.co
content-type
text/html; charset=utf-8
date
Sat, 18 Nov 2023 15:39:08 GMT
expires
Sat, 18 Nov 2023 15:39:08 GMT
server
nginx
strict-transport-security
max-age=16070400
vary
Accept-Encoding
via
varnish
x-ad-insert-result
no ads - index
x-b3-traceid
8db3afe48403b4e0
x-content-type-options
nosniff
x-envoy-upstream-service-time
104
x-frame-options
SAMEORIGIN
x-request-id
19bdcd93-0832-9ace-bd81-dc9c3ebfec8a
x-varnish
106376911
x-varnish-count
0
x-varnish-hitmiss
MISS
x-varnish-ttl
0.000
x-xss-protection
1; mode=block
main.min.css
www.imcu.com/assets/css/
401 KB
48 KB
Stylesheet
General
Full URL
https://www.imcu.com/assets/css/main.min.css?v=1699977987544
Requested by
Host: www.imcu.com
URL: https://www.imcu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e8340af2c2dc38ad3de763776e43ff7974757e11e5eb8cc10d6e75f16882ce9f
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=16070400
via
varnish
x-b3-traceid
c8f30588cebf156f
age
81239
x-varnish-ttl
259200.000
x-varnish-hitmiss
HIT
x-envoy-upstream-service-time
0
content-disposition
filename="main.min.css"
content-length
48088
x-xss-protection
1; mode=block
x-request-id
8d72ad9b-2178-9c7d-9dfe-bf8b39eb78f5
x-varnish-count
3768
last-modified
Tue, 14 Nov 2023 17:04:40 GMT
server
nginx
etag
"4341b07f4098438e32302135198c4795"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-varnish
105033051 86393053
cache-control
public, max-age=0
accept-ranges
bytes
expires
Fri, 17 Nov 2023 17:05:08 GMT
segmint.min.js
cdn.segmint.net/
16 KB
16 KB
Script
General
Full URL
https://cdn.segmint.net/segmint.min.js
Requested by
Host: www.imcu.com
URL: https://www.imcu.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-20.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8d5d3f4a44a4e9c6ea8f6c84f8dcc1fd7a31ad4c07df78b237c41c4d7fc10ecb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 19:18:42 GMT
Via
1.1 e4319b693fea530a4675a1f616581394.cloudfront.net (CloudFront)
Last-Modified
Wed, 20 Sep 2023 12:33:41 GMT
Server
AmazonS3
X-Amz-Cf-Pop
YUL62-P1
Age
73227
ETag
"6bdf8bf9c48aef3424ec8556d42ae32e"
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
max-age:900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16163
X-Amz-Cf-Id
vPjBSkKjiGWxJ7RU1XQZRHgd4X4CiasFf_019n-FUrzoIfLubAc6gQ==
js
www.googletagmanager.com/gtag/
286 KB
94 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Q04TV61VH4
Requested by
Host: www.imcu.com
URL: https://www.imcu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2d1d436c3b4ab349ba84c9aaa450f895a59ba21cd57955429cbe8ccd7ce56ee6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96207
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 18 Nov 2023 15:39:08 GMT
mms.js
cdn.rlets.com/capture_static/mms/
3 KB
2 KB
Script
General
Full URL
https://cdn.rlets.com/capture_static/mms/mms.js
Requested by
Host: www.imcu.com
URL: https://www.imcu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2305:400:6:9a19:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
99c4e063fef9de92f780394db21c614a35cc62deea02801aa45df58b6f686be9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 19:19:14 GMT
content-encoding
br
via
1.1 7a887c7cb9fe4a7abca02d85e8b196e8.cloudfront.net (CloudFront)
last-modified
Tue, 07 Nov 2023 21:02:14 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P2
age
73195
etag
W/"2793d2aa83c14466ab58d339eea320ec"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
1gU0T0ELeD92HoUSg55v4wCgirJxZPq6By16ITrS6CfpjQOvezKh2A==
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/seg?add=18206467&t=1
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D18206467%26t%3D1
0
804 B
Script
General
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D18206467%26t%3D1
Requested by
Host: www.imcu.com
URL: https://www.imcu.com/
Protocol
H2
Server
68.67.161.182 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 15:39:08 GMT
an-x-request-uuid
2dbf4418-ecc3-4141-b91d-23444873901e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.35; 96.9.249.35; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 15:39:08 GMT
an-x-request-uuid
69c71b15-44b4-4e44-836a-2bdc19c3433f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D18206467%26t%3D1
x-proxy-origin
96.9.249.35; 96.9.249.35; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
welcome-catnav.png
www.imcu.com/assets/img/
2 KB
3 KB
Image
General
Full URL
https://www.imcu.com/assets/img/welcome-catnav.png
Requested by
Host: www.imcu.com
URL: https://www.imcu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
deba2226480a94e33c151e7e6ba92e52520aea9d060976831c23289d6fbb3394
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security
max-age=16070400
x-content-type-options
nosniff
via
varnish
x-b3-traceid
6ab315548dd0798e
age
81237
x-varnish-ttl
259200.000
x-varnish-hitmiss
HIT
x-envoy-upstream-service-time
0
content-disposition
filename="welcome-catnav.png"
content-length
2246
x-xss-protection
1; mode=block
x-request-id
ccf4a780-1d86-99a2-93e6-c7bebca2eab0
x-varnish-count
3733
last-modified
Tue, 14 Nov 2023 17:04:40 GMT
server
nginx
etag
"c9832c6924b9c21cda33e07763e0ac6f"
x-frame-options
SAMEORIGIN
content-type
image/png
x-varnish
105065222 88353324
cache-control
public, max-age=0
accept-ranges
bytes
expires
Fri, 17 Nov 2023 17:05:11 GMT
welcome-nav.png
www.imcu.com/assets/img/
194 KB
195 KB
Image
General
Full URL
https://www.imcu.com/assets/img/welcome-nav.png
Requested by
Host: www.imcu.com
URL: https://www.imcu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
d2742b17a200523a46f49b6f1242f3b7e752b6bc7f371536afe845e5254f0ec8
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security
max-age=16070400
x-content-type-options
nosniff
via
varnish
x-b3-traceid
9212768a3e750eed
age
81225
x-varnish-ttl
259200.000
x-varnish-hitmiss
HIT
x-envoy-upstream-service-time
0
content-disposition
filename="welcome-nav.png"
content-length
198678
x-xss-protection
1; mode=block
x-request-id
66055bbb-8f8d-90a6-986b-310b4ef60c67
x-varnish-count
3666
last-modified
Tue, 14 Nov 2023 17:04:40 GMT
server
nginx
etag
"d2a2618763842dc8dec633363a536949"
x-frame-options
SAMEORIGIN
content-type
image/png
x-varnish
105165205 87503135
cache-control
public, max-age=0
accept-ranges
bytes
expires
Fri, 17 Nov 2023 17:05:23 GMT
welcome-login.png
www.imcu.com/assets/img/
39 KB
40 KB
Image
General
Full URL
https://www.imcu.com/assets/img/welcome-login.png
Requested by
Host: www.imcu.com
URL: https://www.imcu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
05c0571b3ac8a93c190f84cbf95e00d67bd0839a277c29fb2d750d54c987990d
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security
max-age=16070400
x-content-type-options
nosniff
via
varnish
x-b3-traceid
7a85c032f76a4acf
age
81234
x-varnish-ttl
259200.000
x-varnish-hitmiss
HIT
x-envoy-upstream-service-time
0
content-disposition
filename="welcome-login.png"
content-length
40047
x-xss-protection
1; mode=block
x-request-id
e4d8e25c-13de-989f-896e-fcb66bd2f641
x-varnish-count
3732
last-modified
Tue, 14 Nov 2023 17:04:40 GMT
server
nginx
etag
"c2d9636e3493e66bd45028d6e556fd08"
x-frame-options
SAMEORIGIN
content-type
image/png
x-varnish
105165206 86829818
cache-control
public, max-age=0
accept-ranges
bytes
expires
Fri, 17 Nov 2023 17:05:13 GMT
indiana-members-cu-logo@3x.png
www.imcu.com/assets/img/
6 KB
7 KB
Image
General
Full URL
https://www.imcu.com/assets/img/indiana-members-cu-logo@3x.png
Requested by
Host: www.imcu.com
URL: https://www.imcu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
de6d3acda35868aa8267832d374bf405a7618d5ff507d6648429dd510bd6b25d
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security
max-age=16070400
x-content-type-options
nosniff
via
varnish
x-b3-traceid
3f083f52a6e8a6a3
age
81262
x-varnish-ttl
259200.000
x-varnish-hitmiss
HIT
x-envoy-upstream-service-time
0
content-disposition
filename="indiana-members-cu-logo@3x.png"
content-length
6613
x-xss-protection
1; mode=block
x-request-id
075cbdf9-962a-9ca5-a7dd-bf8b2ab38c70
x-varnish-count
4687
last-modified
Tue, 14 Nov 2023 17:04:40 GMT
server
nginx
etag
"b2bd6092cbf9dbf5a63463194435ef65"
x-frame-options
SAMEORIGIN
content-type
image/png
x-varnish
104486873 48448263
cache-control
public, max-age=0
accept-ranges
bytes
expires
Fri, 17 Nov 2023 17:04:45 GMT
Toy-Drive-2022-Rotating-Banner.jpg
www.imcu.com/assets/files/of1iqyfG/
332 KB
333 KB
Image
General
Full URL
https://www.imcu.com/assets/files/of1iqyfG/Toy-Drive-2022-Rotating-Banner.jpg
Requested by
Host: www.imcu.com
URL: https://www.imcu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
6c6a03ff6652de29b2cc7597dcc5754ba2cd0c946392859d88f5256a8cfaeca2
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security
max-age=16070400
x-content-type-options
nosniff
via
varnish
x-b3-traceid
921f4029bc71a744
age
0
x-varnish-hitmiss
MISS
x-envoy-upstream-service-time
10
content-disposition
filename="Toy-Drive-2022-Rotating-Banner.jpg"
x-varnish-count
0
x-xss-protection
1; mode=block
x-request-id
3a0b72d3-c139-9df7-bf78-ed4906ecc391
last-modified
Mon, 07 Nov 2022 13:04:36 GMT
server
nginx
etag
"73051b4af3a6a9d1d14c2a022b6b6ee0"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-varnish
104386244
cache-control
private
accept-ranges
bytes
expires
Sat, 18 Nov 2023 15:39:08 GMT
13-Month-Certificate-Rotating-Banner-10.2023.jpg
www.imcu.com/assets/files/iBzefd7y/
792 KB
793 KB
Image
General
Full URL
https://www.imcu.com/assets/files/iBzefd7y/13-Month-Certificate-Rotating-Banner-10.2023.jpg
Requested by
Host: www.imcu.com
URL: https://www.imcu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
cff88ecc4da0fe4641c1d4ce57313b1801118b59426c09b1f9d7392ef33a5874
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security
max-age=16070400
x-content-type-options
nosniff
via
varnish
x-b3-traceid
dc0a1899fe90babe
age
0
x-varnish-hitmiss
MISS
x-envoy-upstream-service-time
4
content-disposition
filename="13-Month-Certificate-Rotating-Banner-10.2023.jpg"
x-varnish-count
0
x-xss-protection
1; mode=block
x-request-id
7c6b97e1-6eb7-95f4-97e3-9ef4150187fb
last-modified
Fri, 29 Sep 2023 17:54:42 GMT
server
nginx
etag
"07a73c804a6b5dbc28299e99a1d8a885"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-varnish
97283667
cache-control
private
accept-ranges
bytes
expires
Sat, 18 Nov 2023 15:39:08 GMT
Hiring-Open-House-2023-Rotating-Banner.jpg
www.imcu.com/assets/files/H0pnGJns/
461 KB
462 KB
Image
General
Full URL
https://www.imcu.com/assets/files/H0pnGJns/Hiring-Open-House-2023-Rotating-Banner.jpg
Requested by
Host: www.imcu.com
URL: https://www.imcu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
8ee5ce60cbae1e58b5e55b571efe515a0e418f5e3967484ccec19ce9dfe59b2f
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security
max-age=16070400
x-content-type-options
nosniff
via
varnish
x-b3-traceid
ef5d56a43877a4b7
age
0
x-varnish-hitmiss
MISS
x-envoy-upstream-service-time
10
content-disposition
filename="Hiring-Open-House-2023-Rotating-Banner.jpg"
x-varnish-count
0
x-xss-protection
1; mode=block
x-request-id
d175db1b-5e67-9675-9a01-b68e54dd4678
last-modified
Mon, 06 Nov 2023 14:49:11 GMT
server
nginx
etag
"ab23a39368f4f6a7f97034b8edf4aef9"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-varnish
107319161
cache-control
private
accept-ranges
bytes
expires
Sat, 18 Nov 2023 15:39:08 GMT
T-Mobile-2023-Rotating-Banner.jpg
www.imcu.com/assets/files/MrVTNGFD/
367 KB
368 KB
Image
General
Full URL
https://www.imcu.com/assets/files/MrVTNGFD/T-Mobile-2023-Rotating-Banner.jpg
Requested by
Host: www.imcu.com
URL: https://www.imcu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
6da3c49e01d71fe6ad6c731dd3352fb5b43114024a7a53e6a0692657b1c63dd1
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security
max-age=16070400
x-content-type-options
nosniff
via
varnish
x-b3-traceid
df8f993162fa3bdf
age
0
x-varnish-hitmiss
MISS
x-envoy-upstream-service-time
7
content-disposition
filename="T-Mobile-2023-Rotating-Banner.jpg"
x-varnish-count
0
x-xss-protection
1; mode=block
x-request-id
3305ec20-6720-9a2b-a7b6-d728f591fade
last-modified
Mon, 16 Oct 2023 17:58:14 GMT
server
nginx
etag
"ab20e3ae89461333ebd1c67500b68752"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-varnish
98186890
cache-control
private
accept-ranges
bytes
expires
Sat, 18 Nov 2023 15:39:08 GMT
Sallie-Mae-Fall-2021-Rotating-Banner.jpg
www.imcu.com/assets/files/C4i0XSCv/
492 KB
493 KB
Image
General
Full URL
https://www.imcu.com/assets/files/C4i0XSCv/Sallie-Mae-Fall-2021-Rotating-Banner.jpg
Requested by
Host: www.imcu.com
URL: https://www.imcu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
ee812a922fafe6ac67e8a6b135e812e58b24030def1850886bb862060817ce9e
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security
max-age=16070400
x-content-type-options
nosniff
via
varnish
x-b3-traceid
5d237ab27fd6efc9
age
0
x-varnish-hitmiss
MISS
x-envoy-upstream-service-time
8
content-disposition
filename="Sallie-Mae-Fall-2021-Rotating-Banner.jpg"
x-varnish-count
0
x-xss-protection
1; mode=block
x-request-id
36534a70-b2f1-9c7f-a9bc-0610eaa379e3
last-modified
Mon, 14 Nov 2022 13:18:21 GMT
server
nginx
etag
"910b304bd6e60a796fb1df5cdf1f19af"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-varnish
105356975
cache-control
private
accept-ranges
bytes
expires
Sat, 18 Nov 2023 15:39:08 GMT
Special-Offers-Homepage-Icon.png
www.imcu.com/assets/files/0kb02QFZ/
473 B
966 B
Image
General
Full URL
https://www.imcu.com/assets/files/0kb02QFZ/Special-Offers-Homepage-Icon.png
Requested by
Host: www.imcu.com
URL: https://www.imcu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
043cc930881f6a402e33c1edb1cbdd67b5604900d08b847b57041a57a380ee5a
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security
max-age=16070400
x-content-type-options
nosniff
via
varnish
x-b3-traceid
d826a5dd5e534119
age
0
x-varnish-hitmiss
MISS
x-envoy-upstream-service-time
5
content-disposition
filename="Special-Offers-Homepage-Icon.png"
x-varnish-count
0
x-xss-protection
1; mode=block
x-request-id
dde89436-b6eb-9864-958d-51b324f9fbae
last-modified
Wed, 25 Jan 2023 17:01:40 GMT
server
nginx
etag
"f9e78b83f79314708c96b0eaecae2196"
x-frame-options
SAMEORIGIN
content-type
image/png
x-varnish
100066109
cache-control
private
accept-ranges
bytes
expires
Sat, 18 Nov 2023 15:39:08 GMT
icon-mobile.png
www.imcu.com/assets/content/9X2ZqyZJ/
620 B
1 KB
Image
General
Full URL
https://www.imcu.com/assets/content/9X2ZqyZJ/icon-mobile.png
Requested by
Host: www.imcu.com
URL: https://www.imcu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
c36ee346b92890d2894b82e85526775efb3644c73834b6b86e77d2be8174af6b
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security
max-age=16070400
x-content-type-options
nosniff
via
varnish
x-b3-traceid
57f0a87953613390
age
81211
x-varnish-ttl
259200.000
x-varnish-hitmiss
HIT
x-envoy-upstream-service-time
0
content-disposition
filename="icon-mobile.png"
content-length
620
x-xss-protection
1; mode=block
x-request-id
a99f34b8-7206-93c8-be5c-2743bb4ac7c7
x-varnish-count
1034
last-modified
Mon, 22 Oct 2018 21:04:46 GMT
server
nginx
etag
"baa4e6c3499f6233b5a351a4d0476fde"
x-frame-options
SAMEORIGIN
content-type
image/png
x-varnish
105033052 85541407
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Nov 2024 17:05:36 GMT
icon-auto.png
www.imcu.com/assets/content/D91iHyeV/
540 B
1 KB
Image
General
Full URL
https://www.imcu.com/assets/content/D91iHyeV/icon-auto.png
Requested by
Host: www.imcu.com
URL: https://www.imcu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
a3b8f422d16861fae92e93ccd283bc85c68217193c4aaeed2059fa8f9290c7b3
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security
max-age=16070400
x-content-type-options
nosniff
via
varnish
x-b3-traceid
98428697aa0ec5b7
age
81201
x-varnish-ttl
259200.000
x-varnish-hitmiss
HIT
x-envoy-upstream-service-time
0
content-disposition
filename="icon-auto.png"
content-length
540
x-xss-protection
1; mode=block
x-request-id
f78ed21b-18da-9889-8b53-d5569046ab7c
x-varnish-count
958
last-modified
Mon, 22 Oct 2018 21:04:44 GMT
server
nginx
etag
"17beb90294998e528a1159e4d3a7c118"
x-frame-options
SAMEORIGIN
content-type
image/png
x-varnish
105065224 60436688
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Nov 2024 17:05:47 GMT
icon-binoculars.png
www.imcu.com/assets/content/kfaB86ca/
645 B
1 KB
Image
General
Full URL
https://www.imcu.com/assets/content/kfaB86ca/icon-binoculars.png
Requested by
Host: www.imcu.com
URL: https://www.imcu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
1c49de92a9d2aaf888a160f19745676220c659e62ed547f62a87f115e319d3e1
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security
max-age=16070400
x-content-type-options
nosniff
via
varnish
x-b3-traceid
d6b0972b96ffcdf8
age
81186
x-varnish-ttl
259200.000
x-varnish-hitmiss
HIT
x-envoy-upstream-service-time
0
content-disposition
filename="icon-binoculars.png"
content-length
645
x-xss-protection
1; mode=block
x-request-id
9c7b6ff1-c4bb-94ce-ad02-69b22563b072
x-varnish-count
941
last-modified
Mon, 22 Oct 2018 21:04:44 GMT
server
nginx
etag
"dca376e40854549683fdcaad960cb3e1"
x-frame-options
SAMEORIGIN
content-type
image/png
x-varnish
105526098 86701219
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Nov 2024 17:06:02 GMT
Homepage-Ad---Holiday-Promo-2023---708x472.jpg
www.imcu.com/assets/files/yGANEcCV/
170 KB
170 KB
Image
General
Full URL
https://www.imcu.com/assets/files/yGANEcCV/Homepage-Ad---Holiday-Promo-2023---708x472.jpg
Requested by
Host: www.imcu.com
URL: https://www.imcu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
ce5e749ecdf9d387534d9de8b09f5740278e5eba5c24c8f978a1c88ca2eaae5e
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security
max-age=16070400
x-content-type-options
nosniff
via
varnish
x-b3-traceid
5d7a261b090b85b5
age
0
x-varnish-hitmiss
MISS
x-envoy-upstream-service-time
10
content-disposition
filename="Homepage-Ad---Holiday-Promo-2023---708x472.jpg"
x-varnish-count
0
x-xss-protection
1; mode=block
x-request-id
925d3d42-945d-93f1-b42a-6265e3559b78
last-modified
Mon, 30 Oct 2023 17:54:18 GMT
server
nginx
etag
"1e92bb0ea6fcdd794302393eea0b73a6"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-varnish
96907749
cache-control
private
accept-ranges
bytes
expires
Sat, 18 Nov 2023 15:39:08 GMT
Check-Out-Our-Recent-Reviews---708x472.jpg
www.imcu.com/assets/files/YB11BLir/
137 KB
138 KB
Image
General
Full URL
https://www.imcu.com/assets/files/YB11BLir/Check-Out-Our-Recent-Reviews---708x472.jpg
Requested by
Host: www.imcu.com
URL: https://www.imcu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
998b51877fdfbebabc2efe3ffc8ad41ca771915258bcd5169d623032ccacbf1c
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security
max-age=16070400
x-content-type-options
nosniff
via
varnish
x-b3-traceid
cb1cb3df747fdfdf
age
0
x-varnish-hitmiss
MISS
x-envoy-upstream-service-time
5
content-disposition
filename="Check-Out-Our-Recent-Reviews---708x472.jpg"
x-varnish-count
0
x-xss-protection
1; mode=block
x-request-id
5771890a-bd6a-963b-b545-90dd3b15e923
last-modified
Wed, 13 Sep 2023 16:33:57 GMT
server
nginx
etag
"a8f8a5e02d910f3dcdfba743814b476b"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-varnish
105165210
cache-control
private
accept-ranges
bytes
expires
Sat, 18 Nov 2023 15:39:08 GMT
large-p-certificate.jpg
www.imcu.com/assets/content/wLXmk3VS/
264 KB
265 KB
Image
General
Full URL
https://www.imcu.com/assets/content/wLXmk3VS/large-p-certificate.jpg
Requested by
Host: www.imcu.com
URL: https://www.imcu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
b9067cbeb9d1f73d6d399fe3336d85ebfd394f52e5aa1ad843391c420dfe97d6
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security
max-age=16070400
x-content-type-options
nosniff
via
varnish
x-b3-traceid
e5b628316ad4451c
age
81217
x-varnish-ttl
259200.000
x-varnish-hitmiss
HIT
x-envoy-upstream-service-time
0
content-disposition
filename="large-p-certificate.jpg"
content-length
270023
x-xss-protection
1; mode=block
x-request-id
80417cd3-231a-9ea0-a428-edd923fc2952
x-varnish-count
978
last-modified
Mon, 22 Oct 2018 21:04:48 GMT
server
nginx
etag
"1d5d218ae8b4b545ea3f1693ea17802d"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-varnish
96907751 88386047
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Nov 2024 17:05:31 GMT
Josh-Hecker---245x275.jpg
www.imcu.com/assets/files/IMwa9Uit/
63 KB
64 KB
Image
General
Full URL
https://www.imcu.com/assets/files/IMwa9Uit/Josh-Hecker---245x275.jpg
Requested by
Host: www.imcu.com
URL: https://www.imcu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
0d7499ba0c92fd337043c52c7d71c69a1181983270100ff83ca107e540a9444e
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security
max-age=16070400
x-content-type-options
nosniff
via
varnish
x-b3-traceid
6549d45ab4ac1103
age
0
x-varnish-hitmiss
MISS
x-envoy-upstream-service-time
9
content-disposition
filename="Josh-Hecker---245x275.jpg"
x-varnish-count
0
x-xss-protection
1; mode=block
x-request-id
a25c925c-ccd6-9f8d-8753-54d7862891b0
last-modified
Fri, 04 Mar 2022 19:58:38 GMT
server
nginx
etag
"f88d99913ef8711b14661607fde607ba"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-varnish
107319163
cache-control
private
accept-ranges
bytes
expires
Sat, 18 Nov 2023 15:39:08 GMT
David-Early---245x275.jpg
www.imcu.com/assets/files/pvLtMZvp/
76 KB
77 KB
Image
General
Full URL
https://www.imcu.com/assets/files/pvLtMZvp/David-Early---245x275.jpg
Requested by
Host: www.imcu.com
URL: https://www.imcu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
dd58778debfd57758aa554e7feab13af49b532da094899e49d3ead894f7a3bfb
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security
max-age=16070400
x-content-type-options
nosniff
via
varnish
x-b3-traceid
086bdac20a1f44d8
age
0
x-varnish-hitmiss
MISS
x-envoy-upstream-service-time
7
content-disposition
filename="David-Early---245x275.jpg"
x-varnish-count
0
x-xss-protection
1; mode=block
x-request-id
53923c0c-2c86-9b29-91e7-f70ff1cddfb9
last-modified
Tue, 09 May 2023 12:22:41 GMT
server
nginx
etag
"869a2aa7ffd7c689fc5a978c60301f6c"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-varnish
106766015
cache-control
private
accept-ranges
bytes
expires
Sat, 18 Nov 2023 15:39:08 GMT
Stephanie-Wade---245x275.jpg
www.imcu.com/assets/files/KI0I3J6o/
49 KB
50 KB
Image
General
Full URL
https://www.imcu.com/assets/files/KI0I3J6o/Stephanie-Wade---245x275.jpg
Requested by
Host: www.imcu.com
URL: https://www.imcu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
5d509d9115052160a71214c89b2e7b37b696eae658d3a3d6fbc6dc35bff295a8
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security
max-age=16070400
x-content-type-options
nosniff
via
varnish
x-b3-traceid
632f4c3bfee93f0d
age
0
x-varnish-hitmiss
MISS
x-envoy-upstream-service-time
7
content-disposition
filename="Stephanie-Wade---245x275.jpg"
x-varnish-count
0
x-xss-protection
1; mode=block
x-request-id
1866c819-215f-94d1-8264-c6c6817ed410
last-modified
Mon, 20 Mar 2023 15:34:57 GMT
server
nginx
etag
"b46bb415d6463c634fdb1746a2d2a73f"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-varnish
105911467
cache-control
private
accept-ranges
bytes
expires
Sat, 18 Nov 2023 15:39:08 GMT
eho.svg
www.imcu.com/assets/img/
4 KB
2 KB
Image
General
Full URL
https://www.imcu.com/assets/img/eho.svg
Requested by
Host: www.imcu.com
URL: https://www.imcu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
bbf9daa5df73b674be7b8b59c6ed2fcd65cf44e7f4e8d050f90fa2362d394004
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=16070400
via
varnish
x-b3-traceid
e4411a0ef6ec53bf
age
81239
x-varnish-ttl
259200.000
x-varnish-hitmiss
HIT
x-envoy-upstream-service-time
0
content-disposition
filename="eho.svg"
content-length
1297
x-xss-protection
1; mode=block
x-request-id
aacc0a3f-466f-909c-b7a4-b24345c09ccf
x-varnish-count
4738
last-modified
Tue, 14 Nov 2023 17:04:40 GMT
server
nginx
etag
"7626683c7ec90757b3643ff723c40e47"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-varnish
105033053 86866319
cache-control
public, max-age=0
accept-ranges
bytes
expires
Fri, 17 Nov 2023 17:05:08 GMT
ncua-logo.svg
www.imcu.com/assets/img/
29 KB
7 KB
Image
General
Full URL
https://www.imcu.com/assets/img/ncua-logo.svg
Requested by
Host: www.imcu.com
URL: https://www.imcu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
bbf8730ba2b44b5e4a111ccee80bd8dd9cbbd2d61395e7155ecd5c7a36aa0922
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security
max-age=16070400
x-content-type-options
nosniff
content-encoding
gzip
x-b3-traceid
a776a26faaf2c056
age
81262
via
varnish
x-varnish-ttl
259200.000
x-varnish-hitmiss
HIT
x-envoy-upstream-service-time
0
content-disposition
filename="ncua-logo.svg"
content-length
6516
x-xss-protection
1; mode=block
x-request-id
e73f77c2-968c-9601-b4b5-fe3c51e9baba
x-varnish-count
4690
last-modified
Tue, 14 Nov 2023 17:04:40 GMT
server
nginx
etag
"1a5e85a38801c65b8e233f3fbd9bf05c"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
x-varnish
107059469 88905370
cache-control
public, max-age=0
accept-ranges
bytes
expires
Fri, 17 Nov 2023 17:04:45 GMT
badge.min.js
banno.com/a/monitor/api/badge/
10 KB
11 KB
Script
General
Full URL
https://banno.com/a/monitor/api/badge/badge.min.js
Requested by
Host: www.imcu.com
URL: https://www.imcu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.67.130 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ce2d1625d64cf99434862d35e765ab587e571cef399186313aba59dfa55bc5d2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security
max-age=15724800
last-modified
Mon, 17 Jul 2023 20:25:23 GMT
accept-ranges
bytes
etag
"2194018965877338"
content-length
10640
content-type
application/javascript; charset=UTF-8
alliance-one-logo.svg
www.imcu.com/assets/img/
12 KB
4 KB
Image
General
Full URL
https://www.imcu.com/assets/img/alliance-one-logo.svg
Requested by
Host: www.imcu.com
URL: https://www.imcu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
df74b077c5ba3d5821e8f57eebf409f91da9ade0b6e1c946ddce475daca051f9
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security
max-age=16070400
x-content-type-options
nosniff
content-encoding
gzip
x-b3-traceid
333b42c0dde04c84
age
81262
via
varnish
x-varnish-ttl
259200.000
x-varnish-hitmiss
HIT
x-envoy-upstream-service-time
0
content-disposition
filename="alliance-one-logo.svg"
content-length
3917
x-xss-protection
1; mode=block
x-request-id
7173c61b-d1ce-947b-ad71-cdc48f7bc7e1
x-varnish-count
4687
last-modified
Tue, 14 Nov 2023 17:04:40 GMT
server
nginx
etag
"6da3b8f5f1310bb86accd6de043aac65"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
x-varnish
105065225 88642290
cache-control
public, max-age=0
accept-ranges
bytes
expires
Fri, 17 Nov 2023 17:04:45 GMT
allpoint-logo.svg
www.imcu.com/assets/img/
2 KB
2 KB
Image
General
Full URL
https://www.imcu.com/assets/img/allpoint-logo.svg
Requested by
Host: www.imcu.com
URL: https://www.imcu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
6356bd985255864febb0109cc39be0305ef662ec3c406cc199f7c595d57d1fb2
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=16070400
via
varnish
x-b3-traceid
9216bc6153994a54
age
81234
x-varnish-ttl
259200.000
x-varnish-hitmiss
HIT
x-envoy-upstream-service-time
0
content-disposition
filename="allpoint-logo.svg"
content-length
1017
x-xss-protection
1; mode=block
x-request-id
1a1e90b1-523f-9611-b534-782abf019f43
x-varnish-count
4649
last-modified
Tue, 14 Nov 2023 17:04:40 GMT
server
nginx
etag
"673c94f3dec27085054071e31f195250"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-varnish
105526099 88422302
cache-control
public, max-age=0
accept-ranges
bytes
expires
Fri, 17 Nov 2023 17:05:14 GMT
jquery.min.js
www.imcu.com/assets/js/
85 KB
30 KB
Script
General
Full URL
https://www.imcu.com/assets/js/jquery.min.js?v=1699977987500
Requested by
Host: www.imcu.com
URL: https://www.imcu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
d31312e09389da45f7740c6c973c7d66cc9f9d501b67d07c0e3992bef2d233e7
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=16070400
via
varnish
x-b3-traceid
7948d600132325bb
age
81237
x-varnish-ttl
259200.000
x-varnish-hitmiss
HIT
x-envoy-upstream-service-time
0
content-disposition
filename="jquery.min.js"
content-length
30341
x-xss-protection
1; mode=block
x-request-id
7a58bae2-0203-9878-8c25-b97ce0eeb8c4
x-varnish-count
4612
last-modified
Tue, 14 Nov 2023 17:04:40 GMT
server
nginx
etag
"5ce6d7133f1c3a7b378706b4b921bde0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
100193497 86760944
cache-control
public, max-age=0
accept-ranges
bytes
expires
Fri, 17 Nov 2023 17:05:10 GMT
script.min.js
www.imcu.com/assets/js/
176 KB
48 KB
Script
General
Full URL
https://www.imcu.com/assets/js/script.min.js?v=1699977987500
Requested by
Host: www.imcu.com
URL: https://www.imcu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
af30c3ef9424b043e3d6d4db4b8573ec041dcad36330cacef75b8094807d9465
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=16070400
via
varnish
x-b3-traceid
bca06a656f2257a8
age
81237
x-varnish-ttl
259200.000
x-varnish-hitmiss
HIT
x-envoy-upstream-service-time
0
content-disposition
filename="script.min.js"
content-length
48358
x-xss-protection
1; mode=block
x-request-id
b4371a4c-f702-929c-b732-2aa852d3bef4
x-varnish-count
4775
last-modified
Tue, 14 Nov 2023 17:04:40 GMT
server
nginx
etag
"29a2005343c553294558097fd1eba334"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
105133561 85975420
cache-control
public, max-age=0
accept-ranges
bytes
expires
Fri, 17 Nov 2023 17:05:11 GMT
disclaimers.js
www.imcu.com/assets/target/
3 KB
2 KB
Script
General
Full URL
https://www.imcu.com/assets/target/disclaimers.js?bh=0eace5
Requested by
Host: www.imcu.com
URL: https://www.imcu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e62bdb1248c7e4d856eb804738ef310e28d3d8b4a9ef40bccb0a5059a61313d7
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=16070400
via
varnish
x-b3-traceid
0992ff66e975f66b
age
235434
x-varnish-ttl
259200.000
x-varnish-hitmiss
HIT
x-envoy-upstream-service-time
0
content-length
1400
x-xss-protection
1; mode=block
x-request-id
f5b21270-b686-903f-a2f0-7e734bcbb723
x-varnish-count
6965
last-modified
Tue, 14 Nov 2023 19:40:18 GMT
server
nginx
etag
"36cac93161bc79b1507b5ed84ace1324"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
x-varnish
105653277 45919413
cache-control
public, max-age=15552000
accept-ranges
bytes
expires
Mon, 13 May 2024 22:15:14 GMT
webchat.js
chat.agentiq.co/
141 KB
47 KB
Script
General
Full URL
https://chat.agentiq.co/webchat.js?app_id=aimb4v0c
Requested by
Host: www.imcu.com
URL: https://www.imcu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.252.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-252-94.compute-1.amazonaws.com
Software
/ Express
Resource Hash
72c6a1c05aa9c813cc6db519f9464e4d67478d3c46429251ac5d3fde75fcef1d
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:08 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
x-powered-by
Express
x-dns-prefetch-control
off
x-xss-protection
0
x-request-id
9d19c670-8628-11ee-8e16-33509a1c260d
referrer-policy
no-referrer
etag
W/"23556-3vsCaoit8p9nY/6BmwEW42ws6Zw"
x-download-options
noopen
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
1234568071
widgets-v7.birdeye.com/api/embed/v7/168150068519072/8/
Redirect Chain
  • https://birdeye.com/embed/v7/168150068519072/8/1234568071
  • https://widgets-v7.birdeye.com/api/embed/v7/168150068519072/8/1234568071
1 KB
1 KB
Script
General
Full URL
https://widgets-v7.birdeye.com/api/embed/v7/168150068519072/8/1234568071
Requested by
Host: www.imcu.com
URL: https://www.imcu.com/
Protocol
H2
Server
54.215.170.252 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-215-170-252.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
8ce8ceb4e04054456507d2fb780e5b8188be2a752f75caf380845205444398e0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:09 GMT
etag
"51d-BbfhKBok1I7wsDxRTyybptO6gz8"
content-length
1309

