www.imcu.com Open in urlscan Pro
20.118.17.184  Public Scan

19 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

• https://secure.adnxs.com/seg?add=18206467&t=1 HTTP 307
• https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D18206467%26t%3D1

Request Chain 33

• https://birdeye.com/embed/v7/168150068519072/8/1234568071 HTTP 302
• https://widgets-v7.birdeye.com/api/embed/v7/168150068519072/8/1234568071

Request Chain 58

• https://um.simpli.fi/segmint HTTP 302
• https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=66E3918FC4AE4686AC37F6551FBEED6C

Request Chain 102

• https://um.simpli.fi/smaato HTTP 302
• https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=114FF666A680434C9B9F2D99EA9A80F5 HTTP 302
• https://www.tumblr.com/ads-user-sync?partner=smaato&uid=db27c704ed&gdpr=0&gdpr_consent=

Request Chain 103

• https://um.simpli.fi/nexxen HTTP 302
• https://sync.1rx.io/usersync/simplifi/114FF666A680434C9B9F2D99EA9A80F5 HTTP 302
• https://sync.1rx.io/usersync/simplifi/114FF666A680434C9B9F2D99EA9A80F5?zcc=1&cb=1700325028121 HTTP 302
• https://sync.targeting.unrulymedia.com/csync/RX-e512e359-0418-4500-b2f1-1c2453998d9d-005

Request Chain 104

• https://um.simpli.fi/triplelift HTTP 302
• https://eb2.3lift.com/xuid?mid=7969&xuid=114FF666A680434C9B9F2D99EA9A80F5&dongle=yf3 HTTP 302
• https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=114FF666A680434C9B9F2D99EA9A80F5&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=

Request Chain 105

• https://um.simpli.fi/telaria_p HTTP 302
• https://simplifi.partners.tremorhub.com/sync?UISF=114FF666A680434C9B9F2D99EA9A80F5

Request Chain 106

• https://um.simpli.fi/tapad HTTP 302
• https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=114FF666A680434C9B9F2D99EA9A80F5 HTTP 302
• https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=114FF666A680434C9B9F2D99EA9A80F5

Request Chain 107

• https://um.simpli.fi/ad_advisor HTTP 302
• https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=114FF666A680434C9B9F2D99EA9A80F5 HTTP 302
• https://d.agkn.com/pixel/10751/?che=1700325028174&ip=38.132.118.71&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D214440604704008582890 HTTP 302
• https://um.simpli.fi/aa_px?sk=214440604704008582890 HTTP 302
• https://um.simpli.fi/empty.gif

Request Chain 108

• https://um.simpli.fi/intentiq HTTP 302
• https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=114FF666A680434C9B9F2D99EA9A80F5 HTTP 302
• https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=114FF666A680434C9B9F2D99EA9A80F5&ripv6=2001:550:1d05:1::3

Request Chain 109

• https://um.simpli.fi/pubmatic HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:114FF666A680434C9B9F2D99EA9A80F5

Request Chain 110

• https://um.simpli.fi/freewheel HTTP 302
• https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=114FF666A680434C9B9F2D99EA9A80F5

Request Chain 111

• https://um.simpli.fi/dtnx HTTP 302
• https://fei.pro-market.net/engine?du=24;csync=114FF666A680434C9B9F2D99EA9A80F5;mimetype=img; HTTP 302
• https://fei.pro-market.net/engine?du=24;csync=114FF666A680434C9B9F2D99EA9A80F5;mimetype=img;sr HTTP 302
• https://cms.analytics.yahoo.com/cms?partner_id=DATCS HTTP 302
• https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS HTTP 302
• https://pbid.pro-market.net/engine?du=81&mimetype=img&csync=y-LgSLUxxE2pSWPnrNsTxiGiHpr1Yt23kZniM-~A

Request Chain 112

• https://um.simpli.fi/exelatem HTTP 302
• https://loadm.exelator.com/load/?p=204&g=2191&simid=114FF666A680434C9B9F2D99EA9A80F5&j=0 HTTP 302
• https://loadm.exelator.com/load/?p=204&g=2191&simid=114FF666A680434C9B9F2D99EA9A80F5&j=0&xl8blockcheck=1

Request Chain 113

• https://um.simpli.fi/yahoo HTTP 302
• https://ups.analytics.yahoo.com/ups/55964/sync?uid=114FF666A680434C9B9F2D99EA9A80F5 HTTP 302
• https://ups.analytics.yahoo.com/ups/55964/sync?uid=114FF666A680434C9B9F2D99EA9A80F5&verify=true

Request Chain 114

• https://um.simpli.fi/beachfront HTTP 302
• https://sync.bfmio.com/sync?pid=141&uid=114FF666A680434C9B9F2D99EA9A80F5

Request Chain 115

• https://um.simpli.fi/bluekai HTTP 302
• https://stags.bluekai.com/site/29931?id=114FF666A680434C9B9F2D99EA9A80F5

Request Chain 116

• https://um.simpli.fi/crwdcntrl HTTP 302
• https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=114FF666A680434C9B9F2D99EA9A80F5

Request Chain 117

• https://um.simpli.fi/lj_match HTTP 302
• https://ce.lijit.com/merge?pid=2&3pid=114FF666A680434C9B9F2D99EA9A80F5 HTTP 302
• https://ce.lijit.com/merge?pid=2&3pid=114FF666A680434C9B9F2D99EA9A80F5&dnr=1

Request Chain 118

• https://um.simpli.fi/liveramp_match HTTP 302
• https://idsync.rlcdn.com/419566.gif?partner_uid=114FF666A680434C9B9F2D99EA9A80F5 HTTP 307
• https://idsync.rlcdn.com/1000.gif?memo=CO7NGRIrCicIARDuJBogMTE0RkY2NjZBNjgwNDM0QzlCOUYyRDk5RUE5QTgwRjUQABoNCKTN46oGEgUI6AcQAEIASgA HTTP 307
• https://pippio.com/api/sync?pid=5324&it=1&iv=5d25c3f87c7265500703ce2f4773573aadb305ff3e88c5d86de36113e0a075a7791426b5417dce21&_=2 HTTP 307
• https://px.ads.linkedin.com/db_sync?pid=10339&puuid=5d25c3f87c7265500703ce2f4773573aadb305ff3e88c5d86de36113e0a075a7791426b5417dce21&rand=03622194 HTTP 302
• https://px.ads.linkedin.com/db_sync?pid=10339&puuid=5d25c3f87c7265500703ce2f4773573aadb305ff3e88c5d86de36113e0a075a7791426b5417dce21&rand=03622194&expected_cookie=760a280c-7b59-41d2-a55e-dcbef12fb8fb

Request Chain 119

• https://www.googleadservices.com/pagead/conversion/1026675585/?random=1700325027468&cv=7&fst=1700325027468&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1848132200&cv=7&fst=1700325027468&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=pOZYZeHYA4a3oPMPj6-xgAI&sscte=1&crd=&pscrd=IhMI4bqzqvzNggMVhhtoCB2PVwwg HTTP 302
• https://www.google.com/pagead/1p-conversion/1026675585/?random=1848132200&cv=7&fst=1700325027468&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI4bqzqvzNggMVhhtoCB2PVwwg&is_vtc=1&ocp_id=pOZYZeHYA4a3oPMPj6-xgAI&cid=CAQSKQDICaaNTo8BAi1QiTNnkV4Vbu72FXUq0GM5REw6tfsTKJjXdoPCIYfI&random=3514725820

Request Chain 121

• https://um.simpli.fi/an HTTP 302
• https://ib.adnxs.com/setuid?entity=66&code=114FF666A680434C9B9F2D99EA9A80F5

Request Chain 122

• https://um.simpli.fi/rb_match HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=114FF666A680434C9B9F2D99EA9A80F5&expires=365

Request Chain 123

• https://um.simpli.fi/ox_match HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537072966&val=114FF666A680434C9B9F2D99EA9A80F5 HTTP 302
• https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=114FF666A680434C9B9F2D99EA9A80F5

Request Chain 124

• https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc= HTTP 302
• https://um.simpli.fi/g_match?id=&google_gid=CAESELWXqzKARYI5WJJlFMIP3o4&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=114FF666A680434C9B9F2D99EA9A80F5 HTTP 302
• https://um.simpli.fi/g_match?id=

Request Chain 129

• https://8136673.fls.doubleclick.net/activityi;src=8136673;type=pagehit;cat=imcu-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5351284726013.759 HTTP 302
• https://8136673.fls.doubleclick.net/activityi;dc_pre=CKPTwar8zYIDFcArigMdhl0Jhw;src=8136673;type=pagehit;cat=imcu-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5351284726013.759

Request Chain 130

• https://8242951.fls.doubleclick.net/activityi;src=8242951;type=pagehit;cat=aimcu006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9818525438304.107 HTTP 302
• https://8242951.fls.doubleclick.net/activityi;dc_pre=CPu4war8zYIDFaPpKAUdCG8GDQ;src=8242951;type=pagehit;cat=aimcu006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9818525438304.107

Request Chain 134

• https://um.simpli.fi/segmint HTTP 302
• https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=114FF666A680434C9B9F2D99EA9A80F5

Request Chain 144

• https://8242951.fls.doubleclick.net/activityi;src=8242951;type=pagehit;cat=aimcu00h;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8991896321566.053 HTTP 302
• https://8242951.fls.doubleclick.net/activityi;dc_pre=CKax6Kz8zYIDFYUnigMdPH8APw;src=8242951;type=pagehit;cat=aimcu00h;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8991896321566.053