Redirect headers

location
https://widgets-v7.birdeye.com:443/api/embed/v7/168150068519072/8/1234568071
date
Sat, 18 Nov 2023 15:39:08 GMT
server
awselb/2.0
content-length
110
content-type
text/html
1cb1ecef-4911-4acc-b8a4-323103090a15.json
cdn.segmint.net/ Frame
0
0
Preflight
General
Full URL
https://cdn.segmint.net/1cb1ecef-4911-4acc-b8a4-323103090a15.json
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-20.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.imcu.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Via
1.1 a128f556f38fd284f05c43da08257e96.cloudfront.net (CloudFront)
X-Amz-Cf-Id
cmBybOzKkNwNTExNy3QTf2flcjY0qLowPhVxEqvXba1tXw3FW3oZUA==
X-Amz-Cf-Pop
YUL62-P1
X-Cache
Miss from cloudfront
access-control-allow-headers
content-type
access-control-allow-methods
PUT, POST, DELETE, GET
access-control-allow-origin
*
access-control-max-age
3000
date
Sat, 18 Nov 2023 15:39:09 GMT
server
AmazonS3
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
1cb1ecef-4911-4acc-b8a4-323103090a15.json
cdn.segmint.net/
313 B
959 B
XHR
General
Full URL
https://cdn.segmint.net/1cb1ecef-4911-4acc-b8a4-323103090a15.json
Requested by
Host: cdn.segmint.net
URL: https://cdn.segmint.net/segmint.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-20.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
143e78d0fc535e02e2c719c0a29f9a6e2ac00959a552de99a3d62fb36b1e3cbf

Request headers

Referer
https://www.imcu.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

Date
Sat, 18 Nov 2023 15:39:09 GMT
Via
1.1 a128f556f38fd284f05c43da08257e96.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
YUL62-P1
x-amz-server-side-encryption
AES256
X-Cache
RefreshHit from cloudfront
Connection
keep-alive
Content-Length
313
Last-Modified
Thu, 02 Mar 2023 21:15:14 GMT
Server
AmazonS3
ETag
"9e8243276c884811a405bf54321be0b6"
access-control-max-age
3000
access-control-allow-methods
PUT, POST, DELETE, GET
Content-Type
application/json
access-control-allow-origin
*
Cache-Control
max-age=900
Accept-Ranges
bytes
X-Amz-Cf-Id
kRpIJrvUQDY0qP026qgNyhguuwuyQ_D7RGLcN1lgwJGTrcL_ZDPf5g==
gtm.js
www.googletagmanager.com/
231 KB
76 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WDRHXN
Requested by
Host: www.imcu.com
URL: https://www.imcu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b837a0ca4ec882cc1e651e363063f5fc19bf8012d064d0eac49f93f31523ce38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77550
x-xss-protection
0
last-modified
Sat, 18 Nov 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 18 Nov 2023 15:39:08 GMT
seg
secure.adnxs.com/
0
804 B
Script
General
Full URL
https://secure.adnxs.com/seg?add=18206467&t=1
Requested by
Host: www.imcu.com
URL: https://www.imcu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 15:39:08 GMT
an-x-request-uuid
60bc0cb9-3921-48db-b16b-29071e7997db
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.35; 96.9.249.35; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
Icons.woff2
www.imcu.com/assets/font/
4 KB
4 KB
Font
General
Full URL
https://www.imcu.com/assets/font/Icons.woff2
Requested by
Host: www.imcu.com
URL: https://www.imcu.com/assets/css/main.min.css?v=1699977987544
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
ac3b923602f3dfae76ac778b79523b1281f9aedfda9e872cc0301a5568fd15d9
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.imcu.com/assets/css/main.min.css?v=1699977987544
Origin
https://www.imcu.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security
max-age=16070400
x-content-type-options
nosniff
via
varnish
x-b3-traceid
73f7174b65f856bf
age
81237
x-varnish-ttl
259200.000
x-varnish-hitmiss
HIT
x-envoy-upstream-service-time
0
content-disposition
filename="Icons.woff2"
content-length
4032
x-xss-protection
1; mode=block
x-request-id
9e5414ac-85da-9fce-ac61-a34ff0a11ca0
x-varnish-count
4481
last-modified
Tue, 14 Nov 2023 17:04:40 GMT
server
nginx
etag
"f0bfce138c575ae64f11ce4df9b42958"
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
x-varnish
98384041 87900879
cache-control
public, max-age=0
accept-ranges
bytes
expires
Fri, 17 Nov 2023 17:05:10 GMT
olb-background.jpg
www.imcu.com/assets/img/
29 KB
30 KB
Image
General
Full URL
https://www.imcu.com/assets/img/olb-background.jpg
Requested by
Host: www.imcu.com
URL: https://www.imcu.com/assets/css/main.min.css?v=1699977987544
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
3ba6c0fb90f1168c88deeb5a2ea1117bf88c214888f2a84c5a1dda96d0f9ce75
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/assets/css/main.min.css?v=1699977987544
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security
max-age=16070400
x-content-type-options
nosniff
via
varnish
x-b3-traceid
0c9d8c548ec34aa5
age
81237
x-varnish-ttl
259200.000
x-varnish-hitmiss
HIT
x-envoy-upstream-service-time
0
content-disposition
filename="olb-background.jpg"
content-length
29949
x-xss-protection
1; mode=block
x-request-id
f5799602-ed7d-9a31-b4d7-73683442c621
x-varnish-count
4738
last-modified
Tue, 14 Nov 2023 17:04:40 GMT
server
nginx
etag
"865bd4d78b5020090dbfbd815d5d1f8a"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-varnish
106105130 86885415
cache-control
public, max-age=0
accept-ranges
bytes
expires
Fri, 17 Nov 2023 17:05:10 GMT
insights
liqadprdct-capture-prod-east.gannettdigital.com/capture_logger/api/v1/ Frame
0
0
Preflight
General
Full URL
https://liqadprdct-capture-prod-east.gannettdigital.com/capture_logger/api/v1/insights
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.75.237.118 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.237.75.34.bc.googleusercontent.com
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.imcu.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
date
Sat, 18 Nov 2023 15:39:08 GMT
server
envoy
transfer-encoding
chunked
x-envoy-upstream-service-time
0
insights
liqadprdct-capture-prod-east.gannettdigital.com/capture_logger/api/v1/
16 B
783 B
XHR
General
Full URL
https://liqadprdct-capture-prod-east.gannettdigital.com/capture_logger/api/v1/insights
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_static/mms/mms.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.75.237.118 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.237.75.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.imcu.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type
application/json