148 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.imcu.com/	55 KB 13 KB	469ms 233ms	Document text/html	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.imcu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash 2950b48f9b87db4589b282a759df682217f78541eca4c7d38329d8182fa2fbd7 Security Headers Name Value Content-Security-Policy default-src 'self'; connect-src 'self' crownpeak.net *.crownpeak.net https://*.agentiq.co wss://*.agentiq.co https://api.cobrowse.io wss://*.cobrowse.io https://cobrowse.io *.google-analytics.com *.g.doubleclick.net *.gannettdigital.com *.rlets.com *.reachlocalservices.com *.facebook.net *.rlcdn.com *.gannettdigital.com *.facebook.com *.simpli.fi *.googleservices.com *.doubleclick.net *.googleapis.com *.segmint.net *.banno.com https://banno.com https://s3.amazonaws.com; font-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com; frame-ancestors 'self' https://*.agentiq.co https://chat-service.imcu.agentiq.co; frame-src 'self' https://app.imcu.com https://*.imcu.com *.youtube.com *.google.com *.vimeo.com https://*.agentiq.co https://cobrowse.io *.fls.doubleclick.net *.baconpay.com *.optimalblue.com *.rlets.com *.reachlocalservices.com *.facebook.net *.rlcdn.com *.gannettdigital.com *.facebook.com *.simpli.fi *.googleservices.com *.doubleclick.net *.segmint.net birdeye.com *.birdeye.com; img-src 'self' https://imcuonline-cloud.lending360.com https://agentiq-imcu-assets.s3.amazonaws.com *.google-analytics.com *.googletagmanager.com banno.com *.banno.com *.googleapis.com *.gstatic.com *.facebook.com *.rlets.com *.reachlocalservices.com *.facebook.net *.rlcdn.com *.gannettdigital.com *.facebook.com *.simpli.fi *.googleservices.com *.doubleclick.net *.segmint.net data: *.banno.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://imcuonline-cloud.lending360.com https://app.imcu.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.googleapis.com banno.com *.banno.com crownpeak.com *.crownpeak.com https://*.agentiq.co *.cobrowse.io *.rlets.com *.adnxs.com *.facebook.net *.cloudfront.net *.callrail.com *.baconpay.com *.rlets.com *.reachlocalservices.com *.facebook.net *.rlcdn.com *.gannettdigital.com *.facebook.com *.simpli.fi *.googleservices.com *.doubleclick.net https://www.google.com/recaptcha/api.js *.gstatic.com *.segmint.net birdeye.com *.birdeye.com *.banno.com; style-src 'self' 'unsafe-inline' *.googleapis.com https://chat-service.imcu.agentiq.co Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes age 0 cache-control public, max-age=0 content-encoding gzip content-length 11262 content-security-policy default-src 'self'; connect-src 'self' crownpeak.net *.crownpeak.net https://*.agentiq.co wss://*.agentiq.co https://api.cobrowse.io wss://*.cobrowse.io https://cobrowse.io *.google-analytics.com *.g.doubleclick.net *.gannettdigital.com *.rlets.com *.reachlocalservices.com *.facebook.net *.rlcdn.com *.gannettdigital.com *.facebook.com *.simpli.fi *.googleservices.com *.doubleclick.net *.googleapis.com *.segmint.net *.banno.com https://banno.com https://s3.amazonaws.com; font-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com; frame-ancestors 'self' https://*.agentiq.co https://chat-service.imcu.agentiq.co; frame-src 'self' https://app.imcu.com https://*.imcu.com *.youtube.com *.google.com *.vimeo.com https://*.agentiq.co https://cobrowse.io *.fls.doubleclick.net *.baconpay.com *.optimalblue.com *.rlets.com *.reachlocalservices.com *.facebook.net *.rlcdn.com *.gannettdigital.com *.facebook.com *.simpli.fi *.googleservices.com *.doubleclick.net *.segmint.net birdeye.com *.birdeye.com; img-src 'self' https://imcuonline-cloud.lending360.com https://agentiq-imcu-assets.s3.amazonaws.com *.google-analytics.com *.googletagmanager.com banno.com *.banno.com *.googleapis.com *.gstatic.com *.facebook.com *.rlets.com *.reachlocalservices.com *.facebook.net *.rlcdn.com *.gannettdigital.com *.facebook.com *.simpli.fi *.googleservices.com *.doubleclick.net *.segmint.net data: *.banno.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://imcuonline-cloud.lending360.com https://app.imcu.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.googleapis.com banno.com *.banno.com crownpeak.com *.crownpeak.com https://*.agentiq.co *.cobrowse.io *.rlets.com *.adnxs.com *.facebook.net *.cloudfront.net *.callrail.com *.baconpay.com *.rlets.com *.reachlocalservices.com *.facebook.net *.rlcdn.com *.gannettdigital.com *.facebook.com *.simpli.fi *.googleservices.com *.doubleclick.net https://www.google.com/recaptcha/api.js *.gstatic.com *.segmint.net birdeye.com *.birdeye.com *.banno.com; style-src 'self' 'unsafe-inline' *.googleapis.com https://chat-service.imcu.agentiq.co content-type text/html; charset=utf-8 date Sat, 18 Nov 2023 16:30:25 GMT expires Sat, 18 Nov 2023 16:30:25 GMT server nginx strict-transport-security max-age=16070400 vary Accept-Encoding via varnish x-ad-insert-result no ads - index x-b3-traceid e2a33f817d54b4ab x-content-type-options nosniff x-envoy-upstream-service-time 80 x-frame-options SAMEORIGIN x-request-id b8383f3d-9fe4-9ea2-9cf2-f31bf2d1f555 x-varnish 106472973 x-varnish-count 0 x-varnish-hitmiss MISS x-varnish-ttl 0.000 x-xss-protection 1; mode=block
GET H2	200	main.min.css www.imcu.com/assets/css/	401 KB 48 KB	80ms 78ms	Stylesheet text/css	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.imcu.com/assets/css/main.min.css?v=1699977987544 Requested by Host: www.imcu.com URL: https://www.imcu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash e8340af2c2dc38ad3de763776e43ff7974757e11e5eb8cc10d6e75f16882ce9f Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:25 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=16070400 via varnish x-b3-traceid af44b98161ed5b8c age 84315 x-varnish-ttl 259200.000 x-varnish-hitmiss HIT x-envoy-upstream-service-time 0 content-disposition filename="main.min.css" content-length 48088 x-xss-protection 1; mode=block x-request-id fb206f33-48f7-9c7e-a916-7f1f1c568424 x-varnish-count 4023 last-modified Tue, 14 Nov 2023 17:04:40 GMT server nginx etag "4341b07f4098438e32302135198c4795" vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/css x-varnish 107012370 86506370 cache-control public, max-age=0 accept-ranges bytes expires Fri, 17 Nov 2023 17:05:10 GMT
GET H/1.1	200 OK	segmint.min.js Show response cdn.segmint.net/	16 KB 16 KB	247ms 69ms	Script application/javascript	3.160.5.116 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segmint.net/segmint.min.js Requested by Host: www.imcu.com URL: https://www.imcu.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.160.5.116 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-160-5-116.cmh68.r.cloudfront.net Software AmazonS3 / Resource Hash 8d5d3f4a44a4e9c6ea8f6c84f8dcc1fd7a31ad4c07df78b237c41c4d7fc10ecb Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Sat, 18 Nov 2023 15:22:37 GMT Via 1.1 60a4019a365a195cb4f354a7c8fdb39a.cloudfront.net (CloudFront) Last-Modified Wed, 20 Sep 2023 12:33:41 GMT Server AmazonS3 X-Amz-Cf-Pop CMH68-P4 Age 4069 x-amz-server-side-encryption AES256 ETag "6bdf8bf9c48aef3424ec8556d42ae32e" X-Cache Hit from cloudfront Content-Type application/javascript Cache-Control max-age:900 Connection keep-alive Accept-Ranges bytes Content-Length 16163 X-Amz-Cf-Id jrHIgeQpOlutpORfgVWNMzmuhu4PtEaqplGkM0Q2V5Ip6K0c_z22Zw==
GET H2	200	js Show response www.googletagmanager.com/gtag/	286 KB 94 KB	238ms 85ms	Script application/javascript	2607:f8b0:4006:823::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-Q04TV61VH4 Requested by Host: www.imcu.com URL: https://www.imcu.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:823::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 8aae33b96d350af8c5d3b8cf755acd4e0f1f9e53a285c5a3553936ede7bcd1e9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:26 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 96206 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sat, 18 Nov 2023 16:30:26 GMT
GET H2	200	mms.js Show response cdn.rlets.com/capture_static/mms/	3 KB 2 KB	257ms 65ms	Script application/javascript	2600:9000:24f7:ca00:6:9a19:88c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.rlets.com/capture_static/mms/mms.js Requested by Host: www.imcu.com URL: https://www.imcu.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:24f7:ca00:6:9a19:88c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 99c4e063fef9de92f780394db21c614a35cc62deea02801aa45df58b6f686be9 Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 14:19:21 GMT content-encoding gzip via 1.1 b7f97186b1999ddac2896624abb211e4.cloudfront.net (CloudFront) last-modified Tue, 07 Nov 2023 21:02:14 GMT server AmazonS3 x-amz-cf-pop CMH68-P1 age 9444 x-amz-server-side-encryption AES256 etag W/"2793d2aa83c14466ab58d339eea320ec" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript alt-svc h3=":443"; ma=86400 x-amz-cf-id -oL4TMnti-G4P22lrQEfCBSsMDAvn2BQ-FfhNmcndPARXf5v2tG3eA==
GET H2	200	bounce Show response secure.adnxs.com/ Redirect Chain https://secure.adnxs.com/seg?add=18206467&t=1 https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D18206467%26t%3D1	0 809 B	85ms 83ms	Script application/javascript	68.67.161.208 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D18206467%26t%3D1 Requested by Host: www.imcu.com URL: https://www.imcu.com/ Protocol H2 Server 68.67.161.208 Brooklyn, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sat, 18 Nov 2023 16:30:25 GMT an-x-request-uuid 4511141d-e495-4714-8f64-9183d497f734 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 38.132.118.71; 38.132.118.71; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Sat, 18 Nov 2023 16:30:25 GMT an-x-request-uuid 31edacb9-e483-4154-8e19-ed8c5e0a7e8a server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D18206467%26t%3D1 x-proxy-origin 38.132.118.71; 38.132.118.71; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	welcome-catnav.png www.imcu.com/assets/img/	2 KB 3 KB	155ms 154ms	Image image/png	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.imcu.com/assets/img/welcome-catnav.png Requested by Host: www.imcu.com URL: https://www.imcu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash deba2226480a94e33c151e7e6ba92e52520aea9d060976831c23289d6fbb3394 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:25 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff via varnish x-b3-traceid d3d0a01cedd6edd4 age 84315 x-varnish-ttl 259200.000 x-varnish-hitmiss HIT x-envoy-upstream-service-time 0 content-disposition filename="welcome-catnav.png" content-length 2246 x-xss-protection 1; mode=block x-request-id e21161a1-da2b-9da2-b7c4-d498909a4ba1 x-varnish-count 3920 last-modified Tue, 14 Nov 2023 17:04:40 GMT server nginx etag "c9832c6924b9c21cda33e07763e0ac6f" x-frame-options SAMEORIGIN content-type image/png x-varnish 104933130 87794062 cache-control public, max-age=0 accept-ranges bytes expires Fri, 17 Nov 2023 17:05:10 GMT
GET H2	200	welcome-nav.png www.imcu.com/assets/img/	194 KB 195 KB	155ms 155ms	Image image/png	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.imcu.com/assets/img/welcome-nav.png Requested by Host: www.imcu.com URL: https://www.imcu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash d2742b17a200523a46f49b6f1242f3b7e752b6bc7f371536afe845e5254f0ec8 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:25 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff via varnish x-b3-traceid 44d7f24222d6041c age 84340 x-varnish-ttl 259200.000 x-varnish-hitmiss HIT x-envoy-upstream-service-time 0 content-disposition filename="welcome-nav.png" content-length 198678 x-xss-protection 1; mode=block x-request-id 563eab95-263c-99ad-9f61-27406b01deac x-varnish-count 3995 last-modified Tue, 14 Nov 2023 17:04:40 GMT server nginx etag "d2a2618763842dc8dec633363a536949" x-frame-options SAMEORIGIN content-type image/png x-varnish 107938604 88385684 cache-control public, max-age=0 accept-ranges bytes expires Fri, 17 Nov 2023 17:04:44 GMT
GET H2	200	welcome-login.png www.imcu.com/assets/img/	39 KB 40 KB	150ms 148ms	Image image/png	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.imcu.com/assets/img/welcome-login.png Requested by Host: www.imcu.com URL: https://www.imcu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash 05c0571b3ac8a93c190f84cbf95e00d67bd0839a277c29fb2d750d54c987990d Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:25 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff via varnish x-b3-traceid 86642f74c212e0a8 age 84315 x-varnish-ttl 259200.000 x-varnish-hitmiss HIT x-envoy-upstream-service-time 0 content-disposition filename="welcome-login.png" content-length 40047 x-xss-protection 1; mode=block x-request-id c0b309eb-d5c9-924d-ab7e-b0de451710f4 x-varnish-count 3948 last-modified Tue, 14 Nov 2023 17:04:40 GMT server nginx etag "c2d9636e3493e66bd45028d6e556fd08" x-frame-options SAMEORIGIN content-type image/png x-varnish 105923796 63681416 cache-control public, max-age=0 accept-ranges bytes expires Fri, 17 Nov 2023 17:05:10 GMT
GET H2	200	indiana-members-cu-logo@3x.png www.imcu.com/assets/img/	6 KB 7 KB	81ms 79ms	Image image/png	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.imcu.com/assets/img/indiana-members-cu-logo@3x.png Requested by Host: www.imcu.com URL: https://www.imcu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash de6d3acda35868aa8267832d374bf405a7618d5ff507d6648429dd510bd6b25d Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:26 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff via varnish x-b3-traceid 8a42b4a824d0ec17 age 84340 x-varnish-ttl 259200.000 x-varnish-hitmiss HIT x-envoy-upstream-service-time 0 content-disposition filename="indiana-members-cu-logo@3x.png" content-length 6613 x-xss-protection 1; mode=block x-request-id 8e182cd1-2ef0-926f-875d-3c68281730c6 x-varnish-count 5010 last-modified Tue, 14 Nov 2023 17:04:40 GMT server nginx etag "b2bd6092cbf9dbf5a63463194435ef65" x-frame-options SAMEORIGIN content-type image/png x-varnish 99945313 48448263 cache-control public, max-age=0 accept-ranges bytes expires Fri, 17 Nov 2023 17:04:45 GMT
GET H2	200	Toy-Drive-2022-Rotating-Banner.jpg www.imcu.com/assets/files/of1iqyfG/	332 KB 333 KB	86ms 85ms	Image image/jpeg	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.imcu.com/assets/files/of1iqyfG/Toy-Drive-2022-Rotating-Banner.jpg Requested by Host: www.imcu.com URL: https://www.imcu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash 6c6a03ff6652de29b2cc7597dcc5754ba2cd0c946392859d88f5256a8cfaeca2 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:26 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff via varnish x-b3-traceid f5540a9bbc2f26af age 0 x-varnish-hitmiss MISS x-envoy-upstream-service-time 7 content-disposition filename="Toy-Drive-2022-Rotating-Banner.jpg" x-varnish-count 0 x-xss-protection 1; mode=block x-request-id 601df9c8-8e30-9165-8693-eeef5d09b109 last-modified Mon, 07 Nov 2022 13:04:36 GMT server nginx etag "73051b4af3a6a9d1d14c2a022b6b6ee0" x-frame-options SAMEORIGIN content-type image/jpeg x-varnish 106697355 cache-control private accept-ranges bytes expires Sat, 18 Nov 2023 16:30:26 GMT
GET H2	200	13-Month-Certificate-Rotating-Banner-10.2023.jpg www.imcu.com/assets/files/iBzefd7y/	792 KB 793 KB	104ms 89ms	Image image/jpeg	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.imcu.com/assets/files/iBzefd7y/13-Month-Certificate-Rotating-Banner-10.2023.jpg Requested by Host: www.imcu.com URL: https://www.imcu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash cff88ecc4da0fe4641c1d4ce57313b1801118b59426c09b1f9d7392ef33a5874 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:26 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff via varnish x-b3-traceid 8ad912823f102298 age 0 x-varnish-hitmiss MISS x-envoy-upstream-service-time 6 content-disposition filename="13-Month-Certificate-Rotating-Banner-10.2023.jpg" x-varnish-count 0 x-xss-protection 1; mode=block x-request-id f7f54e2f-7d05-9ad6-83e8-5fbf3787f4ff last-modified Fri, 29 Sep 2023 17:54:42 GMT server nginx etag "07a73c804a6b5dbc28299e99a1d8a885" x-frame-options SAMEORIGIN content-type image/jpeg x-varnish 104295567 cache-control private accept-ranges bytes expires Sat, 18 Nov 2023 16:30:26 GMT
GET H2	200	Hiring-Open-House-2023-Rotating-Banner.jpg www.imcu.com/assets/files/H0pnGJns/	461 KB 462 KB	311ms 296ms	Image image/jpeg	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.imcu.com/assets/files/H0pnGJns/Hiring-Open-House-2023-Rotating-Banner.jpg Requested by Host: www.imcu.com URL: https://www.imcu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash 8ee5ce60cbae1e58b5e55b571efe515a0e418f5e3967484ccec19ce9dfe59b2f Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:26 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff via varnish x-b3-traceid 76fc67bafd9f8238 age 0 x-varnish-hitmiss MISS x-envoy-upstream-service-time 9 content-disposition filename="Hiring-Open-House-2023-Rotating-Banner.jpg" x-varnish-count 0 x-xss-protection 1; mode=block x-request-id e5a981ea-7f0f-9164-860f-60f75969bce9 last-modified Mon, 06 Nov 2023 14:49:11 GMT server nginx etag "ab23a39368f4f6a7f97034b8edf4aef9" x-frame-options SAMEORIGIN content-type image/jpeg x-varnish 106252542 cache-control private accept-ranges bytes expires Sat, 18 Nov 2023 16:30:26 GMT
GET H2	200	T-Mobile-2023-Rotating-Banner.jpg www.imcu.com/assets/files/MrVTNGFD/	367 KB 368 KB	99ms 84ms	Image image/jpeg	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.imcu.com/assets/files/MrVTNGFD/T-Mobile-2023-Rotating-Banner.jpg Requested by Host: www.imcu.com URL: https://www.imcu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash 6da3c49e01d71fe6ad6c731dd3352fb5b43114024a7a53e6a0692657b1c63dd1 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:26 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff via varnish x-b3-traceid a12d4396f13e70fd age 0 x-varnish-hitmiss MISS x-envoy-upstream-service-time 6 content-disposition filename="T-Mobile-2023-Rotating-Banner.jpg" x-varnish-count 0 x-xss-protection 1; mode=block x-request-id ac9ae788-cb10-91c2-a6f3-a19b1b05a83e last-modified Mon, 16 Oct 2023 17:58:14 GMT server nginx etag "ab20e3ae89461333ebd1c67500b68752" x-frame-options SAMEORIGIN content-type image/jpeg x-varnish 106631636 cache-control private accept-ranges bytes expires Sat, 18 Nov 2023 16:30:26 GMT