Response headers

date
Sat, 18 Nov 2023 15:39:08 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
transfer-encoding
chunked
x-envoy-upstream-service-time
4
x-xss-protection
1; mode=block
x-request-id
dcafd17c-8f4b-4569-a811-fd045ed8bda4
x-runtime
0.002651
referrer-policy
strict-origin-when-cross-origin
server
envoy
etag
W/"c955e57777ec0d73639dca6748560d00"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
vary
Accept, Origin
cache-control
max-age=0, private, must-revalidate
content-type
application/json; charset=utf-8
last-check
banno.com/a/monitor/api/
79 B
196 B
Script
General
Full URL
https://banno.com/a/monitor/api/last-check?url=https%3A%2F%2Fwww.imcu.com%2F&callback=jha.monitor.badgeCallback
Requested by
Host: banno.com
URL: https://banno.com/a/monitor/api/badge/badge.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.67.130 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
db972d0ea962e919605b331dfa106ef79ae41ca29aebb325eb88f57b608f97a4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security
max-age=15724800
content-length
79
content-type
application/javascript; charset=UTF-8
collect
stats.g.doubleclick.net/g/
0
243 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Q04TV61VH4&cid=98233597.1700321949&gtm=45je3b81v9123591144&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q04TV61VH4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 15:39:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.imcu.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking.min.js
dxussota4xxo7.cloudfront.net/js/
420 B
756 B
Script
General
Full URL
https://dxussota4xxo7.cloudfront.net/js/tracking.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRHXN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:1000:15:4bf9:2dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a865230456a516d0d8adf08bd311599806c70bbd7b5637c696cfbfb3cf747387

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 02:07:17 GMT
via
1.1 6e86c05ccf44b10b3a7071fb1573829a.cloudfront.net (CloudFront)
last-modified
Wed, 23 Sep 2020 04:04:24 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
age
49178
etag
"b7e214e920d0c529083be4aa78a105c2"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
420
x-amz-cf-id
qRksEtxkZ5Abm4NI4bePQ-Y3TkWPEdUp9ytKp8m6Wv5QLD6kG8AxOw==
events.js
analytics.tiktok.com/i18n/pixel/
0
0

monitor-badge-dark.png
banno.com/a/monitor/api/badge/
867 B
1 KB
Image
General
Full URL
https://banno.com/a/monitor/api/badge/monitor-badge-dark.png
Requested by
Host: www.imcu.com
URL: https://www.imcu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.67.130 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
29c0460945112db52539b1f8123ef386a79721884db9d5e06697ebaa2ac6ecfa
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:08 GMT
strict-transport-security
max-age=15724800
last-modified
Mon, 17 Jul 2023 20:25:23 GMT
accept-ranges
bytes
etag
"c6c0018965877338"
content-length
867
content-type
image/png
base.css
chat-service.imcu.agentiq.co/static/themes/
9 KB
2 KB
Stylesheet
General
Full URL
https://chat-service.imcu.agentiq.co/static/themes/base.css
Requested by
Host: chat.agentiq.co
URL: https://chat.agentiq.co/webchat.js?app_id=aimb4v0c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.164.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-164-221.compute-1.amazonaws.com
Software
/ Express
Resource Hash
8ba33bd694c9294a4d95b380a23e2b66c20f385862fdc30ae109e45485dcdaaa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Tue, 07 Nov 2023 04:20:57 GMT
x-powered-by
Express
etag
W/"24a9-18ba8031828"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
x-request-id
9d425d10-8628-11ee-8e16-33509a1c260d
image_view.js
www.surveycarrot.com/js/
0
0

fbevents.js
connect.facebook.net/en_US/
202 KB
54 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.imcu.com
URL: https://www.imcu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f035:1a:face:b00c:0:3 Querétaro City, Mexico, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 18 Nov 2023 15:39:09 GMT
document-policy
force-load-at-top
content-security-policy-report-only
default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
JVIVUrl7eRr5UbLtPUPxJ2B/ltjZn7ujYC+EyrbRhieX6mCrs6cqsWUvftMqMdgdMINE1nOobxpnXlO2DHbNQw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
disclaimer
www.imcu.com/_/api/
2 KB
1 KB
XHR
General
Full URL
https://www.imcu.com/_/api/disclaimer
Requested by
Host: www.imcu.com
URL: https://www.imcu.com/assets/js/jquery.min.js?v=1699977987500
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
36435716fe9f709ba9ff30672d5812734a31f2a82e53161f9e3793a0956af652
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.imcu.com/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 18 Nov 2023 15:39:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=16070400
via
varnish
x-b3-traceid
5da2478f5c558526
age
0
x-varnish-ttl
0.000
x-varnish-hitmiss
MISS
x-envoy-upstream-service-time
4
content-length
695
x-xss-protection
1; mode=block
x-request-id
85268981-bf68-9a79-b785-73bd93177191
x-varnish-count
0
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-varnish
106009179
cache-control
public, max-age=0
accept-ranges
bytes
expires
Sat, 18 Nov 2023 15:39:08 GMT
widgets
widgets-v7.birdeye.com/api/ Frame D8CD
9 KB
9 KB
Document
General
Full URL
https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
Requested by
Host: birdeye.com
URL: https://birdeye.com/embed/v7/168150068519072/8/1234568071
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.215.170.252 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-215-170-252.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
d858813ec73f7f3a68240ddf430f965287e2d1c33e7136c9730574f0c8603976

Request headers

Referer
https://www.imcu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
https://app.birdeye.com
content-length
9542
date
Sat, 18 Nov 2023 15:39:09 GMT
etag
"2546-C5l/uTHC8nyE94b23GNQnW5VmE8"
vary
Origin
nqkCLztN_IMCU-Chat-Open-Icon---60x60-v01.png
agentiq-imcu-assets.s3.amazonaws.com/public/2023-09-01-17-08-11/
917 B
1 KB
Image
General
Full URL
https://agentiq-imcu-assets.s3.amazonaws.com/public/2023-09-01-17-08-11/nqkCLztN_IMCU-Chat-Open-Icon---60x60-v01.png
Requested by
Host: chat-service.imcu.agentiq.co
URL: https://chat-service.imcu.agentiq.co/static/themes/base.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.29.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
2b566131a0f1a46661391af4a259ae22d79a47bd8754c86f156c33d0ea684435

Request headers

accept-language
en-US,en;q=0.9
Referer
https://chat-service.imcu.agentiq.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 15:39:10 GMT
Last-Modified
Mon, 09 Jan 2023 17:08:12 GMT
Server
AmazonS3
x-amz-request-id
EKB34N01XF112HW9
ETag
"8ac911d758112d888af549bf17486135"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
917
x-amz-id-2
00vI+ldtO+b+DfyAzLLwoVM3lKZNBtGj0BSB79bb1bir706VVsiNSqzoYy07y7ffKw1x0S4BcFuDAvq1cz0tGIU/Y82gH+EVZ1X5IuHmcCI=
eda81cd4507e537c.css
widgets-v7.birdeye.com/_next/static/css/ Frame D8CD
16 KB
3 KB
Stylesheet
General
Full URL
https://widgets-v7.birdeye.com/_next/static/css/eda81cd4507e537c.css
Requested by
Host: widgets-v7.birdeye.com
URL: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.215.170.252 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-215-170-252.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
c7094491ea71a66e3154aa305ab7d97a543cb8fba7f7ff2319df08defc77c725

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:09 GMT
content-encoding
gzip
last-modified
Fri, 03 Nov 2023 03:00:12 GMT
etag
W/"3eca-18b931fba60"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
543b166e566793c9.css
widgets-v7.birdeye.com/_next/static/css/ Frame D8CD
6 KB
2 KB
Stylesheet
General
Full URL
https://widgets-v7.birdeye.com/_next/static/css/543b166e566793c9.css
Requested by
Host: widgets-v7.birdeye.com
URL: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.215.170.252 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-215-170-252.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
0173900051eca3e73d1ff9febfe462216ec16101ca2020cf2e296cf03804861f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:09 GMT
content-encoding
gzip
last-modified
Fri, 03 Nov 2023 03:00:12 GMT
etag
W/"1754-18b931fba60"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
webpack-514908bffb652963.js
widgets-v7.birdeye.com/_next/static/chunks/ Frame D8CD
1 KB
1004 B
Script
General
Full URL
https://widgets-v7.birdeye.com/_next/static/chunks/webpack-514908bffb652963.js
Requested by
Host: widgets-v7.birdeye.com
URL: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.215.170.252 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-215-170-252.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
88b7b60abfbcd15997d22d2839830aa4593142a21fc2b7be01f6896ac3d27310

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:09 GMT
content-encoding
gzip
last-modified
Fri, 03 Nov 2023 03:00:12 GMT
etag
W/"5c0-18b931fba60"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
framework-91d7f78b5b4003c8.js
widgets-v7.birdeye.com/_next/static/chunks/ Frame D8CD
127 KB
41 KB
Script
General
Full URL
https://widgets-v7.birdeye.com/_next/static/chunks/framework-91d7f78b5b4003c8.js
Requested by
Host: widgets-v7.birdeye.com
URL: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.215.170.252 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-215-170-252.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
ce3783d4091c989beac6560ce4ba0032d52339854010ac19358dfb702f226167

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:09 GMT
content-encoding
gzip
last-modified
Fri, 03 Nov 2023 03:00:12 GMT
etag
W/"1fc6a-18b931fba60"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
main-ba832cad11a030f7.js
widgets-v7.birdeye.com/_next/static/chunks/ Frame D8CD
111 KB
31 KB
Script
General
Full URL
https://widgets-v7.birdeye.com/_next/static/chunks/main-ba832cad11a030f7.js
Requested by
Host: widgets-v7.birdeye.com
URL: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.215.170.252 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-215-170-252.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
8955274567e7fe987a9de393cf379bb4c3d4fa37e124414f5f2385d6c1e9e770

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:09 GMT
content-encoding
gzip
last-modified
Fri, 03 Nov 2023 03:00:12 GMT
etag
W/"1ba4a-18b931fba60"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
_app-9813aaabf7b75be1.js
widgets-v7.birdeye.com/_next/static/chunks/pages/ Frame D8CD
4 KB
2 KB
Script
General
Full URL
https://widgets-v7.birdeye.com/_next/static/chunks/pages/_app-9813aaabf7b75be1.js
Requested by
Host: widgets-v7.birdeye.com
URL: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.215.170.252 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-215-170-252.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
1ec4fbec6b02a439bad4ece44d16811ebe29e374da31c611ab1218220e5a1d04

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:09 GMT
content-encoding
gzip
last-modified
Fri, 03 Nov 2023 03:00:12 GMT
etag
W/"11ed-18b931fba60"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
new-rotating-8a699c6e04dc2ec5.js
widgets-v7.birdeye.com/_next/static/chunks/pages/v8/ Frame D8CD
12 KB
5 KB
Script
General
Full URL
https://widgets-v7.birdeye.com/_next/static/chunks/pages/v8/new-rotating-8a699c6e04dc2ec5.js
Requested by
Host: widgets-v7.birdeye.com
URL: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.215.170.252 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-215-170-252.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
f5df67e620930892df72a02097cd31909aea56ea0501dbe12f09a9a2f3f88731

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:09 GMT
content-encoding
gzip
last-modified
Fri, 03 Nov 2023 03:00:12 GMT
etag
W/"3101-18b931fba60"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
_buildManifest.js
widgets-v7.birdeye.com/_next/static/kf_4G-AsMtcF60i4rIMFK/ Frame D8CD
3 KB
1 KB
Script
General
Full URL
https://widgets-v7.birdeye.com/_next/static/kf_4G-AsMtcF60i4rIMFK/_buildManifest.js
Requested by
Host: widgets-v7.birdeye.com
URL: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.215.170.252 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-215-170-252.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
79e088ee3377eda0f358623fc79ab1a06ce8bd1558f0788f84e43d05bb8dfcdc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:09 GMT
content-encoding
gzip
last-modified
Fri, 03 Nov 2023 03:00:12 GMT
etag
W/"dc8-18b931fba60"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
_ssgManifest.js
widgets-v7.birdeye.com/_next/static/kf_4G-AsMtcF60i4rIMFK/ Frame D8CD
77 B
289 B
Script
General
Full URL
https://widgets-v7.birdeye.com/_next/static/kf_4G-AsMtcF60i4rIMFK/_ssgManifest.js
Requested by
Host: widgets-v7.birdeye.com
URL: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.215.170.252 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-215-170-252.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:09 GMT
last-modified
Fri, 03 Nov 2023 03:00:12 GMT
etag
W/"4d-18b931fba60"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-length
77
_middlewareManifest.js
widgets-v7.birdeye.com/_next/static/kf_4G-AsMtcF60i4rIMFK/ Frame D8CD
92 B
304 B
Script
General
Full URL
https://widgets-v7.birdeye.com/_next/static/kf_4G-AsMtcF60i4rIMFK/_middlewareManifest.js
Requested by
Host: widgets-v7.birdeye.com
URL: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.215.170.252 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-215-170-252.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:09 GMT
last-modified
Fri, 03 Nov 2023 03:00:21 GMT
etag
W/"5c-18b931fdd88"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-length
92
css2
fonts.googleapis.com/ Frame D8CD
7 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Requested by
Host: widgets-v7.birdeye.com
URL: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d5e4168c549beeeb7946e688c11e8ebec9ae7d2d53fd20a1992660551b7b3668
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets-v7.birdeye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 18 Nov 2023 15:39:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 18 Nov 2023 15:05:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 18 Nov 2023 15:39:09 GMT
23893b43a33e440e884869a9ffb7d0a7.png
ddjkm7nmu27lx.cloudfront.net/283679764/ Frame D8CD
32 KB
32 KB
Image
General
Full URL
https://ddjkm7nmu27lx.cloudfront.net/283679764/23893b43a33e440e884869a9ffb7d0a7.png
Requested by
Host: widgets-v7.birdeye.com
URL: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.93.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-93-82.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5d6c3b2fc4bc70d3f833e12d18f67e54ba75324c8700a7d74249e410ce95920a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets-v7.birdeye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 01:26:55 GMT
x-amz-version-id
pPAHM_cGm52xis51JWGd9QCrjlIHQETa
via
1.1 95ad9d4dc596fb803e3114c8dbdc4b60.cloudfront.net (CloudFront)
last-modified
Fri, 17 Nov 2023 23:31:08 GMT
server
AmazonS3
x-amz-cf-pop
IAD61-P1
age
51135
etag
"78ec1eefcf17d2396ec5f3b344a6685e"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
x-amz-storage-class
REDUCED_REDUNDANCY
accept-ranges
bytes
content-length
32708
x-amz-cf-id
rbKNB0efRZvV4AVr4uuqbIVlU-1uTqDaqjOINr-e8yNBFbv8yPCsUg==
left-arrow.png
widgets-v7.birdeye.com/ Frame D8CD
2 KB
2 KB
Image
General
Full URL
https://widgets-v7.birdeye.com/left-arrow.png
Requested by
Host: widgets-v7.birdeye.com
URL: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.215.170.252 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-215-170-252.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
2b7d3452288cef3342b8db2e74bd7320026c6dc8cd07d6b9568e0d4ddcfdac43

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:09 GMT
cache-control
public, max-age=0
last-modified
Fri, 03 Nov 2023 02:59:13 GMT
accept-ranges
bytes
etag
W/"746-18b931ed3e8"
content-length
1862
content-type
image/png
right-arrow.png
widgets-v7.birdeye.com/ Frame D8CD
2 KB
2 KB
Image
General
Full URL
https://widgets-v7.birdeye.com/right-arrow.png
Requested by
Host: widgets-v7.birdeye.com
URL: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.215.170.252 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-215-170-252.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
c59f3ba94e761497a4b1e94125a40d4363b28c55b24003bdb73243660499905d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:09 GMT
cache-control
public, max-age=0
last-modified
Fri, 03 Nov 2023 02:59:13 GMT
accept-ranges
bytes
etag
W/"782-18b931ed3e8"
content-length
1922
content-type
image/png
birdeye-logo.svg
widgets-v7.birdeye.com/ Frame D8CD
3 KB
2 KB
Image
General
Full URL
https://widgets-v7.birdeye.com/birdeye-logo.svg
Requested by
Host: widgets-v7.birdeye.com
URL: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.215.170.252 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-215-170-252.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
19003bda0af25def358e5f521924bc2658b65dc47ca722fbba68684516a3ec48