GET H2	200	Sallie-Mae-Fall-2021-Rotating-Banner.jpg www.imcu.com/assets/files/C4i0XSCv/	492 KB 493 KB	318ms 304ms	Image image/jpeg	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.imcu.com/assets/files/C4i0XSCv/Sallie-Mae-Fall-2021-Rotating-Banner.jpg Requested by Host: www.imcu.com URL: https://www.imcu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash ee812a922fafe6ac67e8a6b135e812e58b24030def1850886bb862060817ce9e Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:26 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff via varnish x-b3-traceid a32bd00fa559f28a age 0 x-varnish-hitmiss MISS x-envoy-upstream-service-time 23 content-disposition filename="Sallie-Mae-Fall-2021-Rotating-Banner.jpg" x-varnish-count 0 x-xss-protection 1; mode=block x-request-id 2f4c3f29-eb05-9256-84e0-b9146a40be8e last-modified Mon, 14 Nov 2022 13:18:21 GMT server nginx etag "910b304bd6e60a796fb1df5cdf1f19af" x-frame-options SAMEORIGIN content-type image/jpeg x-varnish 105379871 cache-control private accept-ranges bytes expires Sat, 18 Nov 2023 16:30:26 GMT
GET H2	200	Special-Offers-Homepage-Icon.png www.imcu.com/assets/files/0kb02QFZ/	473 B 975 B	97ms 84ms	Image image/png	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.imcu.com/assets/files/0kb02QFZ/Special-Offers-Homepage-Icon.png Requested by Host: www.imcu.com URL: https://www.imcu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash 043cc930881f6a402e33c1edb1cbdd67b5604900d08b847b57041a57a380ee5a Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:26 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff via varnish x-b3-traceid b973bba7cd4e9cce age 0 x-varnish-hitmiss MISS x-envoy-upstream-service-time 4 content-disposition filename="Special-Offers-Homepage-Icon.png" x-varnish-count 0 x-xss-protection 1; mode=block x-request-id 1a7c487b-5ed9-99cc-833f-e8dc49e1f72f last-modified Wed, 25 Jan 2023 17:01:40 GMT server nginx etag "f9e78b83f79314708c96b0eaecae2196" x-frame-options SAMEORIGIN content-type image/png x-varnish 105306930 cache-control private accept-ranges bytes expires Sat, 18 Nov 2023 16:30:26 GMT
GET H2	200	icon-mobile.png www.imcu.com/assets/content/9X2ZqyZJ/	620 B 1 KB	93ms 80ms	Image image/png	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.imcu.com/assets/content/9X2ZqyZJ/icon-mobile.png Requested by Host: www.imcu.com URL: https://www.imcu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash c36ee346b92890d2894b82e85526775efb3644c73834b6b86e77d2be8174af6b Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:26 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff via varnish x-b3-traceid d62810d706748a28 age 84289 x-varnish-ttl 259200.000 x-varnish-hitmiss HIT x-envoy-upstream-service-time 0 content-disposition filename="icon-mobile.png" content-length 620 x-xss-protection 1; mode=block x-request-id bf50fe77-88b7-9ac7-9a87-e36cdefc5523 x-varnish-count 1105 last-modified Mon, 22 Oct 2018 21:04:46 GMT server nginx etag "baa4e6c3499f6233b5a351a4d0476fde" x-frame-options SAMEORIGIN content-type image/png x-varnish 106313170 85541407 cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 16 Nov 2024 17:05:36 GMT
GET H2	200	icon-auto.png www.imcu.com/assets/content/D91iHyeV/	540 B 1 KB	92ms 80ms	Image image/png	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.imcu.com/assets/content/D91iHyeV/icon-auto.png Requested by Host: www.imcu.com URL: https://www.imcu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash a3b8f422d16861fae92e93ccd283bc85c68217193c4aaeed2059fa8f9290c7b3 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:26 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff via varnish x-b3-traceid dedc9365b925d8a5 age 84279 x-varnish-ttl 259200.000 x-varnish-hitmiss HIT x-envoy-upstream-service-time 0 content-disposition filename="icon-auto.png" content-length 540 x-xss-protection 1; mode=block x-request-id 75ea7372-d2c7-9ee8-8cda-cd82e2f0d617 x-varnish-count 1050 last-modified Mon, 22 Oct 2018 21:04:44 GMT server nginx etag "17beb90294998e528a1159e4d3a7c118" x-frame-options SAMEORIGIN content-type image/png x-varnish 104162794 87794289 cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 16 Nov 2024 17:05:46 GMT
GET H2	200	icon-binoculars.png www.imcu.com/assets/content/kfaB86ca/	645 B 1 KB	90ms 79ms	Image image/png	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.imcu.com/assets/content/kfaB86ca/icon-binoculars.png Requested by Host: www.imcu.com URL: https://www.imcu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash 1c49de92a9d2aaf888a160f19745676220c659e62ed547f62a87f115e319d3e1 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:26 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff via varnish x-b3-traceid 7484e0e19b5810a2 age 84100 x-varnish-ttl 259200.000 x-varnish-hitmiss HIT x-envoy-upstream-service-time 0 content-disposition filename="icon-binoculars.png" content-length 645 x-xss-protection 1; mode=block x-request-id 2d6184da-b275-9182-9ed4-3f7761a061aa x-varnish-count 1044 last-modified Mon, 22 Oct 2018 21:04:44 GMT server nginx etag "dca376e40854549683fdcaad960cb3e1" x-frame-options SAMEORIGIN content-type image/png x-varnish 103970493 87604538 cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 16 Nov 2024 17:08:45 GMT
GET H2	200	Homepage-Ad---Holiday-Promo-2023---708x472.jpg www.imcu.com/assets/files/yGANEcCV/	170 KB 170 KB	303ms 292ms	Image image/jpeg	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.imcu.com/assets/files/yGANEcCV/Homepage-Ad---Holiday-Promo-2023---708x472.jpg Requested by Host: www.imcu.com URL: https://www.imcu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash ce5e749ecdf9d387534d9de8b09f5740278e5eba5c24c8f978a1c88ca2eaae5e Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:26 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff via varnish x-b3-traceid e59608bcc705f429 age 0 x-varnish-hitmiss MISS x-envoy-upstream-service-time 7 content-disposition filename="Homepage-Ad---Holiday-Promo-2023---708x472.jpg" x-varnish-count 0 x-xss-protection 1; mode=block x-request-id 9960c004-7136-947c-b494-4fbf4578d3d0 last-modified Mon, 30 Oct 2023 17:54:18 GMT server nginx etag "1e92bb0ea6fcdd794302393eea0b73a6" x-frame-options SAMEORIGIN content-type image/jpeg x-varnish 105047306 cache-control private accept-ranges bytes expires Sat, 18 Nov 2023 16:30:26 GMT
GET H2	200	Check-Out-Our-Recent-Reviews---708x472.jpg www.imcu.com/assets/files/YB11BLir/	137 KB 138 KB	343ms 333ms	Image image/jpeg	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.imcu.com/assets/files/YB11BLir/Check-Out-Our-Recent-Reviews---708x472.jpg Requested by Host: www.imcu.com URL: https://www.imcu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash 998b51877fdfbebabc2efe3ffc8ad41ca771915258bcd5169d623032ccacbf1c Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:26 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff via varnish x-b3-traceid 2d9638d7da66b69e age 0 x-varnish-hitmiss MISS x-envoy-upstream-service-time 10 content-disposition filename="Check-Out-Our-Recent-Reviews---708x472.jpg" x-varnish-count 0 x-xss-protection 1; mode=block x-request-id 413519d1-106f-9beb-9b30-217e009fbdad last-modified Wed, 13 Sep 2023 16:33:57 GMT server nginx etag "a8f8a5e02d910f3dcdfba743814b476b" x-frame-options SAMEORIGIN content-type image/jpeg x-varnish 106508358 cache-control private accept-ranges bytes expires Sat, 18 Nov 2023 16:30:26 GMT
GET H2	200	large-p-certificate.jpg www.imcu.com/assets/content/wLXmk3VS/	264 KB 265 KB	325ms 315ms	Image image/jpeg	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.imcu.com/assets/content/wLXmk3VS/large-p-certificate.jpg Requested by Host: www.imcu.com URL: https://www.imcu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash b9067cbeb9d1f73d6d399fe3336d85ebfd394f52e5aa1ad843391c420dfe97d6 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:26 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff via varnish x-b3-traceid 0269d8ac033750d3 age 84295 x-varnish-ttl 259200.000 x-varnish-hitmiss HIT x-envoy-upstream-service-time 0 content-disposition filename="large-p-certificate.jpg" content-length 270023 x-xss-protection 1; mode=block x-request-id 7447c99c-38df-9538-b875-5a4a3ea97dcc x-varnish-count 1047 last-modified Mon, 22 Oct 2018 21:04:48 GMT server nginx etag "1d5d218ae8b4b545ea3f1693ea17802d" x-frame-options SAMEORIGIN content-type image/jpeg x-varnish 107366674 88386047 cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 16 Nov 2024 17:05:31 GMT
GET H2	200	Josh-Hecker---245x275.jpg www.imcu.com/assets/files/IMwa9Uit/	63 KB 64 KB	340ms 331ms	Image image/jpeg	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.imcu.com/assets/files/IMwa9Uit/Josh-Hecker---245x275.jpg Requested by Host: www.imcu.com URL: https://www.imcu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash 0d7499ba0c92fd337043c52c7d71c69a1181983270100ff83ca107e540a9444e Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:26 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff via varnish x-b3-traceid fc136b450f20b093 age 0 x-varnish-hitmiss MISS x-envoy-upstream-service-time 8 content-disposition filename="Josh-Hecker---245x275.jpg" x-varnish-count 0 x-xss-protection 1; mode=block x-request-id 0b03aa9c-4a60-9dfe-a198-2515225e238b last-modified Fri, 04 Mar 2022 19:58:38 GMT server nginx etag "f88d99913ef8711b14661607fde607ba" x-frame-options SAMEORIGIN content-type image/jpeg x-varnish 108005193 cache-control private accept-ranges bytes expires Sat, 18 Nov 2023 16:30:26 GMT
GET H2	200	David-Early---245x275.jpg www.imcu.com/assets/files/pvLtMZvp/	76 KB 77 KB	336ms 327ms	Image image/jpeg	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.imcu.com/assets/files/pvLtMZvp/David-Early---245x275.jpg Requested by Host: www.imcu.com URL: https://www.imcu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash dd58778debfd57758aa554e7feab13af49b532da094899e49d3ead894f7a3bfb Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:26 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff via varnish x-b3-traceid 66660e064a41cf0d age 0 x-varnish-hitmiss MISS x-envoy-upstream-service-time 4 content-disposition filename="David-Early---245x275.jpg" x-varnish-count 0 x-xss-protection 1; mode=block x-request-id 351950da-2051-9cfe-8768-495c5218213f last-modified Tue, 09 May 2023 12:22:41 GMT server nginx etag "869a2aa7ffd7c689fc5a978c60301f6c" x-frame-options SAMEORIGIN content-type image/jpeg x-varnish 103970494 cache-control private accept-ranges bytes expires Sat, 18 Nov 2023 16:30:26 GMT
GET H2	200	Stephanie-Wade---245x275.jpg www.imcu.com/assets/files/KI0I3J6o/	49 KB 50 KB	337ms 329ms	Image image/jpeg	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.imcu.com/assets/files/KI0I3J6o/Stephanie-Wade---245x275.jpg Requested by Host: www.imcu.com URL: https://www.imcu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash 5d509d9115052160a71214c89b2e7b37b696eae658d3a3d6fbc6dc35bff295a8 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:26 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff via varnish x-b3-traceid 999914b08a2be9de age 0 x-varnish-hitmiss MISS x-envoy-upstream-service-time 7 content-disposition filename="Stephanie-Wade---245x275.jpg" x-varnish-count 0 x-xss-protection 1; mode=block x-request-id 9d100c8b-9f12-93f8-aac6-83cfe01e1f77 last-modified Mon, 20 Mar 2023 15:34:57 GMT server nginx etag "b46bb415d6463c634fdb1746a2d2a73f" x-frame-options SAMEORIGIN content-type image/jpeg x-varnish 107203068 cache-control private accept-ranges bytes expires Sat, 18 Nov 2023 16:30:26 GMT
GET H2	200	eho.svg www.imcu.com/assets/img/	4 KB 2 KB	320ms 311ms	Image image/svg+xml	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.imcu.com/assets/img/eho.svg Requested by Host: www.imcu.com URL: https://www.imcu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash bbf9daa5df73b674be7b8b59c6ed2fcd65cf44e7f4e8d050f90fa2362d394004 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:26 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=16070400 via varnish x-b3-traceid ea869c716903d012 age 84313 x-varnish-ttl 259200.000 x-varnish-hitmiss HIT x-envoy-upstream-service-time 0 content-disposition filename="eho.svg" content-length 1297 x-xss-protection 1; mode=block x-request-id cb3d2a18-7554-99ac-9f74-c00343751e85 x-varnish-count 4941 last-modified Tue, 14 Nov 2023 17:04:40 GMT server nginx etag "7626683c7ec90757b3643ff723c40e47" vary Accept-Encoding x-frame-options SAMEORIGIN content-type image/svg+xml x-varnish 95774378 69267601 cache-control public, max-age=0 accept-ranges bytes expires Fri, 17 Nov 2023 17:05:12 GMT
GET H2	200	ncua-logo.svg www.imcu.com/assets/img/	29 KB 7 KB	320ms 312ms	Image image/svg+xml	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.imcu.com/assets/img/ncua-logo.svg Requested by Host: www.imcu.com URL: https://www.imcu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash bbf8730ba2b44b5e4a111ccee80bd8dd9cbbd2d61395e7155ecd5c7a36aa0922 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:26 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff content-encoding gzip x-b3-traceid 61b38adccd1325d4 age 84340 via varnish x-varnish-ttl 259200.000 x-varnish-hitmiss HIT x-envoy-upstream-service-time 0 content-disposition filename="ncua-logo.svg" content-length 6516 x-xss-protection 1; mode=block x-request-id 19f1004d-5428-9d79-ba93-bed1bf099e8e x-varnish-count 5009 last-modified Tue, 14 Nov 2023 17:04:40 GMT server nginx etag "1a5e85a38801c65b8e233f3fbd9bf05c" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml x-varnish 71554105 88905370 cache-control public, max-age=0 accept-ranges bytes expires Fri, 17 Nov 2023 17:04:45 GMT
GET H2	200	badge.min.js Show response banno.com/a/monitor/api/badge/	10 KB 11 KB	263ms 76ms	Script application/javascript	52.189.67.130 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://banno.com/a/monitor/api/badge/badge.min.js Requested by Host: www.imcu.com URL: https://www.imcu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 52.189.67.130 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash ce2d1625d64cf99434862d35e765ab587e571cef399186313aba59dfa55bc5d2 Security Headers Name Value Strict-Transport-Security max-age=15724800 Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:26 GMT strict-transport-security max-age=15724800 last-modified Mon, 17 Jul 2023 20:25:23 GMT accept-ranges bytes etag "2194018965877338" content-length 10640 content-type application/javascript; charset=UTF-8
GET H2	200	alliance-one-logo.svg www.imcu.com/assets/img/	12 KB 4 KB	321ms 313ms	Image image/svg+xml	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.imcu.com/assets/img/alliance-one-logo.svg Requested by Host: www.imcu.com URL: https://www.imcu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash df74b077c5ba3d5821e8f57eebf409f91da9ade0b6e1c946ddce475daca051f9 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:26 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff content-encoding gzip x-b3-traceid b8fcbe840f0467ed age 84341 via varnish x-varnish-ttl 259200.000 x-varnish-hitmiss HIT x-envoy-upstream-service-time 0 content-disposition filename="alliance-one-logo.svg" content-length 3917 x-xss-protection 1; mode=block x-request-id 35b91904-31c6-924b-98ff-83b061828e3e x-varnish-count 4999 last-modified Tue, 14 Nov 2023 17:04:40 GMT server nginx etag "6da3b8f5f1310bb86accd6de043aac65" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml x-varnish 107817857 87253169 cache-control public, max-age=0 accept-ranges bytes expires Fri, 17 Nov 2023 17:04:45 GMT
GET H2	200	allpoint-logo.svg www.imcu.com/assets/img/	2 KB 2 KB	321ms 314ms	Image image/svg+xml	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.imcu.com/assets/img/allpoint-logo.svg Requested by Host: www.imcu.com URL: https://www.imcu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash 6356bd985255864febb0109cc39be0305ef662ec3c406cc199f7c595d57d1fb2 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:26 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=16070400 via varnish x-b3-traceid e41b75fa1d10dca2 age 84317 x-varnish-ttl 259200.000 x-varnish-hitmiss HIT x-envoy-upstream-service-time 0 content-disposition filename="allpoint-logo.svg" content-length 1017 x-xss-protection 1; mode=block x-request-id 47216df0-67da-909d-bf99-22e13a9bfd4c x-varnish-count 5060 last-modified Tue, 14 Nov 2023 17:04:40 GMT server nginx etag "673c94f3dec27085054071e31f195250" vary Accept-Encoding x-frame-options SAMEORIGIN content-type image/svg+xml x-varnish 106055252 88353279 cache-control public, max-age=0 accept-ranges bytes expires Fri, 17 Nov 2023 17:05:08 GMT
GET H2	200	jquery.min.js Show response www.imcu.com/assets/js/	85 KB 30 KB	94ms 77ms	Script application/javascript	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.imcu.com/assets/js/jquery.min.js?v=1699977987500 Requested by Host: www.imcu.com URL: https://www.imcu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash d31312e09389da45f7740c6c973c7d66cc9f9d501b67d07c0e3992bef2d233e7 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:26 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=16070400 via varnish x-b3-traceid f4d5fc7030ebc274 age 84317 x-varnish-ttl 259200.000 x-varnish-hitmiss HIT x-envoy-upstream-service-time 0 content-disposition filename="jquery.min.js" content-length 30341 x-xss-protection 1; mode=block x-request-id 4e1232a7-1e97-9d1c-b5ca-98bb09ef445a x-varnish-count 5122 last-modified Tue, 14 Nov 2023 17:04:40 GMT server nginx etag "5ce6d7133f1c3a7b378706b4b921bde0" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript x-varnish 105730596 87701231 cache-control public, max-age=0 accept-ranges bytes expires Fri, 17 Nov 2023 17:05:08 GMT
GET H2	200	script.min.js Show response www.imcu.com/assets/js/	176 KB 48 KB	327ms 320ms	Script application/javascript	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.imcu.com/assets/js/script.min.js?v=1699977987500 Requested by Host: www.imcu.com URL: https://www.imcu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash af30c3ef9424b043e3d6d4db4b8573ec041dcad36330cacef75b8094807d9465 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:26 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff content-encoding gzip x-b3-traceid c52c93eb50887722 age 84313 via varnish x-varnish-ttl 259200.000 x-varnish-hitmiss HIT x-envoy-upstream-service-time 0 content-disposition filename="script.min.js" content-length 48358 x-xss-protection 1; mode=block x-request-id 4c69a685-9c56-90bf-8f2f-d713587e0004 x-varnish-count 4964 last-modified Tue, 14 Nov 2023 17:04:40 GMT server nginx etag "29a2005343c553294558097fd1eba334" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript x-varnish 104813102 87936868 cache-control public, max-age=0 accept-ranges bytes expires Fri, 17 Nov 2023 17:05:12 GMT