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:09 GMT
content-encoding
gzip
last-modified
Fri, 03 Nov 2023 02:59:13 GMT
etag
W/"c2c-18b931ed3e8"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=0
accept-ranges
bytes
336474686714648
connect.facebook.net/signals/config/
124 KB
33 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/336474686714648?v=2.9.138&r=stable&domain=www.imcu.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f035:1a:face:b00c:0:3 Querétaro City, Mexico, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
18593949479827e48e87e970d17923131b0812675f4f13cf58a8b1d6bcf8234c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 18 Nov 2023 15:39:09 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
j2iKpZ514f7p9l8hEwkOKop5phG3zYPaJpa29d9TueyQ3Jo3uqbXyHxKEv7aN44RVqkAQzDGYNSG+33fHMNSjw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D8CD
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://widgets-v7.birdeye.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:42:05 GMT
x-content-type-options
nosniff
age
143824
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Nov 2024 23:42:05 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D8CD
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://widgets-v7.birdeye.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:09:00 GMT
x-content-type-options
nosniff
age
142209
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 00:09:00 GMT
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=336474686714648&ev=PageView&dl=https%3A%2F%2Fwww.imcu.com&rl=&if=false&ts=1700321949565&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4124&fbp=fb.1.1700321949561.433224565&cs_est=true&pm=1&hrl=733a4a&ler=empty&it=1700321949361&coo=false&cs_cc=1&rqm=GET
Requested by
Host: www.imcu.com
URL: https://www.imcu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 18 Nov 2023 15:39:09 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
event
connect.segmint.net/ Frame
0
0
Preflight
General
Full URL
https://connect.segmint.net/event
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.67.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-67-236.compute-1.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.imcu.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Auth-Username, X-Auth-Password, X-Auth-New-Password, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
Access-Control-Allow-Origin
https://www.imcu.com
Access-Control-Max-Age
1728000
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Sat, 18 Nov 2023 15:39:09 GMT
Expires
0
P3P
CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info."
Pragma
no-cache
Server
openresty
fonts.css
www.imcu.com/assets/css/
16 KB
2 KB
XHR
General
Full URL
https://www.imcu.com/assets/css/fonts.css?v=1699977987413
Requested by
Host: www.imcu.com
URL: https://www.imcu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e862c691893c4c35b8c83bf72079bcda4b2223096980fa54dba8e346c4b944a5
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:09 GMT
strict-transport-security
max-age=16070400
x-content-type-options
nosniff
content-encoding
gzip
x-b3-traceid
4f11edbff24fce31
age
81239
via
varnish
x-varnish-ttl
259200.000
x-varnish-hitmiss
HIT
x-envoy-upstream-service-time
0
content-disposition
filename="fonts.css"
content-length
1149
x-xss-protection
1; mode=block
x-request-id
94f8fef9-19d0-9d7c-a848-214d8712b5de
x-varnish-count
1271
last-modified
Tue, 14 Nov 2023 17:04:40 GMT
server
nginx
etag
"f65a0181f7fba375fcbc27fa75f7b1f4"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
x-varnish
105165222 88089540
cache-control
public, max-age=0
accept-ranges
bytes
expires
Fri, 17 Nov 2023 17:05:09 GMT
slick.woff
www.imcu.com/assets/font/
1 KB
2 KB
Font
General
Full URL
https://www.imcu.com/assets/font/slick.woff
Requested by
Host: www.imcu.com
URL: https://www.imcu.com/assets/css/main.min.css?v=1699977987544
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.imcu.com/assets/css/main.min.css?v=1699977987544
Origin
https://www.imcu.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=16070400
via
varnish
x-b3-traceid
b062cb450b7a3bd5
age
81239
x-varnish-ttl
259200.000
x-varnish-hitmiss
HIT
x-envoy-upstream-service-time
0
content-disposition
filename="slick.woff"
content-length
1343
x-xss-protection
1; mode=block
x-request-id
207a0c52-53e7-9f85-93fb-e6fa66604ab0
x-varnish-count
3346
last-modified
Tue, 14 Nov 2023 17:04:41 GMT
server
nginx
etag
"68b7679274615f255c862e55e2a2ba3c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/font-woff
x-varnish
98629723 86961055
cache-control
public, max-age=0
accept-ranges
bytes
expires
Fri, 17 Nov 2023 17:05:10 GMT
segmint.min.js
cdn.segmint.net/
16 KB
16 KB
Script
General
Full URL
https://cdn.segmint.net/segmint.min.js
Requested by
Host: www.imcu.com
URL: https://www.imcu.com/assets/js/script.min.js?v=1699977987500
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-20.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8d5d3f4a44a4e9c6ea8f6c84f8dcc1fd7a31ad4c07df78b237c41c4d7fc10ecb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 19:18:42 GMT
Via
1.1 e4319b693fea530a4675a1f616581394.cloudfront.net (CloudFront)
Last-Modified
Wed, 20 Sep 2023 12:33:41 GMT
Server
AmazonS3
X-Amz-Cf-Pop
YUL62-P1
Age
73228
ETag
"6bdf8bf9c48aef3424ec8556d42ae32e"
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
max-age:900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16163
X-Amz-Cf-Id
xmTYMKDp_uzV5pKNauUgbiUoQzhBYs6GKuPL0Ejo1ROPdSugKoqCuw==
Sallie-Mae-Fall-2021-Rotating-Banner.jpg
www.imcu.com/assets/files/C4i0XSCv/
492 KB
493 KB
Image
General
Full URL
https://www.imcu.com/assets/files/C4i0XSCv/Sallie-Mae-Fall-2021-Rotating-Banner.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
ee812a922fafe6ac67e8a6b135e812e58b24030def1850886bb862060817ce9e
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:09 GMT
strict-transport-security
max-age=16070400
x-content-type-options
nosniff
via
varnish
x-b3-traceid
c062cb01dabd534f
age
0
x-varnish-hitmiss
MISS
x-envoy-upstream-service-time
8
content-disposition
filename="Sallie-Mae-Fall-2021-Rotating-Banner.jpg"
x-varnish-count
0
x-xss-protection
1; mode=block
x-request-id
5d1cf53f-3b11-952e-8866-cab01bdeff68
last-modified
Mon, 14 Nov 2022 13:18:21 GMT
server
nginx
etag
"910b304bd6e60a796fb1df5cdf1f19af"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-varnish
106168697
cache-control
private
accept-ranges
bytes
expires
Sat, 18 Nov 2023 15:39:09 GMT
Toy-Drive-2022-Rotating-Banner.jpg
www.imcu.com/assets/files/of1iqyfG/
332 KB
333 KB
Image
General
Full URL
https://www.imcu.com/assets/files/of1iqyfG/Toy-Drive-2022-Rotating-Banner.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
6c6a03ff6652de29b2cc7597dcc5754ba2cd0c946392859d88f5256a8cfaeca2
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:09 GMT
strict-transport-security
max-age=16070400
x-content-type-options
nosniff
via
varnish
x-b3-traceid
e135a2be63fbf8e2
age
0
x-varnish-hitmiss
MISS
x-envoy-upstream-service-time
8
content-disposition
filename="Toy-Drive-2022-Rotating-Banner.jpg"
x-varnish-count
0
x-xss-protection
1; mode=block
x-request-id
b88a6094-da6b-9bbf-b652-f362f19bc380
last-modified
Mon, 07 Nov 2022 13:04:36 GMT
server
nginx
etag
"73051b4af3a6a9d1d14c2a022b6b6ee0"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-varnish
105653283
cache-control
private
accept-ranges
bytes
expires
Sat, 18 Nov 2023 15:39:09 GMT
13-Month-Certificate-Rotating-Banner-10.2023.jpg
www.imcu.com/assets/files/iBzefd7y/
792 KB
793 KB
Image
General
Full URL
https://www.imcu.com/assets/files/iBzefd7y/13-Month-Certificate-Rotating-Banner-10.2023.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
cff88ecc4da0fe4641c1d4ce57313b1801118b59426c09b1f9d7392ef33a5874
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:09 GMT
strict-transport-security
max-age=16070400
x-content-type-options
nosniff
via
varnish
x-b3-traceid
b3b5727e85aa46d5
age
0
x-varnish-hitmiss
MISS
x-envoy-upstream-service-time
8
content-disposition
filename="13-Month-Certificate-Rotating-Banner-10.2023.jpg"
x-varnish-count
0
x-xss-protection
1; mode=block
x-request-id
c79d1034-2956-93ae-bcaa-e4e8c5f3feaa
last-modified
Fri, 29 Sep 2023 17:54:42 GMT
server
nginx
etag
"07a73c804a6b5dbc28299e99a1d8a885"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-varnish
104325799
cache-control
private
accept-ranges
bytes
expires
Sat, 18 Nov 2023 15:39:09 GMT
Hiring-Open-House-2023-Rotating-Banner.jpg
www.imcu.com/assets/files/H0pnGJns/
461 KB
462 KB
Image
General
Full URL
https://www.imcu.com/assets/files/H0pnGJns/Hiring-Open-House-2023-Rotating-Banner.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
8ee5ce60cbae1e58b5e55b571efe515a0e418f5e3967484ccec19ce9dfe59b2f
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:09 GMT
strict-transport-security
max-age=16070400
x-content-type-options
nosniff
via
varnish
x-b3-traceid
ecb8f935ad4ae2d2
age
0
x-varnish-hitmiss
MISS
x-envoy-upstream-service-time
8
content-disposition
filename="Hiring-Open-House-2023-Rotating-Banner.jpg"
x-varnish-count
0
x-xss-protection
1; mode=block
x-request-id
078c101f-33b3-9039-b3d0-cfc50ab3726c
last-modified
Mon, 06 Nov 2023 14:49:11 GMT
server
nginx
etag
"ab23a39368f4f6a7f97034b8edf4aef9"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-varnish
106235935
cache-control
private
accept-ranges
bytes
expires
Sat, 18 Nov 2023 15:39:09 GMT
T-Mobile-2023-Rotating-Banner.jpg
www.imcu.com/assets/files/MrVTNGFD/
367 KB
368 KB
Image
General
Full URL
https://www.imcu.com/assets/files/MrVTNGFD/T-Mobile-2023-Rotating-Banner.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
6da3c49e01d71fe6ad6c731dd3352fb5b43114024a7a53e6a0692657b1c63dd1
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:09 GMT
strict-transport-security
max-age=16070400
x-content-type-options
nosniff
via
varnish
x-b3-traceid
23aacf60bfc181ce
age
0
x-varnish-hitmiss
MISS
x-envoy-upstream-service-time
6
content-disposition
filename="T-Mobile-2023-Rotating-Banner.jpg"
x-varnish-count
0
x-xss-protection
1; mode=block
x-request-id
70ba79a6-d212-966d-8f3e-54a4c40f39ec
last-modified
Mon, 16 Oct 2023 17:58:14 GMT
server
nginx
etag
"ab20e3ae89461333ebd1c67500b68752"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-varnish
105620294
cache-control
private
accept-ranges
bytes
expires
Sat, 18 Nov 2023 15:39:09 GMT
large-p-certificate.jpg
www.imcu.com/assets/content/wLXmk3VS/
264 KB
265 KB
Image
General
Full URL
https://www.imcu.com/assets/content/wLXmk3VS/large-p-certificate.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
b9067cbeb9d1f73d6d399fe3336d85ebfd394f52e5aa1ad843391c420dfe97d6
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:09 GMT
strict-transport-security
max-age=16070400
x-content-type-options
nosniff
via
varnish
x-b3-traceid
cc2a59360f6c8751
age
81202
x-varnish-ttl
259200.000
x-varnish-hitmiss
HIT
x-envoy-upstream-service-time
0
content-disposition
filename="large-p-certificate.jpg"
content-length
270023
x-xss-protection
1; mode=block
x-request-id
2805afd1-e9a2-96b7-ad60-f291426695ef
x-varnish-count
1008
last-modified
Mon, 22 Oct 2018 21:04:48 GMT
server
nginx
etag
"1d5d218ae8b4b545ea3f1693ea17802d"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-varnish
105165223 87960979
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Nov 2024 17:05:47 GMT
event
connect.segmint.net/
0
637 B
XHR
General
Full URL
https://connect.segmint.net/event
Requested by
Host: cdn.segmint.net
URL: https://cdn.segmint.net/segmint.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.67.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-67-236.compute-1.amazonaws.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.imcu.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

Pragma
no-cache
Date
Sat, 18 Nov 2023 15:39:08 GMT
Server
openresty
P3P
CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info."
Access-Control-Allow-Origin
https://www.imcu.com
Content-Type
text/plain;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-Application-Context
site-event-receiver-service:prod:7084
Expires
0
en1Er9rn5M
connect.segmint.net/iframe/doughnut/ Frame 158F
509 B
1 KB
Document
General
Full URL
https://connect.segmint.net/iframe/doughnut/en1Er9rn5M
Requested by
Host: cdn.segmint.net
URL: https://cdn.segmint.net/segmint.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.67.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-67-236.compute-1.amazonaws.com
Software
openresty /
Resource Hash
0aa49cded6c89343a514ac6a5bdf368cc49b43193c968852fa56a9b82e25cb32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.imcu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Language
en-US
Content-Length
307
Content-Type
text/html;charset=UTF-8
Date
Sat, 18 Nov 2023 15:39:09 GMT
Expires
0
P3P
CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info."
Pragma
no-cache
Server
openresty
Vary
Accept-Encoding
X-Application-Context
offer-delivery:prod:7074
X-B3-Sampled
1
X-B3-SpanId
1566679cf29378db
X-B3-TraceId
1566679cf29378db
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
en1rr5rxMofqdM
connect.segmint.net/bearclaw/invoke/
2 KB
2 KB
XHR
General
Full URL
https://connect.segmint.net/bearclaw/invoke/en1rr5rxMofqdM?new_window=true
Requested by
Host: cdn.segmint.net
URL: https://cdn.segmint.net/segmint.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.67.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-67-236.compute-1.amazonaws.com
Software
openresty /
Resource Hash
b55d22025050b8cf5c5b095cc4507098c1250fcac5f62c668b9d01880e2f9564
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 15:39:09 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Decision-Count
1
X-B3-TraceId
cc598f68f02623ff
X-PartnerId
87563015
P3P
CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info."
Connection
keep-alive
X-DecisionId
2becd19a-6349-41e6-a07f-2f61aaa9b9d0
X-MediaId
53181
X-Application-Context
offer-delivery:prod:7074
Content-Length
697
X-XSS-Protection
1; mode=block
Pragma
no-cache
X-Known-Consumer
false
Server
openresty
Vary
Accept-Encoding, Origin
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.imcu.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
X-B3-SpanId
cc598f68f02623ff
X-B3-Sampled
1
X-Targeted
false
Expires
0
montserrat-bold-webfont.woff2
www.imcu.com/assets/font/
18 KB
19 KB
Font
General
Full URL
https://www.imcu.com/assets/font/montserrat-bold-webfont.woff2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e63a6b5008fdcd33d835ed9d11e4fa939639220adc592f0dc3e0537935366325
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.imcu.com/
Origin
https://www.imcu.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:09 GMT
strict-transport-security
max-age=16070400
x-content-type-options
nosniff
via
varnish
x-b3-traceid
18c86654eac44893
age
81239
x-varnish-ttl
259200.000
x-varnish-hitmiss
HIT
x-envoy-upstream-service-time
0
content-disposition
filename="montserrat-bold-webfont.woff2"
content-length
18616
x-xss-protection
1; mode=block
x-request-id
6f7a431b-24ca-91e4-a7ff-86b85aa8889e
x-varnish-count
4016
last-modified
Tue, 14 Nov 2023 17:04:41 GMT
server
nginx
etag
"9f0fe404514ff7a8f05f6cf7f726a726"
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
x-varnish
105419233 85541169
cache-control
public, max-age=0
accept-ranges
bytes
expires
Fri, 17 Nov 2023 17:05:10 GMT
montserrat-extralight-webfont.woff2
www.imcu.com/assets/font/
18 KB
18 KB
Font
General
Full URL
https://www.imcu.com/assets/font/montserrat-extralight-webfont.woff2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
203fc1a4d3e07fd93d7afc29b41aa5e720343f8a126e446ceed930ec2746029d
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.imcu.com/
Origin
https://www.imcu.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:09 GMT
strict-transport-security
max-age=16070400
x-content-type-options
nosniff
via
varnish
x-b3-traceid
9fdcb9cdb0b88a44
age
81239
x-varnish-ttl
259200.000
x-varnish-hitmiss
HIT
x-envoy-upstream-service-time
0
content-disposition
filename="montserrat-extralight-webfont.woff2"
content-length
18024
x-xss-protection
1; mode=block
x-request-id
9b3c9d81-f2e2-9399-ad35-2237fa34244a
x-varnish-count
4357
last-modified
Tue, 14 Nov 2023 17:04:41 GMT
server
nginx
etag
"4303be735143b509feaba7a4d10dfd95"
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
x-varnish
106864804 88905605
cache-control
public, max-age=0
accept-ranges
bytes
expires
Fri, 17 Nov 2023 17:05:10 GMT
montserrat-light-webfont.woff2
www.imcu.com/assets/font/
18 KB
18 KB
Font
General
Full URL
https://www.imcu.com/assets/font/montserrat-light-webfont.woff2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
44de8d3c22224f052fa98c400574244686f2d34237b15f280ca46864bf3fb641
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.imcu.com/
Origin
https://www.imcu.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:09 GMT
strict-transport-security
max-age=16070400
x-content-type-options
nosniff
via
varnish
x-b3-traceid
da89e704848da445
age
81238
x-varnish-ttl
259200.000
x-varnish-hitmiss
HIT
x-envoy-upstream-service-time
0
content-disposition
filename="montserrat-light-webfont.woff2"
content-length
18304
x-xss-protection
1; mode=block
x-request-id
b996ff40-7290-9c15-bfd7-aa5cda4671e2
x-varnish-count
4659
last-modified
Tue, 14 Nov 2023 17:04:41 GMT
server
nginx
etag
"45dca2b26dfb46bcb62318a0c82338c9"
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
x-varnish
106864805 88552251
cache-control
public, max-age=0
accept-ranges
bytes
expires
Fri, 17 Nov 2023 17:05:11 GMT
montserrat-regular-webfont.woff2
www.imcu.com/assets/font/
18 KB
19 KB
Font
General
Full URL
https://www.imcu.com/assets/font/montserrat-regular-webfont.woff2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
27f3557cf2b2a8e9ad2ca51eb3f3bf784a03e9dd4e149b50122179492480baaa
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.imcu.com/
Origin
https://www.imcu.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:09 GMT
strict-transport-security
max-age=16070400
x-content-type-options
nosniff
via
varnish
x-b3-traceid
fee234b46d4ca898
age
81236
x-varnish-ttl
259200.000
x-varnish-hitmiss
HIT
x-envoy-upstream-service-time
0
content-disposition
filename="montserrat-regular-webfont.woff2"
content-length
18500
x-xss-protection
1; mode=block
x-request-id
b3a0edb4-5d2f-9747-b227-46a318f69c97
x-varnish-count
4546
last-modified
Tue, 14 Nov 2023 17:04:41 GMT
server
nginx
etag
"53eca2b5ec904d06652753d02b06fd30"
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
x-varnish
103866420 63485939
cache-control
public, max-age=0
accept-ranges
bytes
expires
Fri, 17 Nov 2023 17:05:12 GMT
montserrat-lightitalic-webfont.woff2
www.imcu.com/assets/font/
20 KB
21 KB
Font
General
Full URL
https://www.imcu.com/assets/font/montserrat-lightitalic-webfont.woff2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
b5e5860634bdd32e8c252820ec604974db116b506451fa7b4c2511d200547ade
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.imcu.com/
Origin
https://www.imcu.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:09 GMT
strict-transport-security
max-age=16070400
x-content-type-options
nosniff
via
varnish
x-b3-traceid
e55f6d5479e037e6
age
81239
x-varnish-ttl
259200.000
x-varnish-hitmiss
HIT
x-envoy-upstream-service-time
0
content-disposition
filename="montserrat-lightitalic-webfont.woff2"
content-length
20952
x-xss-protection
1; mode=block
x-request-id
428149fe-23cb-9a8d-b902-5b016e57de2a
x-varnish-count
3165
last-modified
Tue, 14 Nov 2023 17:04:41 GMT
server
nginx
etag
"a7fb4a29f4c5f62e384d31442f9ebfd3"
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
x-varnish
105165224 85654599
cache-control
public, max-age=0
accept-ranges
bytes
expires
Fri, 17 Nov 2023 17:05:10 GMT
big_noodle_titling-webfont.woff2
www.imcu.com/assets/font/
7 KB
8 KB
Font
General
Full URL
https://www.imcu.com/assets/font/big_noodle_titling-webfont.woff2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
63fd15be26a1aa843ba677f3013c0d0af56bd78e12e71dd8497bafd87baf47ec
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.imcu.com/
Origin
https://www.imcu.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:09 GMT
strict-transport-security
max-age=16070400
x-content-type-options
nosniff
via
varnish
x-b3-traceid
7192acd6d528dd0c
age
81239
x-varnish-ttl
259200.000
x-varnish-hitmiss
HIT
x-envoy-upstream-service-time
0
content-disposition
filename="big_noodle_titling-webfont.woff2"
content-length
7484
x-xss-protection
1; mode=block
x-request-id
838b0f7e-272f-9a3d-8cc6-e6eacf98c7fa
x-varnish-count
4554
last-modified
Tue, 14 Nov 2023 17:04:41 GMT
server
nginx
etag
"6b1676b5c7c740bcfa57e8c94e2c784f"
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
x-varnish
104751234 87701255
cache-control
public, max-age=0
accept-ranges
bytes
expires
Fri, 17 Nov 2023 17:05:10 GMT
sourcesanspro-regular.woff2
www.imcu.com/assets/font/
45 KB
46 KB
Font
General
Full URL
https://www.imcu.com/assets/font/sourcesanspro-regular.woff2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
fe03463c16e34490f3ea189edc669bc48d45eacbeadfa2411f712697ff798ad1
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.imcu.com/
Origin
https://www.imcu.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:09 GMT
strict-transport-security
max-age=16070400
x-content-type-options
nosniff
via
varnish
x-b3-traceid
31063bc3a7af8bd3
age
81239
x-varnish-ttl
259200.000
x-varnish-hitmiss
HIT
x-envoy-upstream-service-time
0
content-disposition
filename="sourcesanspro-regular.woff2"
content-length
46132
x-xss-protection
1; mode=block
x-request-id
25ca1a1a-3e62-9590-b6be-62c46462ac3a
x-varnish-count
4429
last-modified
Tue, 14 Nov 2023 17:04:41 GMT
server
nginx
etag
"c53bf4d759e26cf5ee64d22ab1e91fdb"
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
x-varnish
104906639 87936848
cache-control
public, max-age=0
accept-ranges
bytes
expires
Fri, 17 Nov 2023 17:05:10 GMT
sourcesanspro-light.woff2
www.imcu.com/assets/font/
45 KB
46 KB
Font
General
Full URL
https://www.imcu.com/assets/font/sourcesanspro-light.woff2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
d87970bf467a996cd954b95004295ec93a16448c279a91a9057e7d1c1aa9349c
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.imcu.com/
Origin
https://www.imcu.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:09 GMT
strict-transport-security
max-age=16070400
x-content-type-options
nosniff
via
varnish
x-b3-traceid
b0bec892cda15048
age
81239
x-varnish-ttl
259200.000
x-varnish-hitmiss
HIT
x-envoy-upstream-service-time
0
content-disposition
filename="sourcesanspro-light.woff2"
content-length
46108
x-xss-protection
1; mode=block
x-request-id
e92c0c52-038f-9208-92a9-f4422e1a364c
x-varnish-count
4644
last-modified
Tue, 14 Nov 2023 17:04:41 GMT
server
nginx
etag
"1d66e92b3708bed75317ef50795cf7a4"
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
x-varnish
96861472 88647075
cache-control
public, max-age=0
accept-ranges
bytes
expires
Fri, 17 Nov 2023 17:05:10 GMT
sourcesanspro-semibold.woff2
www.imcu.com/assets/font/
45 KB
45 KB
Font
General
Full URL
https://www.imcu.com/assets/font/sourcesanspro-semibold.woff2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
dfff06cba861f460a8e1fad3e324f973acb4879d52140d5b296d990463325837
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.imcu.com/
Origin
https://www.imcu.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:09 GMT
strict-transport-security
max-age=16070400
x-content-type-options
nosniff
via
varnish
x-b3-traceid
4f03194a28b20a6f
age
81238
x-varnish-ttl
259200.000
x-varnish-hitmiss
HIT
x-envoy-upstream-service-time
0
content-disposition
filename="sourcesanspro-semibold.woff2"
content-length
45936
x-xss-protection
1; mode=block
x-request-id
bddec925-f587-9ff5-ac41-20ff6dfa1161
x-varnish-count
4414
last-modified
Tue, 14 Nov 2023 17:04:41 GMT
server
nginx
etag
"b862dcfab752adadf80299425574f5aa"
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
x-varnish
104623162 64606525
cache-control
public, max-age=0
accept-ranges
bytes
expires
Fri, 17 Nov 2023 17:05:11 GMT
montserrat-thin-webfont.woff2
www.imcu.com/assets/font/
17 KB
17 KB
Font
General
Full URL
https://www.imcu.com/assets/font/montserrat-thin-webfont.woff2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
1771a218aed647200de0deda659d6ac94a25729b4e9cf7f78e2efa1c52b90b22
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.imcu.com/
Origin
https://www.imcu.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:09 GMT
strict-transport-security
max-age=16070400
x-content-type-options
nosniff
via
varnish
x-b3-traceid
24495e3b9cc96160
age
81224
x-varnish-ttl
259200.000
x-varnish-hitmiss
HIT
x-envoy-upstream-service-time
0
content-disposition
filename="montserrat-thin-webfont.woff2"
content-length
17260
x-xss-protection
1; mode=block
x-request-id
f0023b75-51a2-99d4-8bf7-69ddf3c142ca
x-varnish-count
3512
last-modified
Tue, 14 Nov 2023 17:04:41 GMT
server
nginx
etag
"0aad665492adfa220981fba714c2bc85"
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
x-varnish
105911477 88514777
cache-control
public, max-age=0
accept-ranges
bytes
expires
Fri, 17 Nov 2023 17:05:25 GMT
sourcesanspro-italic.woff2
www.imcu.com/assets/font/
36 KB
37 KB
Font
General
Full URL
https://www.imcu.com/assets/font/sourcesanspro-italic.woff2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
91db5317414cb41f684846ada251e11a6926ba2860a702cee2287e98b70c5dfb
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.imcu.com/
Origin
https://www.imcu.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:09 GMT
strict-transport-security
max-age=16070400
x-content-type-options
nosniff
via
varnish
x-b3-traceid
a6e9a1d598d517c8
age
81263
x-varnish-ttl
259200.000
x-varnish-hitmiss
HIT
x-envoy-upstream-service-time
0
content-disposition
filename="sourcesanspro-italic.woff2"
content-length
37256
x-xss-protection
1; mode=block
x-request-id
3592edf4-152b-915a-bc0f-9e31d01e3512
x-varnish-count
3536
last-modified
Tue, 14 Nov 2023 17:04:41 GMT
server
nginx
etag
"3c28ae2ca469f5f4f7dc664ae917c17c"
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
x-varnish
105419234 84997331
cache-control
public, max-age=0
accept-ranges
bytes
expires
Fri, 17 Nov 2023 17:04:45 GMT
sourcesanspro-extralight.woff2
www.imcu.com/assets/font/
44 KB
45 KB
Font
General
Full URL
https://www.imcu.com/assets/font/sourcesanspro-extralight.woff2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
46b1f1cb2341d81a988bb35b370ee6b4aaad6a2897c9134fe655d6e02404f2c8
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.imcu.com/
Origin
https://www.imcu.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:09 GMT
strict-transport-security
max-age=16070400
x-content-type-options
nosniff
via
varnish
x-b3-traceid
8f9fab5332a89193
age
81239
x-varnish-ttl
259200.000
x-varnish-hitmiss
HIT
x-envoy-upstream-service-time
0
content-disposition
filename="sourcesanspro-extralight.woff2"
content-length
45100
x-xss-protection
1; mode=block
x-request-id
c8b8357f-eb10-918a-8eb7-675c574f4320
x-varnish-count
4564
last-modified
Tue, 14 Nov 2023 17:04:41 GMT
server
nginx
etag
"ac5583a8382c06d5b1f1774461ec3bc4"
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
x-varnish
91345511 86393071
cache-control
public, max-age=0
accept-ranges
bytes
expires
Fri, 17 Nov 2023 17:05:10 GMT
1cb1ecef-4911-4acc-b8a4-323103090a15.json
cdn.segmint.net/
313 B
960 B
XHR
General
Full URL
https://cdn.segmint.net/1cb1ecef-4911-4acc-b8a4-323103090a15.json
Requested by
Host: cdn.segmint.net
URL: https://cdn.segmint.net/segmint.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-20.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
143e78d0fc535e02e2c719c0a29f9a6e2ac00959a552de99a3d62fb36b1e3cbf