GET H2	200	disclaimers.js Show response www.imcu.com/assets/target/	3 KB 2 KB	329ms 324ms	Script application/javascript	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.imcu.com/assets/target/disclaimers.js?bh=0eace5 Requested by Host: www.imcu.com URL: https://www.imcu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash e62bdb1248c7e4d856eb804738ef310e28d3d8b4a9ef40bccb0a5059a61313d7 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:26 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=16070400 via varnish x-b3-traceid 9a50db449b388c1c age 238465 x-varnish-ttl 259200.000 x-varnish-hitmiss HIT x-envoy-upstream-service-time 0 content-length 1400 x-xss-protection 1; mode=block x-request-id 99fa81bf-c320-9a98-bd35-b052e066320b x-varnish-count 7223 last-modified Mon, 13 Nov 2023 21:20:14 GMT server nginx etag "424434c0f704210912f04be3a5c8b0c0" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 x-varnish 105148781 47329874 cache-control public, max-age=15552000 accept-ranges bytes expires Mon, 13 May 2024 22:16:00 GMT
GET H2	200	webchat.js Show response chat.agentiq.co/	141 KB 47 KB	238ms 74ms	Script text/javascript	3.232.252.94 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://chat.agentiq.co/webchat.js?app_id=aimb4v0c Requested by Host: www.imcu.com URL: https://www.imcu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.232.252.94 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-232-252-94.compute-1.amazonaws.com Software / Express Resource Hash 72c6a1c05aa9c813cc6db519f9464e4d67478d3c46429251ac5d3fde75fcef1d Security Headers Name Value Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:26 GMT content-security-policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip x-permitted-cross-domain-policies none x-powered-by Express x-dns-prefetch-control off x-xss-protection 0 x-request-id c76f0230-862f-11ee-8e16-33509a1c260d referrer-policy no-referrer etag W/"23556-3vsCaoit8p9nY/6BmwEW42ws6Zw" x-download-options noopen expect-ct max-age=0 x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 vary Accept-Encoding
GET H2	200	1234568071 Show response widgets-v7.birdeye.com/api/embed/v7/168150068519072/8/ Redirect Chain https://birdeye.com/embed/v7/168150068519072/8/1234568071 https://widgets-v7.birdeye.com/api/embed/v7/168150068519072/8/1234568071	1 KB 1 KB	344ms 102ms	Script text/plain	54.215.170.252 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widgets-v7.birdeye.com/api/embed/v7/168150068519072/8/1234568071 Requested by Host: www.imcu.com URL: https://www.imcu.com/ Protocol H2 Server 54.215.170.252 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-215-170-252.us-west-1.compute.amazonaws.com Software / Resource Hash 8ce8ceb4e04054456507d2fb780e5b8188be2a752f75caf380845205444398e0 Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:26 GMT etag "51d-BbfhKBok1I7wsDxRTyybptO6gz8" content-length 1309 Redirect headers location https://widgets-v7.birdeye.com:443/api/embed/v7/168150068519072/8/1234568071 date Sat, 18 Nov 2023 16:30:26 GMT server awselb/2.0 content-length 110 content-type text/html
OPTIONS H/1.1	200 OK	1cb1ecef-4911-4acc-b8a4-323103090a15.json cdn.segmint.net/ Frame	0 0	259ms 135ms	Preflight	3.160.5.116 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segmint.net/1cb1ecef-4911-4acc-b8a4-323103090a15.json Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.160.5.116 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-160-5-116.cmh68.r.cloudfront.net Software AmazonS3 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://www.imcu.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Connection keep-alive Content-Length 0 Via 1.1 3553261692b84388f31d013fa1d022f0.cloudfront.net (CloudFront) X-Amz-Cf-Id rQ6d3iD6yPg6aDoP_rYIkxYYP24Uq9Z2I43xdWXSOEMS75Ni_mFqsQ== X-Amz-Cf-Pop CMH68-P4 X-Cache Miss from cloudfront access-control-allow-headers content-type access-control-allow-methods PUT, POST, DELETE, GET access-control-allow-origin * access-control-max-age 3000 date Sat, 18 Nov 2023 16:30:27 GMT server AmazonS3 vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method
GET H/1.1	200 OK	1cb1ecef-4911-4acc-b8a4-323103090a15.json Show response cdn.segmint.net/	313 B 962 B	62ms 62ms	XHR application/json	3.160.5.116 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segmint.net/1cb1ecef-4911-4acc-b8a4-323103090a15.json Requested by Host: cdn.segmint.net URL: https://cdn.segmint.net/segmint.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.160.5.116 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-160-5-116.cmh68.r.cloudfront.net Software AmazonS3 / Resource Hash 143e78d0fc535e02e2c719c0a29f9a6e2ac00959a552de99a3d62fb36b1e3cbf Request headers Referer https://www.imcu.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/json Response headers Date Sat, 18 Nov 2023 16:25:55 GMT Via 1.1 3553261692b84388f31d013fa1d022f0.cloudfront.net (CloudFront) X-Amz-Cf-Pop CMH68-P4 Age 326 x-amz-server-side-encryption AES256 X-Cache Hit from cloudfront Connection keep-alive Content-Length 313 Last-Modified Thu, 02 Mar 2023 21:15:14 GMT Server AmazonS3 ETag "9e8243276c884811a405bf54321be0b6" Access-Control-Max-Age 3000 Access-Control-Allow-Methods PUT, POST, DELETE, GET Content-Type application/json Access-Control-Allow-Origin * Cache-Control max-age=900 Accept-Ranges bytes X-Amz-Cf-Id 2Elw-5SMscp9EAMs973s_yiQTta4awj7gVL6r_ve8EWoc5RdyQhcLA==
GET H2	200	gtm.js Show response www.googletagmanager.com/	231 KB 76 KB	314ms 173ms	Script application/javascript	2607:f8b0:4006:823::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WDRHXN Requested by Host: www.imcu.com URL: https://www.imcu.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:823::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 0ca476861e6de2c6d855f2d0ff71ca6b14da192fe54b226590133aa4df457403 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:26 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 77550 x-xss-protection 0 last-modified Sat, 18 Nov 2023 15:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 18 Nov 2023 16:30:26 GMT
GET H2	200	seg Show response secure.adnxs.com/	0 807 B	68ms 68ms	Script application/javascript	68.67.161.208 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://secure.adnxs.com/seg?add=18206467&t=1 Requested by Host: www.imcu.com URL: https://www.imcu.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 68.67.161.208 Brooklyn, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sat, 18 Nov 2023 16:30:26 GMT an-x-request-uuid 40a27d75-b16c-4ca0-8ad9-f33a03fa7f81 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 38.132.118.71; 38.132.118.71; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	olb-background.jpg www.imcu.com/assets/img/	29 KB 30 KB	323ms 322ms	Image image/jpeg	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.imcu.com/assets/img/olb-background.jpg Requested by Host: www.imcu.com URL: https://www.imcu.com/assets/css/main.min.css?v=1699977987544 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash 3ba6c0fb90f1168c88deeb5a2ea1117bf88c214888f2a84c5a1dda96d0f9ce75 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/assets/css/main.min.css?v=1699977987544 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:26 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff via varnish x-b3-traceid 5ff8a5110f71d9fc age 84315 x-varnish-ttl 259200.000 x-varnish-hitmiss HIT x-envoy-upstream-service-time 0 content-disposition filename="olb-background.jpg" content-length 29949 x-xss-protection 1; mode=block x-request-id fe39acc2-e4b9-922b-9afe-3e6b50493391 x-varnish-count 5034 last-modified Tue, 14 Nov 2023 17:04:40 GMT server nginx etag "865bd4d78b5020090dbfbd815d5d1f8a" x-frame-options SAMEORIGIN content-type image/jpeg x-varnish 93344681 86885415 cache-control public, max-age=0 accept-ranges bytes expires Fri, 17 Nov 2023 17:05:10 GMT
GET H2	200	Icons.woff2 www.imcu.com/assets/font/	4 KB 4 KB	324ms 323ms	Font application/octet-stream	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.imcu.com/assets/font/Icons.woff2 Requested by Host: www.imcu.com URL: https://www.imcu.com/assets/css/main.min.css?v=1699977987544 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash ac3b923602f3dfae76ac778b79523b1281f9aedfda9e872cc0301a5568fd15d9 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.imcu.com/assets/css/main.min.css?v=1699977987544 Origin https://www.imcu.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:26 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff via varnish x-b3-traceid ccc0918355dfb3c6 age 84341 x-varnish-ttl 259200.000 x-varnish-hitmiss HIT x-envoy-upstream-service-time 0 content-disposition filename="Icons.woff2" content-length 4032 x-xss-protection 1; mode=block x-request-id ead42151-5e7b-9f81-9904-b00a123a65fa x-varnish-count 4945 last-modified Tue, 14 Nov 2023 17:04:40 GMT server nginx etag "f0bfce138c575ae64f11ce4df9b42958" x-frame-options SAMEORIGIN content-type application/octet-stream x-varnish 104899374 64606488 cache-control public, max-age=0 accept-ranges bytes expires Fri, 17 Nov 2023 17:04:45 GMT
OPTIONS H/1.1	200 OK	insights liqadprdct-capture-prod-east.gannettdigital.com/capture_logger/api/v1/ Frame	0 0	152ms 46ms	Preflight	34.75.237.118 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://liqadprdct-capture-prod-east.gannettdigital.com/capture_logger/api/v1/insights Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.75.237.118 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 118.237.75.34.bc.googleusercontent.com Software envoy / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://www.imcu.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-methods GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD access-control-allow-origin * access-control-expose-headers access-control-max-age 7200 date Sat, 18 Nov 2023 16:30:26 GMT server envoy transfer-encoding chunked x-envoy-upstream-service-time 1
POST H/1.1	200 OK	insights Show response liqadprdct-capture-prod-east.gannettdigital.com/capture_logger/api/v1/	16 B 783 B	48ms 47ms	XHR application/json	34.75.237.118 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://liqadprdct-capture-prod-east.gannettdigital.com/capture_logger/api/v1/insights Requested by Host: cdn.rlets.com URL: https://cdn.rlets.com/capture_static/mms/mms.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.75.237.118 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 118.237.75.34.bc.googleusercontent.com Software envoy / Resource Hash c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.imcu.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-type application/json Response headers date Sat, 18 Nov 2023 16:30:26 GMT x-content-type-options nosniff x-permitted-cross-domain-policies none transfer-encoding chunked x-envoy-upstream-service-time 3 x-xss-protection 1; mode=block x-request-id 1c93da58-a51a-4b56-9895-149368d46646 x-runtime 0.001920 referrer-policy strict-origin-when-cross-origin server envoy etag W/"c955e57777ec0d73639dca6748560d00" x-download-options noopen x-frame-options SAMEORIGIN access-control-max-age 7200 access-control-allow-methods GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD access-control-allow-origin * access-control-expose-headers vary Accept, Origin cache-control max-age=0, private, must-revalidate content-type application/json; charset=utf-8
GET H2	200	base.css chat-service.imcu.agentiq.co/static/themes/	9 KB 2 KB	260ms 60ms	Stylesheet text/css	34.194.239.168 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://chat-service.imcu.agentiq.co/static/themes/base.css Requested by Host: chat.agentiq.co URL: https://chat.agentiq.co/webchat.js?app_id=aimb4v0c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.194.239.168 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-194-239-168.compute-1.amazonaws.com Software / Express Resource Hash 8ba33bd694c9294a4d95b380a23e2b66c20f385862fdc30ae109e45485dcdaaa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:26 GMT strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip last-modified Tue, 07 Nov 2023 04:20:57 GMT x-powered-by Express etag W/"24a9-18ba8031828" vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes x-request-id c7ab6ef0-862f-11ee-8e16-33509a1c260d
GET H2	200	last-check Show response banno.com/a/monitor/api/	79 B 196 B	80ms 79ms	Script application/javascript	52.189.67.130 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://banno.com/a/monitor/api/last-check?url=https%3A%2F%2Fwww.imcu.com%2F&callback=jha.monitor.badgeCallback Requested by Host: banno.com URL: https://banno.com/a/monitor/api/badge/badge.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 52.189.67.130 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 16e3f53d796a278040360013860b40ba3dc7089279ccc725b448290b00fb8370 Security Headers Name Value Strict-Transport-Security max-age=15724800 Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:26 GMT strict-transport-security max-age=15724800 content-length 79 content-type application/javascript; charset=UTF-8
GET		image_view.js www.surveycarrot.com/js/	0 0
OPTIONS H/1.1	204 No Content	event connect.segmint.net/ Frame	0 0	319ms 61ms	Preflight	52.45.67.236 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://connect.segmint.net/event Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.45.67.236 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-45-67-236.compute-1.amazonaws.com Software openresty / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://www.imcu.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers X-Auth-Username, X-Auth-Password, X-Auth-New-Password, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since Access-Control-Allow-Methods GET, POST, PUT, DELETE, OPTIONS, HEAD Access-Control-Allow-Origin https://www.imcu.com Access-Control-Max-Age 1728000 Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 0 Date Sat, 18 Nov 2023 16:30:12 GMT Expires 0 P3P CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info." Pragma no-cache Server openresty
POST H/1.1	200 OK	event Show response connect.segmint.net/	0 637 B	63ms 61ms	XHR text/plain	52.45.67.236 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://connect.segmint.net/event Requested by Host: cdn.segmint.net URL: https://cdn.segmint.net/segmint.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.45.67.236 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-45-67-236.compute-1.amazonaws.com Software openresty / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.imcu.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/json Response headers Pragma no-cache Date Sat, 18 Nov 2023 16:30:08 GMT Server openresty P3P CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info." Access-Control-Allow-Origin https://www.imcu.com Content-Type text/plain;charset=UTF-8 Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Length 0 X-Application-Context site-event-receiver-service:prod:7084 Expires 0
GET H/1.1	200 OK	en1Er9rn5M Show response connect.segmint.net/iframe/doughnut/ Frame 08AF	509 B 1 KB	321ms 70ms	Document text/html	52.45.67.236 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://connect.segmint.net/iframe/doughnut/en1Er9rn5M Requested by Host: cdn.segmint.net URL: https://cdn.segmint.net/segmint.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.45.67.236 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-45-67-236.compute-1.amazonaws.com Software openresty / Resource Hash 0aa49cded6c89343a514ac6a5bdf368cc49b43193c968852fa56a9b82e25cb32 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.imcu.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Access-Control-Allow-Credentials true Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Encoding gzip Content-Language en-US Content-Length 307 Content-Type text/html;charset=UTF-8 Date Sat, 18 Nov 2023 16:30:26 GMT Expires 0 P3P CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info." Pragma no-cache Server openresty Vary Accept-Encoding X-Application-Context offer-delivery:prod:7074 X-B3-Sampled 1 X-B3-SpanId 9f47dcf22e0615d1 X-B3-TraceId 9f47dcf22e0615d1 X-Content-Type-Options nosniff X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	en1rr5rxMofqdM Show response connect.segmint.net/bearclaw/invoke/	2 KB 2 KB	321ms 67ms	XHR application/json	52.45.67.236 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://connect.segmint.net/bearclaw/invoke/en1rr5rxMofqdM?new_window=true Requested by Host: cdn.segmint.net URL: https://cdn.segmint.net/segmint.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.45.67.236 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-45-67-236.compute-1.amazonaws.com Software openresty / Resource Hash 5aff9a55663be9aa45cf07a81da3e81121f7aab14c5304941c9ad0421e6591cd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Sat, 18 Nov 2023 16:30:26 GMT Content-Encoding gzip X-Content-Type-Options nosniff X-Decision-Count 1 X-B3-TraceId 8dae7a4404b549e X-PartnerId 87563015 P3P CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info." Connection keep-alive X-DecisionId 1260ea51-62d2-4ffc-9eb8-775aa9f71ce5 X-MediaId 52276 X-Application-Context offer-delivery:prod:7074 Content-Length 743 X-XSS-Protection 1; mode=block Pragma no-cache X-Known-Consumer false Server openresty Vary Accept-Encoding, Origin Content-Type application/json; charset=UTF-8 Access-Control-Allow-Origin https://www.imcu.com Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true X-B3-SpanId 8dae7a4404b549e X-B3-Sampled 1 X-Targeted false Expires 0