Request headers

Referer
https://www.imcu.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

Date
Sat, 18 Nov 2023 15:39:09 GMT
Via
1.1 a128f556f38fd284f05c43da08257e96.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
YUL62-P1
Age
1
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
313
Last-Modified
Thu, 02 Mar 2023 21:15:14 GMT
Server
AmazonS3
ETag
"9e8243276c884811a405bf54321be0b6"
access-control-max-age
3000
access-control-allow-methods
PUT, POST, DELETE, GET
Content-Type
application/json
access-control-allow-origin
*
Cache-Control
max-age=900
Accept-Ranges
bytes
X-Amz-Cf-Id
qWc_MvJy9n-L3GyzvHDOb9yZgcdJNlPpNNQcNqVgFZWspoXbsAiG4w==
1cb1ecef-4911-4acc-b8a4-323103090a15.json
cdn.segmint.net/ Frame
0
0
Preflight
General
Full URL
https://cdn.segmint.net/1cb1ecef-4911-4acc-b8a4-323103090a15.json
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-20.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.imcu.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Via
1.1 a128f556f38fd284f05c43da08257e96.cloudfront.net (CloudFront)
X-Amz-Cf-Id
08R50cwweFPSYuauQgNkrOc8-8eRLzXOHR4SI3muqOhAMkAFLLwUaw==
X-Amz-Cf-Pop
YUL62-P1
X-Cache
Miss from cloudfront
access-control-allow-headers
content-type
access-control-allow-methods
PUT, POST, DELETE, GET
access-control-allow-origin
*
access-control-max-age
3000
date
Sat, 18 Nov 2023 15:39:10 GMT
server
AmazonS3
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRHXN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 18 Nov 2023 13:49:09 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6601
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 18 Nov 2023 15:49:09 GMT
swap.js
cdn.callrail.com/companies/903706234/2b7b80f06241081c703b/12/
36 KB
11 KB
Script
General
Full URL
https://cdn.callrail.com/companies/903706234/2b7b80f06241081c703b/12/swap.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRHXN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-85.iad79.r.cloudfront.net
Software
/
Resource Hash
8d4e19d4fbff09f97d19c07963009c1e4cda8e37c4e34150fee1888f49033431
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c640b1afa51b342db4c4d96d404a1eda.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
none
x-amz-cf-pop
IAD79-C2
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
x-request-id
56cd3888-3fda-4106-bb76-61d4be43d3be
x-runtime
0.008817
referrer-policy
strict-origin-when-cross-origin
etag
W/"8d4e19d4fbff09f97d19c07963009c1e"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600, public
timing-allow-origin
*
x-amz-cf-id
knfTlBHLvuDlNZwuYsbFFzT_jB4oBCb4nleEaEvHYwdnlV_cfJkH3w==
activityi;dc_pre=CPDA2u7wzYIDFX4DTwgdcnoHHQ;src=8136673;type=pagehit;cat=imcu-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9879383442839.389
8136673.fls.doubleclick.net/ Frame C90F
Redirect Chain
  • https://8136673.fls.doubleclick.net/activityi;src=8136673;type=pagehit;cat=imcu-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9879383442839.389?
  • https://8136673.fls.doubleclick.net/activityi;dc_pre=CPDA2u7wzYIDFX4DTwgdcnoHHQ;src=8136673;type=pagehit;cat=imcu-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9879383442839.389?
485 B
429 B
Document
General
Full URL
https://8136673.fls.doubleclick.net/activityi;dc_pre=CPDA2u7wzYIDFX4DTwgdcnoHHQ;src=8136673;type=pagehit;cat=imcu-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9879383442839.389?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRHXN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f149.1e100.net
Software
cafe /
Resource Hash
de22750f89cea82841b7b6ead68d8cc193db8fa0c8f3592abdd7cebd250e751c
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.imcu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
253
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 15:39:10 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 15:39:10 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8136673.fls.doubleclick.net/activityi;dc_pre=CPDA2u7wzYIDFX4DTwgdcnoHHQ;src=8136673;type=pagehit;cat=imcu-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9879383442839.389?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CP7U2u7wzYIDFb6h0QQdAyoB-Q;src=8242951;type=pagehit;cat=aimcu006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5781155486274.194
8242951.fls.doubleclick.net/ Frame 1413
Redirect Chain
  • https://8242951.fls.doubleclick.net/activityi;src=8242951;type=pagehit;cat=aimcu006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5781155486274.194?
  • https://8242951.fls.doubleclick.net/activityi;dc_pre=CP7U2u7wzYIDFb6h0QQdAyoB-Q;src=8242951;type=pagehit;cat=aimcu006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5781155486274.194?
487 B
431 B
Document
General
Full URL
https://8242951.fls.doubleclick.net/activityi;dc_pre=CP7U2u7wzYIDFb6h0QQdAyoB-Q;src=8242951;type=pagehit;cat=aimcu006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5781155486274.194?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRHXN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f149.1e100.net
Software
cafe /
Resource Hash
9d9e8457110d2ca22a907b4e96bcba6be1d71d5170631b6ec4df967ec2a9f5e5
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.imcu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
255
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 15:39:10 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 15:39:10 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8242951.fls.doubleclick.net/activityi;dc_pre=CP7U2u7wzYIDFb6h0QQdAyoB-Q;src=8242951;type=pagehit;cat=aimcu006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5781155486274.194?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie-mapper
maprtb.segmint.net/rtb/simpli-fi/ Frame 158F
Redirect Chain
  • https://um.simpli.fi/segmint
  • https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=B1739CCFBA16476C9850EF0653F2DD2B
43 B
412 B
Image
General
Full URL
https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=B1739CCFBA16476C9850EF0653F2DD2B
Requested by
Host: connect.segmint.net
URL: https://connect.segmint.net/iframe/doughnut/en1Er9rn5M
Protocol
HTTP/1.1
Server
54.156.136.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-136-130.compute-1.amazonaws.com
Software
openresty /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Nov 2023 15:39:10 GMT
Server
openresty
X-B3-TraceId
dca78790458e0006
Content-Type
image/gif; charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
X-B3-SpanId
dca78790458e0006
X-B3-Sampled
1
Connection
keep-alive
Content-Length
43
X-Application-Context
cookie-mapper:prod:7077
Expires
0

Redirect headers

date
Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=B1739CCFBA16476C9850EF0653F2DD2B
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 17 Nov 2023 15:39:10 GMT
ec0a3730-0bdd-0139-387d-06abc14c0bc6
tag.simpli.fi/sifitag/ Frame 158F
3 KB
2 KB
Script
General
Full URL
https://tag.simpli.fi/sifitag/ec0a3730-0bdd-0139-387d-06abc14c0bc6
Requested by
Host: connect.segmint.net
URL: https://connect.segmint.net/iframe/doughnut/en1Er9rn5M
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.86.70.109 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
109.70.86.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
173dd338673eb7e21df3c0ff3a86e0f1f752bf33468b01d1d89d09ac39e64132

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 15:39:10 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
x-request-id
F5jBzg54Fz-yILr9LAZE
expires
Thu, 01 Jan 1970 00:00:00 GMT
ee5b6330c3944208b58bc655228eba30.jpg
cdn.segmint.net/
554 KB
554 KB
Image
General
Full URL
https://cdn.segmint.net/ee5b6330c3944208b58bc655228eba30.jpg?cb=863473897
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-20.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8303ffbf48b58f448e60a347abd105d8d1e6d81fff60c3c3b62a55dadac686c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 15:39:11 GMT
Via
1.1 e4319b693fea530a4675a1f616581394.cloudfront.net (CloudFront)
Last-Modified
Tue, 07 Nov 2023 14:43:32 GMT
Server
AmazonS3
X-Amz-Cf-Pop
YUL62-P1
ETag
"aa89bde08ecf0ed8272d3fb441f29e2a"
x-amz-server-side-encryption
AES256
X-Cache
Miss from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
567026
X-Amz-Cf-Id
guzBEcMB8x5BkQ-4g7s8X3q6ONGlHk74txkXwtm-C7Y9iewpi_uxag==
event
connect.segmint.net/ Frame
0
0
Preflight
General
Full URL
https://connect.segmint.net/event
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.67.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-67-236.compute-1.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.imcu.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Auth-Username, X-Auth-Password, X-Auth-New-Password, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
Access-Control-Allow-Origin
https://www.imcu.com
Access-Control-Max-Age
1728000
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Sat, 18 Nov 2023 15:39:08 GMT
Expires
0
P3P
CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info."
Pragma
no-cache
Server
openresty
event
connect.segmint.net/
0
637 B
XHR
General
Full URL
https://connect.segmint.net/event
Requested by
Host: cdn.segmint.net
URL: https://cdn.segmint.net/segmint.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.67.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-67-236.compute-1.amazonaws.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.imcu.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

Pragma
no-cache
Date
Sat, 18 Nov 2023 15:38:56 GMT
Server
openresty
P3P
CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info."
Access-Control-Allow-Origin
https://www.imcu.com
Content-Type
text/plain;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-Application-Context
site-event-receiver-service:prod:7084
Expires
0
en1Er9rn5M
connect.segmint.net/iframe/doughnut/ Frame 7E08
509 B
1 KB
Document
General
Full URL
https://connect.segmint.net/iframe/doughnut/en1Er9rn5M
Requested by
Host: cdn.segmint.net
URL: https://cdn.segmint.net/segmint.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.67.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-67-236.compute-1.amazonaws.com
Software
openresty /
Resource Hash
0aa49cded6c89343a514ac6a5bdf368cc49b43193c968852fa56a9b82e25cb32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.imcu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Language
en-US
Content-Length
307
Content-Type
text/html;charset=UTF-8
Date
Sat, 18 Nov 2023 15:39:08 GMT
Expires
0
P3P
CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info."
Pragma
no-cache
Server
openresty
Vary
Accept-Encoding
X-Application-Context
offer-delivery:prod:7074
X-B3-Sampled
1
X-B3-SpanId
bf5bbc06a29d81e1
X-B3-TraceId
bf5bbc06a29d81e1
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
cookie-mapper
maprtb.segmint.net/rtb/simpli-fi/ Frame 7E08
Redirect Chain
  • https://um.simpli.fi/segmint
  • https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=AD11BC8ED322443E8F37718276809B76
43 B
412 B
Image
General
Full URL
https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=AD11BC8ED322443E8F37718276809B76
Requested by
Host: connect.segmint.net
URL: https://connect.segmint.net/iframe/doughnut/en1Er9rn5M
Protocol
HTTP/1.1
Server
54.156.136.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-136-130.compute-1.amazonaws.com
Software
openresty /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Nov 2023 15:39:10 GMT
Server
openresty
X-B3-TraceId
f1d5c0eed93a9b4a
Content-Type
image/gif; charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
X-B3-SpanId
f1d5c0eed93a9b4a
X-B3-Sampled
1
Connection
keep-alive
Content-Length
43
X-Application-Context
cookie-mapper:prod:7077
Expires
0

Redirect headers

date
Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=AD11BC8ED322443E8F37718276809B76
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 17 Nov 2023 15:39:10 GMT
ec0a3730-0bdd-0139-387d-06abc14c0bc6
tag.simpli.fi/sifitag/ Frame 7E08
3 KB
2 KB
Script
General
Full URL
https://tag.simpli.fi/sifitag/ec0a3730-0bdd-0139-387d-06abc14c0bc6
Requested by
Host: connect.segmint.net
URL: https://connect.segmint.net/iframe/doughnut/en1Er9rn5M
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.86.70.109 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
109.70.86.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
173dd338673eb7e21df3c0ff3a86e0f1f752bf33468b01d1d89d09ac39e64132

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 15:39:10 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
x-request-id
F5jBzhAENbzf6-IVL5kF
expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
www.google-analytics.com/j/
15 B
219 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=327066531&t=pageview&_s=1&dl=https%3A%2F%2Fwww.imcu.com%2F&ul=en-us&de=UTF-8&dt=Indiana%20Members%20Credit%20Union%3A%20Keeping%20It%20Simple&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAAC~&jid=1874321647&gjid=478859456&cid=98233597.1700321949&tid=UA-101576590-3&_gid=50734388.1700321950&_r=1&_slc=1&gtm=45He3b81n71WDRHXNv72671689&gcd=11l1l1l1l1&dma=0&z=407715034
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a5b94a48260f3b7d6b48c4f1a0516a1d3d7bc3e466e4e22b6440348fe46140b0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.imcu.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 15:39:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.imcu.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
external_forms.js
js.callrail.com/companies/903706234/
23 KB
7 KB
Script
General
Full URL
https://js.callrail.com/companies/903706234/external_forms.js?t=1700321950134&
Requested by
Host: cdn.callrail.com
URL: https://cdn.callrail.com/companies/903706234/2b7b80f06241081c703b/12/swap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-85.iad79.r.cloudfront.net
Software
/
Resource Hash
bb520d834b4b8107e8cd589e6fb93cf0fd70c6282bc711c597978eb1598fa40c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 c640b1afa51b342db4c4d96d404a1eda.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
none
x-amz-cf-pop
IAD79-C2
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
x-request-id
973f77d2-b91e-44ed-beed-8b6814078d07
x-runtime
0.002370
referrer-policy
strict-origin-when-cross-origin
etag
W/"bb520d834b4b8107e8cd589e6fb93cf0"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
max-age=0, private, must-revalidate
x-amz-cf-id
7JoTyMk4MupoNdvQPOy1ERvTN8RbYGJ9EF_5Nk8AJHE5lachd2qgBQ==
swap_session.json
js.callrail.com/group/0/2b7b80f06241081c703b/12/
0
0

js
www.googletagmanager.com/gtag/
227 KB
81 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YV4CDMLBMQ&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6c66c5eb9ab098979bb75d6f8b7a9f562e42c9439a98b16e5012b96c8919cf61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82741
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 18 Nov 2023 15:39:10 GMT
/
adservice.google.com/ddm/fls/i/dc_pre=CPDA2u7wzYIDFX4DTwgdcnoHHQ;src=8136673;type=pagehit;cat=imcu-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9879383442839.389;~oref=https://www.imcu.... Frame 4F9E
194 B
440 B
Document
General
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CPDA2u7wzYIDFX4DTwgdcnoHHQ;src=8136673;type=pagehit;cat=imcu-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9879383442839.389;~oref=https://www.imcu.com/
Requested by
Host: 8136673.fls.doubleclick.net
URL: https://8136673.fls.doubleclick.net/activityi;dc_pre=CPDA2u7wzYIDFX4DTwgdcnoHHQ;src=8136673;type=pagehit;cat=imcu-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9879383442839.389?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8136673.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
85
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 15:39:10 GMT
expires
Sat, 18 Nov 2023 15:39:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
adservice.google.com/ddm/fls/i/dc_pre=CP7U2u7wzYIDFb6h0QQdAyoB-Q;src=8242951;type=pagehit;cat=aimcu006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5781155486274.194;~oref=https://www.imc... Frame 6CB8
194 B
150 B
Document
General
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CP7U2u7wzYIDFb6h0QQdAyoB-Q;src=8242951;type=pagehit;cat=aimcu006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5781155486274.194;~oref=https://www.imcu.com/
Requested by
Host: 8242951.fls.doubleclick.net
URL: https://8242951.fls.doubleclick.net/activityi;dc_pre=CP7U2u7wzYIDFb6h0QQdAyoB-Q;src=8242951;type=pagehit;cat=aimcu006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5781155486274.194?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8242951.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
85
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 15:39:10 GMT
expires
Sat, 18 Nov 2023 15:39:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-YV4CDMLBMQ&gtm=45je3b81v9124186657&_p=1700321948368&gcd=11l1l1l1l2&dma=0&ul=en-us&sr=1600x1200&cid=98233597.1700321949&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.imcu.com%2F&dt=Indiana%20Members%20Credit%20Union%3A%20Keeping%20It%20Simple&sid=1700321950&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2398
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YV4CDMLBMQ&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.imcu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 15:39:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.imcu.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p
i.simpli.fi/ Frame 7E08
804 B
767 B
Script
General
Full URL
https://i.simpli.fi/p?cid=283320&cb=sifi_att_27612299117._hp
Requested by
Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/ec0a3730-0bdd-0139-387d-06abc14c0bc6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.86.70.109 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
109.70.86.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
b40ca771601612c31b766c4d2832765849d664971039722319cbd79f9fe15058

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 15:39:10 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
expires
Thu, 01 Jan 1970 00:00:00 GMT
p
i.simpli.fi/ Frame 158F
804 B
766 B
Script
General
Full URL
https://i.simpli.fi/p?cid=283320&cb=sifi_att_27612299117._hp
Requested by
Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/ec0a3730-0bdd-0139-387d-06abc14c0bc6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.86.70.109 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
109.70.86.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
32b22d2da0448a339ab64e56f8502a00c34a301cff780cf1000bf30eee8f534e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 15:39:10 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
expires
Thu, 01 Jan 1970 00:00:00 GMT
cs
cs.lkqd.net/ Frame 7E08
Redirect Chain
  • https://um.simpli.fi/smaato
  • https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=7A19DEE67BE241A5943EDCFDDB79585D
  • https://cs.lkqd.net/cs?partnerId=109&partnerUserId=6643b14a89&gdpr=0&gdpr_consent=
43 B
521 B
Image
General
Full URL
https://cs.lkqd.net/cs?partnerId=109&partnerUserId=6643b14a89&gdpr=0&gdpr_consent=
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:10 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

date
Sat, 18 Nov 2023 15:39:10 GMT
via
1.1 782e548cb0b1b64c63d995fc59568b48.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
IAD89-P2
x-cache
Miss from cloudfront
location
https://cs.lkqd.net/cs?partnerId=109&partnerUserId=6643b14a89&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
3gi1BxEuC2maRmYGLXzdVSl-ER7MqVqHqSl_5T_4yd22vVlOFclEqQ==
RX-506e20de-f929-4192-b618-3434c841a280-005
sync.targeting.unrulymedia.com/csync/ Frame 7E08
Redirect Chain
  • https://um.simpli.fi/nexxen
  • https://sync.1rx.io/usersync/simplifi/7A19DEE67BE241A5943EDCFDDB79585D
  • https://sync.1rx.io/usersync/simplifi/7A19DEE67BE241A5943EDCFDDB79585D?zcc=1&cb=1700321950523
  • https://sync.targeting.unrulymedia.com/csync/RX-506e20de-f929-4192-b618-3434c841a280-005
43 B
452 B
Image
General
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-506e20de-f929-4192-b618-3434c841a280-005
Protocol
HTTP/1.1
Server
199.127.204.171 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 15:39:10 GMT
Server
Tengine
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Sat, 18 Nov 2023 15:39:10 GMT
Server
Tengine
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-506e20de-f929-4192-b618-3434c841a280-005
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
xuid
eb2.3lift.com/ Frame 7E08
Redirect Chain
  • https://um.simpli.fi/triplelift
  • https://eb2.3lift.com/xuid?mid=7969&xuid=7A19DEE67BE241A5943EDCFDDB79585D&dongle=yf3
  • https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=7A19DEE67BE241A5943EDCFDDB79585D&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=7A19DEE67BE241A5943EDCFDDB79585D&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 18 Nov 2023 15:39:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7969&xuid=7A19DEE67BE241A5943EDCFDDB79585D&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
date
Sat, 18 Nov 2023 15:39:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
simplifi.partners.tremorhub.com/ Frame 7E08
Redirect Chain
  • https://um.simpli.fi/telaria_p
  • https://simplifi.partners.tremorhub.com/sync?UISF=7A19DEE67BE241A5943EDCFDDB79585D
43 B
175 B
Image
General
Full URL
https://simplifi.partners.tremorhub.com/sync?UISF=7A19DEE67BE241A5943EDCFDDB79585D
Protocol
H2
Server
2600:1f18:612b:4216:d296:b4ab:44c7:4070 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Sat, 18 Nov 2023 15:39:10 GMT
server
nginx
content-type
image/gif

Redirect headers

date
Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://simplifi.partners.tremorhub.com/sync?UISF=7A19DEE67BE241A5943EDCFDDB79585D
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 17 Nov 2023 15:39:10 GMT
check
pixel.tapad.com/idsync/ex/receive/ Frame 7E08
Redirect Chain
  • https://um.simpli.fi/tapad
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=7A19DEE67BE241A5943EDCFDDB79585D
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=7A19DEE67BE241A5943EDCFDDB79585D
95 B
436 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=7A19DEE67BE241A5943EDCFDDB79585D
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=7A19DEE67BE241A5943EDCFDDB79585D
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
empty.gif
um.simpli.fi/ Frame 7E08
Redirect Chain
  • https://um.simpli.fi/ad_advisor
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=7A19DEE67BE241A5943EDCFDDB79585D
  • https://d.agkn.com/pixel/10751/?che=1700321950531&ip=96.9.249.35&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D214700604704007979242
  • https://um.simpli.fi/aa_px?sk=214700604704007979242
  • https://um.simpli.fi/empty.gif
43 B
361 B
Image
General
Full URL
https://um.simpli.fi/empty.gif
Protocol
H2
Server
34.150.170.96 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
96.170.150.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43

Redirect headers

date
Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
/empty.gif
access-control-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame 7E08
Redirect Chain
  • https://um.simpli.fi/intentiq
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=7A19DEE67BE241A5943EDCFDDB79585D
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=7A19DEE67BE241A5943EDCFDDB79585D&ckls=true&ci=wAgUVC59Em&nc=false&trid=-1103931988
43 B
562 B
Image
General
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=7A19DEE67BE241A5943EDCFDDB79585D&ckls=true&ci=wAgUVC59Em&nc=false&trid=-1103931988
Protocol
H2
Server
13.225.195.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-89.yul62.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 15:39:10 GMT
via
1.1 a1ba4b0527e41da66664ba375de24b7c.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
YUL62-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
2drMLsvfdjMt1npcjDO6gwcZ5K_IT1cHmkVvn1njtsreqaH1pXmCiQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 15:39:10 GMT
via
1.1 ae9634deb2e9d6f8d396fc6f1e0586fa.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
EWR53-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=7A19DEE67BE241A5943EDCFDDB79585D&ckls=true&ci=wAgUVC59Em&nc=false&trid=-1103931988
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
hCTQ-QQnhrw8ZXUmEifpqBHf5cD9GHYVhvh_-zwAeIA4MaAFkVZIHQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 7E08
Redirect Chain
  • https://um.simpli.fi/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:7A19DEE67BE241A5943EDCFDDB79585D
42 B
554 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:7A19DEE67BE241A5943EDCFDDB79585D
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 18 Nov 2023 15:39:08 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:7A19DEE67BE241A5943EDCFDDB79585D
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 17 Nov 2023 15:39:10 GMT
user-registering
ads.stickyadstv.com/ Frame 7E08
Redirect Chain
  • https://um.simpli.fi/freewheel
  • https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=7A19DEE67BE241A5943EDCFDDB79585D
43 B
651 B
Image
General
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=7A19DEE67BE241A5943EDCFDDB79585D
Protocol
HTTP/1.1
Server
63.251.28.133 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Nov 2023 15:39:10 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1700321950489035-255

Redirect headers

date
Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=7A19DEE67BE241A5943EDCFDDB79585D
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 17 Nov 2023 15:39:10 GMT
engine
pbid.pro-market.net/ Frame 7E08
Redirect Chain
  • https://um.simpli.fi/dtnx
  • https://fei.pro-market.net/engine?du=24;csync=7A19DEE67BE241A5943EDCFDDB79585D;mimetype=img;
  • https://fei.pro-market.net/engine?du=24;csync=7A19DEE67BE241A5943EDCFDDB79585D;mimetype=img;sr
  • https://cms.analytics.yahoo.com/cms?partner_id=DATCS
  • https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS
  • https://pbid.pro-market.net/engine?du=81&mimetype=img&csync=y-FabFtFtE2pSrdkzIlJLIKt6hY1TSgT9gUjU-~A
43 B
418 B
Image
General
Full URL
https://pbid.pro-market.net/engine?du=81&mimetype=img&csync=y-FabFtFtE2pSrdkzIlJLIKt6hY1TSgT9gUjU-~A
Protocol
H2
Server
2600:1901:0:8eee:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 15:39:10 GMT
via
1.1 google
server
Apache-Coyote/1.1
anserver
gapp2
content-type
image/gif
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
43
expires
Mon, 1 Jan 1990 0:0:0 GMT

Redirect headers

location
https://pbid.pro-market.net/engine?du=81&mimetype=img&csync=y-FabFtFtE2pSrdkzIlJLIKt6hY1TSgT9gUjU-~A
date
Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
loadm.exelator.com/load/ Frame 7E08
Redirect Chain
  • https://um.simpli.fi/exelatem
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=7A19DEE67BE241A5943EDCFDDB79585D&j=0
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=7A19DEE67BE241A5943EDCFDDB79585D&j=0&xl8blockcheck=1
0
771 B
Image
General
Full URL
https://loadm.exelator.com/load/?p=204&g=2191&simid=7A19DEE67BE241A5943EDCFDDB79585D&j=0&xl8blockcheck=1
Protocol
H2
Server
44.238.141.43 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-141-43.us-west-2.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:10 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Sat, 18 Nov 2023 15:39:10 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadm.exelator.com/load/?p=204&g=2191&simid=7A19DEE67BE241A5943EDCFDDB79585D&j=0&xl8blockcheck=1
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
sync
ups.analytics.yahoo.com/ups/55964/ Frame 7E08
Redirect Chain
  • https://um.simpli.fi/yahoo
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=7A19DEE67BE241A5943EDCFDDB79585D
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=7A19DEE67BE241A5943EDCFDDB79585D&verify=true
0
121 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/55964/sync?uid=7A19DEE67BE241A5943EDCFDDB79585D&verify=true
Protocol
H2
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55964/sync?uid=7A19DEE67BE241A5943EDCFDDB79585D&verify=true
date
Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
sync.bfmio.com/ Frame 7E08
Redirect Chain
  • https://um.simpli.fi/beachfront
  • https://sync.bfmio.com/sync?pid=141&uid=7A19DEE67BE241A5943EDCFDDB79585D
0
421 B
Image
General
Full URL
https://sync.bfmio.com/sync?pid=141&uid=7A19DEE67BE241A5943EDCFDDB79585D
Protocol
HTTP/1.1
Server
52.2.62.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-62-184.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Connection
keep-alive
Date
Sat, 18 Nov 2023 15:39:10 GMT

Redirect headers

date
Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://sync.bfmio.com/sync?pid=141&uid=7A19DEE67BE241A5943EDCFDDB79585D
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 17 Nov 2023 15:39:10 GMT
29931
stags.bluekai.com/site/ Frame 7E08
Redirect Chain
  • https://um.simpli.fi/bluekai
  • https://stags.bluekai.com/site/29931?id=7A19DEE67BE241A5943EDCFDDB79585D
62 B
445 B
Image
General
Full URL
https://stags.bluekai.com/site/29931?id=7A19DEE67BE241A5943EDCFDDB79585D
Protocol
H2
Server
23.220.120.241 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-120-241.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Sat, 18 Nov 2023 15:39:10 GMT
content-length
62
content-type
image/gif

Redirect headers

date
Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://stags.bluekai.com/site/29931?id=7A19DEE67BE241A5943EDCFDDB79585D
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 17 Nov 2023 15:39:10 GMT
tpid=7A19DEE67BE241A5943EDCFDDB79585D
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/ Frame 7E08
Redirect Chain
  • https://um.simpli.fi/crwdcntrl
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=7A19DEE67BE241A5943EDCFDDB79585D
  • https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=7A19DEE67BE241A5943EDCFDDB79585D
49 B
265 B
Image
General
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=7A19DEE67BE241A5943EDCFDDB79585D
Protocol
H2
Server
34.236.173.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-173-204.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 15:39:10 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.60.202
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 15:39:10 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=7A19DEE67BE241A5943EDCFDDB79585D
cache-control
no-cache
x-server
10.40.15.180
content-length
0
expires
0
merge
ce.lijit.com/ Frame 7E08
Redirect Chain
  • https://um.simpli.fi/lj_match
  • https://ce.lijit.com/merge?pid=2&3pid=7A19DEE67BE241A5943EDCFDDB79585D
  • https://ce.lijit.com/merge?pid=2&3pid=7A19DEE67BE241A5943EDCFDDB79585D&dnr=1
43 B
679 B
Image
General
Full URL
https://ce.lijit.com/merge?pid=2&3pid=7A19DEE67BE241A5943EDCFDDB79585D&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Nov 2023 15:39:10 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 18 Nov 2023 15:39:10 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=2&3pid=7A19DEE67BE241A5943EDCFDDB79585D&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
396846.gif
idsync.rlcdn.com/ Frame 7E08
Redirect Chain
  • https://um.simpli.fi/liveramp_match
  • https://idsync.rlcdn.com/419566.gif?partner_uid=7A19DEE67BE241A5943EDCFDDB79585D
  • https://idsync.rlcdn.com/1000.gif?memo=CO7NGRIrCicIARDuJBogN0ExOURFRTY3QkUyNDFBNTk0M0VEQ0ZEREI3OTU4NUQQABoNCJ6146oGEgUI6AcQAEIASgA
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=6c7f2129-509e-47a6-94fe-a420a7ada107
42 B
60 B
Image
General
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=6c7f2129-509e-47a6-94fe-a420a7ada107
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:10 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sat, 18 Nov 2023 15:39:10 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=6c7f2129-509e-47a6-94fe-a420a7ada107
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
www.google.com/pagead/1p-conversion/1026675585/ Frame 7E08
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1700321950347&cv=7&fst=1700321950347&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=909029185&cv=7&fst=1700321950347&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=n...
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=909029185&cv=7&fst=1700321950347&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIguvy7v...
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-conversion/1026675585/?random=909029185&cv=7&fst=1700321950347&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIguvy7vDNggMVh5GfCh38jQGx&is_vtc=1&ocp_id=ntpYZYKkHYej_gT8m4aICw&cid=CAQSKQDICaaN5RSAqiTvBrlPoQq_klCSJzInU65MvI9WKVIib0n3GRrsXJ0S&random=1958178566
Protocol
H2
Server
2607:f8b0:4004:c07::68 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 15:39:10 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 15:39:10 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://www.google.com/pagead/1p-conversion/1026675585/?random=909029185&cv=7&fst=1700321950347&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIguvy7vDNggMVh5GfCh38jQGx&is_vtc=1&ocp_id=ntpYZYKkHYej_gT8m4aICw&cid=CAQSKQDICaaN5RSAqiTvBrlPoQq_klCSJzInU65MvI9WKVIib0n3GRrsXJ0S&random=1958178566
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
spotx_match
um.simpli.fi/ Frame 7E08
0
272 B
Image
General
Full URL
https://um.simpli.fi/spotx_match
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.150.170.96 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
96.170.150.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
setuid
ib.adnxs.com/ Frame 7E08
Redirect Chain
  • https://um.simpli.fi/an
  • https://ib.adnxs.com/setuid?entity=66&code=7A19DEE67BE241A5943EDCFDDB79585D
43 B
847 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=66&code=7A19DEE67BE241A5943EDCFDDB79585D
Protocol
H2
Server
68.67.161.182 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 15:39:10 GMT
an-x-request-uuid
44ba9aa6-04e0-4172-99e4-8e32975e2661
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.35; 96.9.249.35; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

date
Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ib.adnxs.com/setuid?entity=66&code=7A19DEE67BE241A5943EDCFDDB79585D
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 17 Nov 2023 15:39:10 GMT
tap.php
pixel.rubiconproject.com/ Frame 7E08
Redirect Chain
  • https://um.simpli.fi/rb_match
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=7A19DEE67BE241A5943EDCFDDB79585D&expires=365
42 B
775 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=7A19DEE67BE241A5943EDCFDDB79585D&expires=365
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
574abe46412f7df61ec8713ff1a5b646
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=7A19DEE67BE241A5943EDCFDDB79585D&expires=365
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 17 Nov 2023 15:39:10 GMT
sd
us-u.openx.net/w/1.0/ Frame 7E08
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=7A19DEE67BE241A5943EDCFDDB79585D
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=7A19DEE67BE241A5943EDCFDDB79585D
43 B
180 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=7A19DEE67BE241A5943EDCFDDB79585D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 15:39:10 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=7A19DEE67BE241A5943EDCFDDB79585D
date
Sat, 18 Nov 2023 15:39:10 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
g_match
um.simpli.fi/ Frame 7E08
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEPKZkgkfoEAYKjC626_KFVI&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7A19DEE67BE241A5943EDCFDDB79585D
  • https://um.simpli.fi/g_match?id=
0
320 B
Image
General
Full URL
https://um.simpli.fi/g_match?id=
Protocol
H2
Server
34.150.170.96 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
96.170.150.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Fri, 17 Nov 2023 15:39:10 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 15:39:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://um.simpli.fi/g_match?id=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
229
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cs
cs.lkqd.net/ Frame 158F
Redirect Chain
  • https://um.simpli.fi/smaato
  • https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=7A19DEE67BE241A5943EDCFDDB79585D
  • https://cs.lkqd.net/cs?partnerId=109&partnerUserId=cfb443f2e2&gdpr=0&gdpr_consent=
43 B
520 B
Image
General
Full URL
https://cs.lkqd.net/cs?partnerId=109&partnerUserId=cfb443f2e2&gdpr=0&gdpr_consent=
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:10 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

date
Sat, 18 Nov 2023 15:39:10 GMT
via
1.1 782e548cb0b1b64c63d995fc59568b48.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
IAD89-P2
x-cache
Miss from cloudfront
location
https://cs.lkqd.net/cs?partnerId=109&partnerUserId=cfb443f2e2&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
_ysTX82wMEwBUdc9QpoejeireohEsCNQcmZiyFnK_5lXtwUfZ1m8CQ==
RX-7f59a218-9230-46b3-b127-e5c5cef621da-005
sync.targeting.unrulymedia.com/csync/ Frame 158F
Redirect Chain
  • https://um.simpli.fi/nexxen
  • https://sync.1rx.io/usersync/simplifi/7A19DEE67BE241A5943EDCFDDB79585D
  • https://sync.1rx.io/usersync/simplifi/7A19DEE67BE241A5943EDCFDDB79585D?zcc=1&cb=1700321950556
  • https://sync.targeting.unrulymedia.com/csync/RX-7f59a218-9230-46b3-b127-e5c5cef621da-005
43 B
452 B
Image
General
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-7f59a218-9230-46b3-b127-e5c5cef621da-005
Protocol
HTTP/1.1
Server
199.127.204.171 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 15:39:10 GMT
Server
Tengine
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Sat, 18 Nov 2023 15:39:10 GMT
Server
Tengine
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-7f59a218-9230-46b3-b127-e5c5cef621da-005
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
xuid
eb2.3lift.com/ Frame 158F
Redirect Chain
  • https://um.simpli.fi/triplelift
  • https://eb2.3lift.com/xuid?mid=7969&xuid=7A19DEE67BE241A5943EDCFDDB79585D&dongle=yf3
  • https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=7A19DEE67BE241A5943EDCFDDB79585D&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=7A19DEE67BE241A5943EDCFDDB79585D&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 18 Nov 2023 15:39:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7969&xuid=7A19DEE67BE241A5943EDCFDDB79585D&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
date
Sat, 18 Nov 2023 15:39:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
simplifi.partners.tremorhub.com/ Frame 158F
Redirect Chain
  • https://um.simpli.fi/telaria_p
  • https://simplifi.partners.tremorhub.com/sync?UISF=7A19DEE67BE241A5943EDCFDDB79585D
43 B
174 B
Image
General
Full URL
https://simplifi.partners.tremorhub.com/sync?UISF=7A19DEE67BE241A5943EDCFDDB79585D
Protocol
H2
Server
2600:1f18:612b:4216:d296:b4ab:44c7:4070 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Sat, 18 Nov 2023 15:39:10 GMT
server
nginx
content-type
image/gif

Redirect headers

date
Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://simplifi.partners.tremorhub.com/sync?UISF=7A19DEE67BE241A5943EDCFDDB79585D
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 17 Nov 2023 15:39:10 GMT
check
pixel.tapad.com/idsync/ex/receive/ Frame 158F
Redirect Chain
  • https://um.simpli.fi/tapad
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=7A19DEE67BE241A5943EDCFDDB79585D
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=7A19DEE67BE241A5943EDCFDDB79585D
95 B
425 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=7A19DEE67BE241A5943EDCFDDB79585D
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=7A19DEE67BE241A5943EDCFDDB79585D
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
empty.gif
um.simpli.fi/ Frame 158F
Redirect Chain
  • https://um.simpli.fi/ad_advisor
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=7A19DEE67BE241A5943EDCFDDB79585D
  • https://d.agkn.com/pixel/10751/?che=1700321950529&ip=96.9.249.35&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D212630604704007984171
  • https://um.simpli.fi/aa_px?sk=212630604704007984171
  • https://um.simpli.fi/empty.gif
43 B
361 B
Image
General
Full URL
https://um.simpli.fi/empty.gif
Protocol
H2
Server
34.150.170.96 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
96.170.150.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43

Redirect headers

date
Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
/empty.gif
access-control-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame 158F
Redirect Chain
  • https://um.simpli.fi/intentiq
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=7A19DEE67BE241A5943EDCFDDB79585D
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=7A19DEE67BE241A5943EDCFDDB79585D&ckls=true&ci=9mCowxeomW&nc=false&trid=-639575343
43 B
1 KB
Image
General
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=7A19DEE67BE241A5943EDCFDDB79585D&ckls=true&ci=9mCowxeomW&nc=false&trid=-639575343
Protocol
H2
Server
13.225.195.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-89.yul62.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 15:39:10 GMT
via
1.1 a1ba4b0527e41da66664ba375de24b7c.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
YUL62-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
dGpatDHiArvNlXQ_l_VUXkR1OAcu-LAOawIPMkOKyzaZZRVU15rjtg==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 15:39:10 GMT
via
1.1 ae9634deb2e9d6f8d396fc6f1e0586fa.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
EWR53-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=7A19DEE67BE241A5943EDCFDDB79585D&ckls=true&ci=9mCowxeomW&nc=false&trid=-639575343
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
WROg6hUgs89E2BAkXzTGLwuPbT_eKJkFuHvIpPgZTPU8JSq4l4aD8Q==
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 158F
Redirect Chain
  • https://um.simpli.fi/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:7A19DEE67BE241A5943EDCFDDB79585D
42 B
405 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:7A19DEE67BE241A5943EDCFDDB79585D
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 18 Nov 2023 15:39:09 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:7A19DEE67BE241A5943EDCFDDB79585D
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 17 Nov 2023 15:39:10 GMT
user-registering
ads.stickyadstv.com/ Frame 158F
Redirect Chain
  • https://um.simpli.fi/freewheel
  • https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=7A19DEE67BE241A5943EDCFDDB79585D
43 B
656 B
Image
General
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=7A19DEE67BE241A5943EDCFDDB79585D
Protocol
HTTP/1.1
Server
63.251.28.133 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Nov 2023 15:39:10 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1700321950523063-1163

Redirect headers

date
Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=7A19DEE67BE241A5943EDCFDDB79585D
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 17 Nov 2023 15:39:10 GMT
400646.gif
idsync.rlcdn.com/ Frame 158F
Redirect Chain
  • https://um.simpli.fi/dtnx
  • https://fei.pro-market.net/engine?du=24;csync=7A19DEE67BE241A5943EDCFDDB79585D;mimetype=img;
  • https://fei.pro-market.net/engine?du=24;csync=7A19DEE67BE241A5943EDCFDDB79585D;mimetype=img;sr
  • https://idsync.rlcdn.com/400646.gif?partner_uid=850954027848977010
42 B
60 B
Image
General
Full URL
https://idsync.rlcdn.com/400646.gif?partner_uid=850954027848977010
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:10 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 15:39:10 GMT
via
1.1 google
server
Apache-Coyote/1.1
anserver
gapp7.us1
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
*
location
https://idsync.rlcdn.com/400646.gif?partner_uid=850954027848977010
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
expires
Mon, 1 Jan 1990 0:0:0 GMT
/
loadm.exelator.com/load/ Frame 158F
Redirect Chain
  • https://um.simpli.fi/exelatem
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=7A19DEE67BE241A5943EDCFDDB79585D&j=0
0
93 B
Image
General
Full URL
https://loadm.exelator.com/load/?p=204&g=2191&simid=7A19DEE67BE241A5943EDCFDDB79585D&j=0
Protocol
H2
Server
44.238.141.43 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-141-43.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:11 GMT
server
nginx
server-timing
total;dur=0.500
etag
"60ed0efd-0"

Redirect headers

date
Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://loadm.exelator.com/load/?p=204&g=2191&simid=7A19DEE67BE241A5943EDCFDDB79585D&j=0
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 17 Nov 2023 15:39:10 GMT
sync
ups.analytics.yahoo.com/ups/55964/ Frame 158F
Redirect Chain
  • https://um.simpli.fi/yahoo
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=7A19DEE67BE241A5943EDCFDDB79585D
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=7A19DEE67BE241A5943EDCFDDB79585D&verify=true
0
17 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/55964/sync?uid=7A19DEE67BE241A5943EDCFDDB79585D&verify=true
Protocol
H2
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55964/sync?uid=7A19DEE67BE241A5943EDCFDDB79585D&verify=true
date
Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
sync.bfmio.com/ Frame 158F
Redirect Chain
  • https://um.simpli.fi/beachfront
  • https://sync.bfmio.com/sync?pid=141&uid=7A19DEE67BE241A5943EDCFDDB79585D
0
421 B
Image
General
Full URL
https://sync.bfmio.com/sync?pid=141&uid=7A19DEE67BE241A5943EDCFDDB79585D
Protocol
HTTP/1.1
Server
52.2.62.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-62-184.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Connection
keep-alive
Date
Sat, 18 Nov 2023 15:39:09 GMT

Redirect headers

date
Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://sync.bfmio.com/sync?pid=141&uid=7A19DEE67BE241A5943EDCFDDB79585D
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 17 Nov 2023 15:39:10 GMT
29931
stags.bluekai.com/site/ Frame 158F
Redirect Chain
  • https://um.simpli.fi/bluekai
  • https://stags.bluekai.com/site/29931?id=7A19DEE67BE241A5943EDCFDDB79585D
62 B
445 B
Image
General
Full URL
https://stags.bluekai.com/site/29931?id=7A19DEE67BE241A5943EDCFDDB79585D
Protocol
H2
Server
23.220.120.241 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-120-241.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Sat, 18 Nov 2023 15:39:10 GMT
content-length
62
content-type
image/gif

Redirect headers

date
Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://stags.bluekai.com/site/29931?id=7A19DEE67BE241A5943EDCFDDB79585D
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 17 Nov 2023 15:39:10 GMT
tpid=7A19DEE67BE241A5943EDCFDDB79585D
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/ Frame 158F
Redirect Chain
  • https://um.simpli.fi/crwdcntrl
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=7A19DEE67BE241A5943EDCFDDB79585D
  • https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=7A19DEE67BE241A5943EDCFDDB79585D
49 B
544 B
Image
General
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=7A19DEE67BE241A5943EDCFDDB79585D
Protocol
H2
Server
34.236.173.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-173-204.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 15:39:10 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.0.240
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 15:39:10 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=7A19DEE67BE241A5943EDCFDDB79585D
cache-control
no-cache
x-server
10.40.54.222
content-length
0
expires
0
merge
ce.lijit.com/ Frame 158F
Redirect Chain
  • https://um.simpli.fi/lj_match
  • https://ce.lijit.com/merge?pid=2&3pid=7A19DEE67BE241A5943EDCFDDB79585D
  • https://ce.lijit.com/merge?pid=2&3pid=7A19DEE67BE241A5943EDCFDDB79585D&dnr=1
43 B
679 B
Image
General
Full URL
https://ce.lijit.com/merge?pid=2&3pid=7A19DEE67BE241A5943EDCFDDB79585D&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Nov 2023 15:39:10 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 18 Nov 2023 15:39:10 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=2&3pid=7A19DEE67BE241A5943EDCFDDB79585D&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
/
p.adsymptotic.com/d/px/ Frame 158F
Redirect Chain
  • https://um.simpli.fi/liveramp_match
  • https://idsync.rlcdn.com/419566.gif?partner_uid=7A19DEE67BE241A5943EDCFDDB79585D
  • https://pippio.com/api/sync?pid=5324&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpGgwInrXjqgYSBAgCEABCAEoA
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpGgwInrXjqgYSBAgCEABCAEoA&google_gid=CAESED6LKGBVM5_zQ6L7PEp2cfw&google_cver=1
  • https://p.adsymptotic.com/d/px/?_pid=16257&_psign=5a9f251662be469b9732c38b03f11952&_redirect=https%3A%2F%2Fpippio.com%2Fapi%2Fsync%3Fpid%3D710202%26it%3D1%26iv%3D%24%7BUUID%7D&_rand=03548031
0
0

spotx_match
um.simpli.fi/ Frame 158F
0
272 B
Image
General
Full URL
https://um.simpli.fi/spotx_match
Requested by
Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/ec0a3730-0bdd-0139-387d-06abc14c0bc6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.150.170.96 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
96.170.150.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
setuid
ib.adnxs.com/ Frame 158F
Redirect Chain
  • https://um.simpli.fi/an
  • https://ib.adnxs.com/setuid?entity=66&code=7A19DEE67BE241A5943EDCFDDB79585D
43 B
847 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=66&code=7A19DEE67BE241A5943EDCFDDB79585D
Protocol
H2
Server
68.67.161.182 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 15:39:10 GMT
an-x-request-uuid
90da5ba1-a06c-4350-83f6-c8b6c1fd66fd
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.35; 96.9.249.35; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

date
Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ib.adnxs.com/setuid?entity=66&code=7A19DEE67BE241A5943EDCFDDB79585D
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 17 Nov 2023 15:39:10 GMT
tap.php
pixel.rubiconproject.com/ Frame 158F
Redirect Chain
  • https://um.simpli.fi/rb_match
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=7A19DEE67BE241A5943EDCFDDB79585D&expires=365
42 B
775 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=7A19DEE67BE241A5943EDCFDDB79585D&expires=365
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
2fcb300b847bad3e7dd1184ec8a1c2f5
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=7A19DEE67BE241A5943EDCFDDB79585D&expires=365
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 17 Nov 2023 15:39:10 GMT
sd
us-u.openx.net/w/1.0/ Frame 158F
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=7A19DEE67BE241A5943EDCFDDB79585D
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=7A19DEE67BE241A5943EDCFDDB79585D
43 B
106 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=7A19DEE67BE241A5943EDCFDDB79585D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 15:39:10 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=7A19DEE67BE241A5943EDCFDDB79585D
date
Sat, 18 Nov 2023 15:39:10 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
g_match
um.simpli.fi/ Frame 158F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
  • https://um.simpli.fi/g_match?id=&google_gid=CAESELljDJI_IgQDAG-hFutel_g&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7A19DEE67BE241A5943EDCFDDB79585D
  • https://um.simpli.fi/g_match?id=
0
320 B
Image
General
Full URL
https://um.simpli.fi/g_match?id=
Protocol
H2
Server
34.150.170.96 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
96.170.150.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:39:10 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Fri, 17 Nov 2023 15:39:10 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 15:39:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://um.simpli.fi/g_match?id=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
229
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-conversion/1026675585/ Frame 158F
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1700321950350&cv=7&fst=1700321950350&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=503273521&cv=7&fst=1700321950350&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=n...
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=503273521&cv=7&fst=1700321950350&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI5fHy7v...
42 B
455 B
Image
General
Full URL
https://www.google.com/pagead/1p-conversion/1026675585/?random=503273521&cv=7&fst=1700321950350&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI5fHy7vDNggMV0AZoCB1neAch&is_vtc=1&ocp_id=ntpYZeWqHdCNoPMP5_CdiAI&cid=CAQSKQDICaaNZg33BU6892kMPGjsECTv9OrhThLvpygP1msk6VGq3d3zTHs_&random=4278094487
Protocol
H2
Server
2607:f8b0:4004:c07::68 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://connect.segmint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 15:39:10 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 15:39:10 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://www.google.com/pagead/1p-conversion/1026675585/?random=503273521&cv=7&fst=1700321950350&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI5fHy7vDNggMV0AZoCB1neAch&is_vtc=1&ocp_id=ntpYZeWqHdCNoPMP5_CdiAI&cid=CAQSKQDICaaNZg33BU6892kMPGjsECTv9OrhThLvpygP1msk6VGq3d3zTHs_&random=4278094487
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
analytics.tiktok.com
URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CE7OEJRC77UA05OMSG6G&lib=ttq
Domain
www.surveycarrot.com
URL
https://www.surveycarrot.com/js/image_view.js
Domain
js.callrail.com
URL
https://js.callrail.com/group/0/2b7b80f06241081c703b/12/swap_session.json
Domain
p.adsymptotic.com
URL
https://p.adsymptotic.com/d/px/?_pid=16257&_psign=5a9f251662be469b9732c38b03f11952&_redirect=https%3A%2F%2Fpippio.com%2Fapi%2Fsync%3Fpid%3D710202%26it%3D1%26iv%3D%24%7BUUID%7D&_rand=03548031

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| documentPictureInPicture object| $egmint function| gtag object| dataLayer function| $ function| jQuery object| google_tag_manager object| google_tag_data object| jha function| postscribe object| google_tag_manager_external function| onYouTubeIframeAPIReady object| gaGlobal function| checkTrackStatus string| TiktokAnalyticsObject object| ttq function| __defProp function| __getOwnPropSymbols function| __hasOwnProp function| __propIsEnum function| __defNormalProp function| __spreadValues object| __aiq undefined| __oldDefine undefined| define string| ad_idt object| bootbox object| $jscomp object| banno function| setDisclaimerVerbiage string| defaultDisclaimerMessage function| createCookie function| readCookie function| eraseCookie function| waitForElementToDisplay function| setEqualHeights function| heroCropper function| setCategory function| viewportAnimation function| welcomeStep1 function| welcomeStep2 function| welcomeStep3 function| clearAllWelcomes function| setParallaxEffect function| setFooterItemsOpen function| setAnimations object| $body object| $bodyhtml object| $slider object| $logo object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched object| parsley function| SmartBanner function| fbq function| _fbq object| com function| setCanTrackTrue string| GoogleAnalyticsObject function| ga function| cookieDrop string| axel number| a object| gaplugins object| gaData function| CallTrkSwap function| CallTrk

65 Cookies

Domain/Path Name / Value
www.imcu.com/ Name: PLAY_SESSION
Value: 61c522b509deb39b11b286c8afcb935f26615d4a-v=1
.adnxs.com/ Name: uuid2
Value: 1064269266825681869
.imcu.com/ Name: _ga_Q04TV61VH4
Value: GS1.1.1700321948.1.0.1700321948.60.0.0
.imcu.com/ Name: _gcl_au
Value: 1.1.212071980.1700321949
.imcu.com/ Name: _fbp
Value: fb.1.1700321949561.433224565
.imcu.com/ Name: _ga
Value: GA1.2.98233597.1700321949
.imcu.com/ Name: _gid
Value: GA1.2.50734388.1700321950
.segmint.net/ Name: SegmintId
Value: 33caa11e34c2467982d8c9362bcb05af
.imcu.com/ Name: _gat_UA-101576590-3
Value: 1
.simpli.fi/ Name: suid
Value: 7A19DEE67BE241A5943EDCFDDB79585D
.imcu.com/ Name: calltrk_referrer
Value: direct
.imcu.com/ Name: calltrk_landing
Value: https%3A//www.imcu.com/
.imcu.com/ Name: calltrk_session_id
Value: f3c21c53-59d3-460e-a0bc-5124faf8751b
.imcu.com/ Name: calltrk_fcid
Value: dd61c87d-af39-478f-8c87-4d8475f67ef3
.imcu.com/ Name: _ga_YV4CDMLBMQ
Value: GS1.2.1700321950.1.0.1700321950.0.0.0
.simpli.fi/ Name: uid_syncd_secure
Value: true
.doubleclick.net/ Name: IDE
Value: AHWqTUlLxXzi22yyJwnsbozAu335SD8xYZXIgosIxioHKas1GtIsRgxOYjZAphCKKA0
.adnxs.com/ Name: anj
Value: dTM7k!M4.FE:2jUF']wIg2GVJj_q2?!]tbl8i_jC:lq+Z*:3[eYW7RF]2m_!TL3m(XvjXeQ9].B_c_q5TM`RmOwP!Kb[M8w^y9ZT3PVX23nXm/!0t#lGbJK<
.tapad.com/ Name: TapAd_TS
Value: 1700321950504
.tapad.com/ Name: TapAd_DID
Value: e6f43b94-dee2-4cab-932b-8b1aee56601e
.ads.stickyadstv.com/ Name: uid-bp-26865
Value: 7A19DEE67BE241A5943EDCFDDB79585D
.intentiq.com/ Name: IQver
Value: 1.9
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:7A19DEE67BE241A5943EDCFDDB79585D&KRTB&23486-uid:7A19DEE67BE241A5943EDCFDDB79585D&KRTB&23489-uid:7A19DEE67BE241A5943EDCFDDB79585D&KRTB&23539-uid:7A19DEE67BE241A5943EDCFDDB79585D
.pubmatic.com/ Name: PugT
Value: 1700321949
.intentiq.com/ Name: intentIQ
Value: 9mCowxeomW
.ads.stickyadstv.com/ Name: UID
Value: 26d556d45aedc0bb1fc49cc3b6c32134
.rlcdn.com/ Name: rlas3
Value: e1GvHuv1pALtG4EQ/GA86+J4MAaf6shf44w0DUdLFgo=
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-7f59a218-9230-46b3-b127-e5c5cef621da-005%22%7D
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.smaato.net/ Name: SCM
Value: cfb443f2e2
.smaato.net/ Name: SCMv
Value: cfb443f2e2
.smaato.net/ Name: SCM1001136
Value: cfb443f2e2
.yahoo.com/ Name: A3
Value: d=AQABBJ7aWGUCEIBbx1UKVtY4vn8DbQ_V5v4FEgEBAQEsWmViZdxS0iMA_eMAAA&S=AQAAAiXtCPJdBYBoh7MnkvIXsf4
.3lift.com/ Name: tluid
Value: 749748872012984606137
.openx.net/ Name: i
Value: ea156116-345e-4e31-9151-ec3bfa11f322|1700321950
.lijit.com/ Name: _ljtrtb_2
Value: 7A19DEE67BE241A5943EDCFDDB79585D
.rlcdn.com/ Name: pxrc
Value: CJ6146oGEgUI6AcQABIFCOhHEAASBgi46wEQAA==
.lijit.com/ Name: ljt_reader
Value: HrXLiQZHfNx824prRySnmfW4
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 1d713b0768f37ce29d2c323a1edb755b
.bluekai.com/ Name: bkpa
Value: KJy9nyexd02pSUHknp/8mE1hwtkAwE5O1EkWHDDtB6Ja1MxhxED8BeBaHWBsHWHYBpANmePW9y9LoyFG
.intentiq.com/ Name: CSDT
Value: UEQ6MTAwNDNfMCZUdnliY2wx
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: intentIQCDate
Value: 1700321950642
.intentiq.com/ Name: IQPData
Value: 1611266339#1700321950639#0#1700321950639
.bluekai.com/ Name: bku
Value: blx99JfSVsVLw3Lr
.bfmio.com/ Name: __141_cid
Value: 7A19DEE67BE241A5943EDCFDDB79585D
.bfmio.com/ Name: __io_cid
Value: 0bf3ced385c5a8e38ca7e61a67a332ebf607833c
.rubiconproject.com/ Name: khaos
Value: LP47SDS2-25-BBVR
.rubiconproject.com/ Name: audit
Value: 1|G0caGGDqZ0wsv1AEwHyt9Mh7rPixMpc+Ux+YNSsp8+Phj9K5Ghav9TJj4kU66pes4wW6gaNWIpkwHTRO1/p4iGfsp8ABdinMMf+s+oisr/4vWQxfhEZGUUAexola9NojJZW7Rk6yMEisU3BcDJq8RqAvV7tZh6Vydeodiyl5GGjz2vDHqR/c6KfkLNxlFhbb
.pippio.com/ Name: did
Value: YA_U8NXhEPVDEXMg
.pippio.com/ Name: didts
Value: 1700321950
.pippio.com/ Name: nnls
Value:
.lkqd.net/ Name: lkqdidts
Value: 1700321950
.lkqd.net/ Name: sr109
Value: 1|cfb443f2e2|1700321950
.lkqd.net/ Name: lkqdid
Value: KV6qLLK6AxE
.agkn.com/ Name: u
Value: C|0AAAAAAAALOuXHgAAAAAA
.agkn.com/ Name: ab
Value: 0001%3AvPtSrMfVcIX5deRZXCaIdbJCdB5FNBnD
.exelator.com/ Name: EE
Value: "9f0b7fd0b661e531c540e5657c006914"
.pro-market.net/ Name: anHistory
Value: "1jz6pgs20sh3f+2+!$7%/%Z#_`-7')%Z#_`-"
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-7f59a218-9230-46b3-b127-e5c5cef621da-005%22%7D
.pippio.com/ Name: pxrc
Value: CJ6146oGEgQIAhAAEgYI36wrEAA=
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcEyzSDJPC3FIMnMzDDV1Ngw2dTEINXUzNQ82cDAzNLQZHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQckl%252BUWb6otDgxUUpaQyLSopPBR%252F92A0Ae00qZg%253D%253D"
.analytics.yahoo.com/ Name: IDSYNC
Value: "176k~2f4f:19ba~2f4f"
.pro-market.net/ Name: anProfile
Value: "1jz6pgs20sh3f+1+1f=1+1g=1+1j=57:1+rs=s+rt=2602FFC8000201040000000000000017+s2=(s4bsta)+vm=24-7A19DEE67BE241A5943EDCFDDB79585D:81-y-FabFtFtE2pSrdkzIlJLIKt6hY1TSgT9gUjU-%7EA"

4 Console Messages

Source Level URL
Text
security error URL: https://www.googletagmanager.com/gtag/js?id=G-Q04TV61VH4(Line 201)
Message:
Refused to connect to 'https://analytics.google.com/g/collect?v=2&tid=G-Q04TV61VH4&gtm=45je3b81v9123591144&_p=1700321948368&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=98233597.1700321949&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700321948&sct=1&seg=0&dl=https%3A%2F%2Fwww.imcu.com%2F&dt=Indiana%20Members%20Credit%20Union%3A%20Keeping%20It%20Simple&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=900' because it violates the following Content Security Policy directive: "connect-src 'self' crownpeak.net *.crownpeak.net https://*.agentiq.co wss://*.agentiq.co https://api.cobrowse.io wss://*.cobrowse.io https://cobrowse.io *.google-analytics.com *.g.doubleclick.net *.gannettdigital.com *.rlets.com *.reachlocalservices.com *.facebook.net *.rlcdn.com *.gannettdigital.com *.facebook.com *.simpli.fi *.googleservices.com *.doubleclick.net *.googleapis.com *.segmint.net *.banno.com https://banno.com https://s3.amazonaws.com".
security error (Line 1)
Message:
Refused to load the script 'https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CE7OEJRC77UA05OMSG6G&lib=ttq' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' https://imcuonline-cloud.lending360.com https://app.imcu.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.googleapis.com banno.com *.banno.com crownpeak.com *.crownpeak.com https://*.agentiq.co *.cobrowse.io *.rlets.com *.adnxs.com *.facebook.net *.cloudfront.net *.callrail.com *.baconpay.com *.rlets.com *.reachlocalservices.com *.facebook.net *.rlcdn.com *.gannettdigital.com *.facebook.com *.simpli.fi *.googleservices.com *.doubleclick.net https://www.google.com/recaptcha/api.js *.gstatic.com *.segmint.net birdeye.com *.birdeye.com *.banno.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://www.imcu.com/
Message:
Refused to load the script 'https://www.surveycarrot.com/js/image_view.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' https://imcuonline-cloud.lending360.com https://app.imcu.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.googleapis.com banno.com *.banno.com crownpeak.com *.crownpeak.com https://*.agentiq.co *.cobrowse.io *.rlets.com *.adnxs.com *.facebook.net *.cloudfront.net *.callrail.com *.baconpay.com *.rlets.com *.reachlocalservices.com *.facebook.net *.rlcdn.com *.gannettdigital.com *.facebook.com *.simpli.fi *.googleservices.com *.doubleclick.net https://www.google.com/recaptcha/api.js *.gstatic.com *.segmint.net birdeye.com *.birdeye.com *.banno.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://cdn.callrail.com/companies/903706234/2b7b80f06241081c703b/12/swap.js
Message:
Refused to connect to 'https://js.callrail.com/group/0/2b7b80f06241081c703b/12/swap_session.json' because it violates the following Content Security Policy directive: "connect-src 'self' crownpeak.net *.crownpeak.net https://*.agentiq.co wss://*.agentiq.co https://api.cobrowse.io wss://*.cobrowse.io https://cobrowse.io *.google-analytics.com *.g.doubleclick.net *.gannettdigital.com *.rlets.com *.reachlocalservices.com *.facebook.net *.rlcdn.com *.gannettdigital.com *.facebook.com *.simpli.fi *.googleservices.com *.doubleclick.net *.googleapis.com *.segmint.net *.banno.com https://banno.com https://s3.amazonaws.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; connect-src 'self' crownpeak.net *.crownpeak.net https://*.agentiq.co wss://*.agentiq.co https://api.cobrowse.io wss://*.cobrowse.io https://cobrowse.io *.google-analytics.com *.g.doubleclick.net *.gannettdigital.com *.rlets.com *.reachlocalservices.com *.facebook.net *.rlcdn.com *.gannettdigital.com *.facebook.com *.simpli.fi *.googleservices.com *.doubleclick.net *.googleapis.com *.segmint.net *.banno.com https://banno.com https://s3.amazonaws.com; font-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com; frame-ancestors 'self' https://*.agentiq.co https://chat-service.imcu.agentiq.co; frame-src 'self' https://app.imcu.com https://*.imcu.com *.youtube.com *.google.com *.vimeo.com https://*.agentiq.co https://cobrowse.io *.fls.doubleclick.net *.baconpay.com *.optimalblue.com *.rlets.com *.reachlocalservices.com *.facebook.net *.rlcdn.com *.gannettdigital.com *.facebook.com *.simpli.fi *.googleservices.com *.doubleclick.net *.segmint.net birdeye.com *.birdeye.com; img-src 'self' https://imcuonline-cloud.lending360.com https://agentiq-imcu-assets.s3.amazonaws.com *.google-analytics.com *.googletagmanager.com banno.com *.banno.com *.googleapis.com *.gstatic.com *.facebook.com *.rlets.com *.reachlocalservices.com *.facebook.net *.rlcdn.com *.gannettdigital.com *.facebook.com *.simpli.fi *.googleservices.com *.doubleclick.net *.segmint.net data: *.banno.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://imcuonline-cloud.lending360.com https://app.imcu.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.googleapis.com banno.com *.banno.com crownpeak.com *.crownpeak.com https://*.agentiq.co *.cobrowse.io *.rlets.com *.adnxs.com *.facebook.net *.cloudfront.net *.callrail.com *.baconpay.com *.rlets.com *.reachlocalservices.com *.facebook.net *.rlcdn.com *.gannettdigital.com *.facebook.com *.simpli.fi *.googleservices.com *.doubleclick.net https://www.google.com/recaptcha/api.js *.gstatic.com *.segmint.net birdeye.com *.birdeye.com *.banno.com; style-src 'self' 'unsafe-inline' *.googleapis.com https://chat-service.imcu.agentiq.co
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8136673.fls.doubleclick.net
8242951.fls.doubleclick.net
aa.agkn.com
ads.stickyadstv.com
adservice.google.com
agentiq-imcu-assets.s3.amazonaws.com
analytics.tiktok.com
banno.com
bcp.crwdcntrl.net
birdeye.com
cdn.callrail.com
cdn.rlets.com
cdn.segmint.net
ce.lijit.com
chat-service.imcu.agentiq.co
chat.agentiq.co
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
connect.segmint.net
cs.lkqd.net
d.agkn.com
ddjkm7nmu27lx.cloudfront.net
dxussota4xxo7.cloudfront.net
eb2.3lift.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
js.callrail.com
liqadprdct-capture-prod-east.gannettdigital.com
loadm.exelator.com
maprtb.segmint.net
p.adsymptotic.com
pbid.pro-market.net
pixel.rubiconproject.com
pixel.tapad.com
s.ad.smaato.net
secure.adnxs.com
simplifi.partners.tremorhub.com
stags.bluekai.com
stats.g.doubleclick.net
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
sync.targeting.unrulymedia.com
sync1.intentiq.com
tag.simpli.fi
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
widgets-v7.birdeye.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.imcu.com
www.surveycarrot.com
analytics.tiktok.com
js.callrail.com
p.adsymptotic.com
www.surveycarrot.com
13.225.195.89
13.249.39.128
142.251.16.149
142.251.163.155
172.253.115.156
199.127.204.171
20.118.17.184
2001:4860:4802:32::178
23.220.120.241
2600:1901:0:8eee::
2600:1f18:612b:4216:d296:b4ab:44c7:4070
2600:9000:215f:4200:19:fc2c:a140:93a1
2600:9000:21a2:1000:15:4bf9:2dc0:21
2600:9000:2209:4200:1b:6b7d:2300:93a1
2600:9000:2305:400:6:9a19:88c0:93a1
2600:9000:2305:5600:1b:5138:8a40:93a1
2607:f8b0:4004:c06::61
2607:f8b0:4004:c07::68
2607:f8b0:4004:c08::5e
2607:f8b0:4004:c08::9a
2607:f8b0:4004:c08::9b
2607:f8b0:4004:c1b::5f
2a03:2880:f035:1a:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
3.161.213.20
3.162.93.82
3.232.252.94
3.5.29.142
34.111.113.62
34.150.170.96
34.200.65.202
34.205.164.221
34.236.173.204
34.75.237.118
34.86.70.109
34.98.64.218
35.244.154.8
44.238.141.43
52.189.67.130
52.2.62.184
52.223.22.214
52.45.67.236
54.156.136.130
54.177.116.16
54.215.170.252
63.251.28.133
63.251.86.50
68.67.161.182
69.173.151.100
69.20.43.192
8.28.7.83
99.84.108.85
0173900051eca3e73d1ff9febfe462216ec16101ca2020cf2e296cf03804861f
043cc930881f6a402e33c1edb1cbdd67b5604900d08b847b57041a57a380ee5a
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
05c0571b3ac8a93c190f84cbf95e00d67bd0839a277c29fb2d750d54c987990d
0aa49cded6c89343a514ac6a5bdf368cc49b43193c968852fa56a9b82e25cb32
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0d7499ba0c92fd337043c52c7d71c69a1181983270100ff83ca107e540a9444e
143e78d0fc535e02e2c719c0a29f9a6e2ac00959a552de99a3d62fb36b1e3cbf
173dd338673eb7e21df3c0ff3a86e0f1f752bf33468b01d1d89d09ac39e64132
1771a218aed647200de0deda659d6ac94a25729b4e9cf7f78e2efa1c52b90b22
18593949479827e48e87e970d17923131b0812675f4f13cf58a8b1d6bcf8234c
19003bda0af25def358e5f521924bc2658b65dc47ca722fbba68684516a3ec48
1c49de92a9d2aaf888a160f19745676220c659e62ed547f62a87f115e319d3e1
1ec4fbec6b02a439bad4ece44d16811ebe29e374da31c611ab1218220e5a1d04
203fc1a4d3e07fd93d7afc29b41aa5e720343f8a126e446ceed930ec2746029d
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
27f3557cf2b2a8e9ad2ca51eb3f3bf784a03e9dd4e149b50122179492480baaa
2950b48f9b87db4589b282a759df682217f78541eca4c7d38329d8182fa2fbd7
29c0460945112db52539b1f8123ef386a79721884db9d5e06697ebaa2ac6ecfa
2b566131a0f1a46661391af4a259ae22d79a47bd8754c86f156c33d0ea684435
2b7d3452288cef3342b8db2e74bd7320026c6dc8cd07d6b9568e0d4ddcfdac43
2d1d436c3b4ab349ba84c9aaa450f895a59ba21cd57955429cbe8ccd7ce56ee6
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
32b22d2da0448a339ab64e56f8502a00c34a301cff780cf1000bf30eee8f534e
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
36435716fe9f709ba9ff30672d5812734a31f2a82e53161f9e3793a0956af652
3ba6c0fb90f1168c88deeb5a2ea1117bf88c214888f2a84c5a1dda96d0f9ce75
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
44de8d3c22224f052fa98c400574244686f2d34237b15f280ca46864bf3fb641
46b1f1cb2341d81a988bb35b370ee6b4aaad6a2897c9134fe655d6e02404f2c8
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5d509d9115052160a71214c89b2e7b37b696eae658d3a3d6fbc6dc35bff295a8
5d6c3b2fc4bc70d3f833e12d18f67e54ba75324c8700a7d74249e410ce95920a
6356bd985255864febb0109cc39be0305ef662ec3c406cc199f7c595d57d1fb2
63fd15be26a1aa843ba677f3013c0d0af56bd78e12e71dd8497bafd87baf47ec
6c66c5eb9ab098979bb75d6f8b7a9f562e42c9439a98b16e5012b96c8919cf61
6c6a03ff6652de29b2cc7597dcc5754ba2cd0c946392859d88f5256a8cfaeca2
6da3c49e01d71fe6ad6c731dd3352fb5b43114024a7a53e6a0692657b1c63dd1
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
72c6a1c05aa9c813cc6db519f9464e4d67478d3c46429251ac5d3fde75fcef1d
79e088ee3377eda0f358623fc79ab1a06ce8bd1558f0788f84e43d05bb8dfcdc
88b7b60abfbcd15997d22d2839830aa4593142a21fc2b7be01f6896ac3d27310
8955274567e7fe987a9de393cf379bb4c3d4fa37e124414f5f2385d6c1e9e770
8ba33bd694c9294a4d95b380a23e2b66c20f385862fdc30ae109e45485dcdaaa
8ce8ceb4e04054456507d2fb780e5b8188be2a752f75caf380845205444398e0
8d4e19d4fbff09f97d19c07963009c1e4cda8e37c4e34150fee1888f49033431
8d5d3f4a44a4e9c6ea8f6c84f8dcc1fd7a31ad4c07df78b237c41c4d7fc10ecb
8ee5ce60cbae1e58b5e55b571efe515a0e418f5e3967484ccec19ce9dfe59b2f
91db5317414cb41f684846ada251e11a6926ba2860a702cee2287e98b70c5dfb
998b51877fdfbebabc2efe3ffc8ad41ca771915258bcd5169d623032ccacbf1c
99c4e063fef9de92f780394db21c614a35cc62deea02801aa45df58b6f686be9
9d9e8457110d2ca22a907b4e96bcba6be1d71d5170631b6ec4df967ec2a9f5e5
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3b8f422d16861fae92e93ccd283bc85c68217193c4aaeed2059fa8f9290c7b3
a5b94a48260f3b7d6b48c4f1a0516a1d3d7bc3e466e4e22b6440348fe46140b0
a865230456a516d0d8adf08bd311599806c70bbd7b5637c696cfbfb3cf747387
ac3b923602f3dfae76ac778b79523b1281f9aedfda9e872cc0301a5568fd15d9
af30c3ef9424b043e3d6d4db4b8573ec041dcad36330cacef75b8094807d9465
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b40ca771601612c31b766c4d2832765849d664971039722319cbd79f9fe15058
b55d22025050b8cf5c5b095cc4507098c1250fcac5f62c668b9d01880e2f9564
b5e5860634bdd32e8c252820ec604974db116b506451fa7b4c2511d200547ade
b837a0ca4ec882cc1e651e363063f5fc19bf8012d064d0eac49f93f31523ce38
b9067cbeb9d1f73d6d399fe3336d85ebfd394f52e5aa1ad843391c420dfe97d6
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb520d834b4b8107e8cd589e6fb93cf0fd70c6282bc711c597978eb1598fa40c
bbf8730ba2b44b5e4a111ccee80bd8dd9cbbd2d61395e7155ecd5c7a36aa0922
bbf9daa5df73b674be7b8b59c6ed2fcd65cf44e7f4e8d050f90fa2362d394004
c36ee346b92890d2894b82e85526775efb3644c73834b6b86e77d2be8174af6b
c59f3ba94e761497a4b1e94125a40d4363b28c55b24003bdb73243660499905d
c7094491ea71a66e3154aa305ab7d97a543cb8fba7f7ff2319df08defc77c725
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
ce2d1625d64cf99434862d35e765ab587e571cef399186313aba59dfa55bc5d2
ce3783d4091c989beac6560ce4ba0032d52339854010ac19358dfb702f226167
ce5e749ecdf9d387534d9de8b09f5740278e5eba5c24c8f978a1c88ca2eaae5e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff88ecc4da0fe4641c1d4ce57313b1801118b59426c09b1f9d7392ef33a5874
d2742b17a200523a46f49b6f1242f3b7e752b6bc7f371536afe845e5254f0ec8
d31312e09389da45f7740c6c973c7d66cc9f9d501b67d07c0e3992bef2d233e7
d5e4168c549beeeb7946e688c11e8ebec9ae7d2d53fd20a1992660551b7b3668
d8303ffbf48b58f448e60a347abd105d8d1e6d81fff60c3c3b62a55dadac686c
d858813ec73f7f3a68240ddf430f965287e2d1c33e7136c9730574f0c8603976
d87970bf467a996cd954b95004295ec93a16448c279a91a9057e7d1c1aa9349c
db972d0ea962e919605b331dfa106ef79ae41ca29aebb325eb88f57b608f97a4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd58778debfd57758aa554e7feab13af49b532da094899e49d3ead894f7a3bfb
de22750f89cea82841b7b6ead68d8cc193db8fa0c8f3592abdd7cebd250e751c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
de6d3acda35868aa8267832d374bf405a7618d5ff507d6648429dd510bd6b25d
deba2226480a94e33c151e7e6ba92e52520aea9d060976831c23289d6fbb3394
df74b077c5ba3d5821e8f57eebf409f91da9ade0b6e1c946ddce475daca051f9
dfff06cba861f460a8e1fad3e324f973acb4879d52140d5b296d990463325837
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62bdb1248c7e4d856eb804738ef310e28d3d8b4a9ef40bccb0a5059a61313d7
e63a6b5008fdcd33d835ed9d11e4fa939639220adc592f0dc3e0537935366325
e8340af2c2dc38ad3de763776e43ff7974757e11e5eb8cc10d6e75f16882ce9f
e862c691893c4c35b8c83bf72079bcda4b2223096980fa54dba8e346c4b944a5
ee812a922fafe6ac67e8a6b135e812e58b24030def1850886bb862060817ce9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5df67e620930892df72a02097cd31909aea56ea0501dbe12f09a9a2f3f88731
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fe03463c16e34490f3ea189edc669bc48d45eacbeadfa2411f712697ff798ad1