GET H2	200	disclaimer Show response www.imcu.com/_/api/	2 KB 1 KB	82ms 81ms	XHR application/json	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.imcu.com/_/api/disclaimer Requested by Host: www.imcu.com URL: https://www.imcu.com/assets/js/jquery.min.js?v=1699977987500 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash 36435716fe9f709ba9ff30672d5812734a31f2a82e53161f9e3793a0956af652 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept */* Referer https://www.imcu.com/ X-Requested-With XMLHttpRequest accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/json Response headers date Sat, 18 Nov 2023 16:30:26 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=16070400 via varnish x-b3-traceid 1704774c35fa8608 age 0 x-varnish-ttl 0.000 x-varnish-hitmiss MISS x-envoy-upstream-service-time 4 content-length 695 x-xss-protection 1; mode=block x-request-id b967325d-9456-9cc8-83e0-1bf4d61f3c84 x-varnish-count 0 server nginx vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 x-varnish 106508365 cache-control public, max-age=0 accept-ranges bytes expires Sat, 18 Nov 2023 16:30:26 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 252 B	194ms 67ms	Ping text/plain	2607:f8b0:4004:c08::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Q04TV61VH4&cid=2064449441.1700325027&gtm=45je3b81v9123591144&aip=1&dma=0&gcd=11l1l1l1l1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-Q04TV61VH4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sat, 18 Nov 2023 16:30:26 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.imcu.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	monitor-badge-dark.png banno.com/a/monitor/api/badge/	867 B 1 KB	77ms 77ms	Image image/png	52.189.67.130 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://banno.com/a/monitor/api/badge/monitor-badge-dark.png Requested by Host: www.imcu.com URL: https://www.imcu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 52.189.67.130 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 29c0460945112db52539b1f8123ef386a79721884db9d5e06697ebaa2ac6ecfa Security Headers Name Value Strict-Transport-Security max-age=15724800 Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:26 GMT strict-transport-security max-age=15724800 last-modified Mon, 17 Jul 2023 20:25:23 GMT accept-ranges bytes etag "c6c0018965877338" content-length 867 content-type image/png
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	202 KB 54 KB	217ms 68ms	Script application/x-javascript	2a03:2880:f012:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.imcu.com URL: https://www.imcu.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sat, 18 Nov 2023 16:30:26 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 54273 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug hsFiLDlv8eblrsjwcQM+pTAAud135pc3iZJZ0m51E3wf8z2ZW2tvDC4sEbDaK3AyR1DuLJROzj3tGcAD04qakQ== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	tracking.min.js Show response dxussota4xxo7.cloudfront.net/js/	420 B 744 B	230ms 65ms	Script application/javascript	2600:9000:25f4:fa00:15:4bf9:2dc0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dxussota4xxo7.cloudfront.net/js/tracking.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRHXN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:25f4:fa00:15:4bf9:2dc0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a865230456a516d0d8adf08bd311599806c70bbd7b5637c696cfbfb3cf747387 Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 02:54:31 GMT via 1.1 4b1f2d5e8ba06f891aac0914bfcf0ce0.cloudfront.net (CloudFront) last-modified Wed, 23 Sep 2020 04:04:24 GMT server AmazonS3 x-amz-cf-pop CMH68-P4 age 54525 etag "b7e214e920d0c529083be4aa78a105c2" x-cache Hit from cloudfront content-type application/javascript accept-ranges bytes content-length 420 x-amz-cf-id E99iH5VQSXOKpW-yddt9m9tbubUYB30Hsw9d-6c_wTNQ_2VEBo4bRg==
GET		events.js analytics.tiktok.com/i18n/pixel/	0 0
GET H/1.1	200 OK	nqkCLztN_IMCU-Chat-Open-Icon---60x60-v01.png agentiq-imcu-assets.s3.amazonaws.com/public/2023-09-01-17-08-11/	917 B 1 KB	285ms 78ms	Image image/png	16.182.64.89 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://agentiq-imcu-assets.s3.amazonaws.com/public/2023-09-01-17-08-11/nqkCLztN_IMCU-Chat-Open-Icon---60x60-v01.png Requested by Host: chat-service.imcu.agentiq.co URL: https://chat-service.imcu.agentiq.co/static/themes/base.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 16.182.64.89 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-1-w.amazonaws.com Software AmazonS3 / Resource Hash 2b566131a0f1a46661391af4a259ae22d79a47bd8754c86f156c33d0ea684435 Request headers accept-language en-US,en;q=0.9 Referer https://chat-service.imcu.agentiq.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Sat, 18 Nov 2023 16:30:28 GMT Last-Modified Mon, 09 Jan 2023 17:08:12 GMT Server AmazonS3 x-amz-request-id XFFQA92X5J0H4EXT ETag "8ac911d758112d888af549bf17486135" x-amz-server-side-encryption AES256 Content-Type image/png Accept-Ranges bytes Content-Length 917 x-amz-id-2 bFTZv2VpZcv6vij6hOj/A90TkjRBeUrrZTEI1LV8J7MFB1W4ch9WjSC1a3JmN7ppMCfbPWC0n7A=
GET H2	200	widgets Show response widgets-v7.birdeye.com/api/ Frame 3970	9 KB 9 KB	133ms 130ms	Document text/html	54.215.170.252 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8 Requested by Host: birdeye.com URL: https://birdeye.com/embed/v7/168150068519072/8/1234568071 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.215.170.252 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-215-170-252.us-west-1.compute.amazonaws.com Software / Resource Hash d858813ec73f7f3a68240ddf430f965287e2d1c33e7136c9730574f0c8603976 Request headers Referer https://www.imcu.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language en-US,en;q=0.9 Response headers access-control-allow-origin https://app.birdeye.com content-length 9542 date Sat, 18 Nov 2023 16:30:26 GMT etag "2546-C5l/uTHC8nyE94b23GNQnW5VmE8" vary Origin
GET H/1.1	200 OK	df3d488ee2994024b76c77e63db14393.jpg cdn.segmint.net/	405 KB 405 KB	75ms 73ms	Image image/jpeg	3.160.5.116 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.segmint.net/df3d488ee2994024b76c77e63db14393.jpg?cb=447162775 Requested by Host: www.imcu.com URL: https://www.imcu.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.160.5.116 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-160-5-116.cmh68.r.cloudfront.net Software AmazonS3 / Resource Hash 3629dcd8b7f1a9245b5033de276b9fcd3b5f4b9ae8245814dc10d630ae10fdb3 Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Sat, 18 Nov 2023 16:11:27 GMT Via 1.1 60a4019a365a195cb4f354a7c8fdb39a.cloudfront.net (CloudFront) Last-Modified Tue, 07 Nov 2023 14:35:08 GMT Server AmazonS3 X-Amz-Cf-Pop CMH68-P4 Age 6993 x-amz-server-side-encryption AES256 ETag "3efc6689bfbfbe2ddc89e9d88f0c0d19" X-Cache Hit from cloudfront Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 414718 X-Amz-Cf-Id 0qmm9cGMZYnQ9R2t2wGPQcf6O7MiyJO3m56kNVZ1O2lQRattvur3tg==
GET H/1.1	200 OK	cookie-mapper maprtb.segmint.net/rtb/simpli-fi/ Frame 08AF Redirect Chain https://um.simpli.fi/segmint https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=66E3918FC4AE4686AC37F6551FBEED6C	43 B 412 B	251ms 65ms	Image image/gif	54.156.136.130 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=66E3918FC4AE4686AC37F6551FBEED6C Requested by Host: connect.segmint.net URL: https://connect.segmint.net/iframe/doughnut/en1Er9rn5M Protocol HTTP/1.1 Server 54.156.136.130 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-156-136-130.compute-1.amazonaws.com Software openresty / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language en-US,en;q=0.9 Referer https://connect.segmint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Pragma no-cache Date Sat, 18 Nov 2023 16:30:27 GMT Server openresty X-B3-TraceId 13ef4df265456432 Content-Type image/gif; charset=UTF-8 Cache-Control no-cache, no-store, must-revalidate X-B3-SpanId 13ef4df265456432 X-B3-Sampled 1 Connection keep-alive Content-Length 43 X-Application-Context cookie-mapper:prod:7077 Expires 0 Redirect headers date Sat, 18 Nov 2023 16:30:26 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=66E3918FC4AE4686AC37F6551FBEED6C access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Fri, 17 Nov 2023 16:30:26 GMT
GET H2	200	ec0a3730-0bdd-0139-387d-06abc14c0bc6 Show response tag.simpli.fi/sifitag/ Frame 08AF	3 KB 2 KB	228ms 71ms	Script application/javascript	34.171.47.125 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://tag.simpli.fi/sifitag/ec0a3730-0bdd-0139-387d-06abc14c0bc6 Requested by Host: connect.segmint.net URL: https://connect.segmint.net/iframe/doughnut/en1Er9rn5M Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.171.47.125 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 125.47.171.34.bc.googleusercontent.com Software openresty / Resource Hash 173dd338673eb7e21df3c0ff3a86e0f1f752bf33468b01d1d89d09ac39e64132 Request headers accept-language en-US,en;q=0.9 Referer https://connect.segmint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sat, 18 Nov 2023 16:30:27 GMT content-encoding gzip server openresty vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 x-request-id F5jEmnZrLSXsz0LdV4kF expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	eda81cd4507e537c.css widgets-v7.birdeye.com/_next/static/css/ Frame 3970	16 KB 3 KB	113ms 104ms	Stylesheet text/css	54.215.170.252 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widgets-v7.birdeye.com/_next/static/css/eda81cd4507e537c.css Requested by Host: widgets-v7.birdeye.com URL: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.215.170.252 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-215-170-252.us-west-1.compute.amazonaws.com Software / Resource Hash c7094491ea71a66e3154aa305ab7d97a543cb8fba7f7ff2319df08defc77c725 Request headers accept-language en-US,en;q=0.9 Referer https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:27 GMT content-encoding gzip last-modified Fri, 03 Nov 2023 03:00:12 GMT etag W/"3eca-18b931fba60" vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control public, max-age=31536000, immutable accept-ranges bytes
GET H2	200	543b166e566793c9.css widgets-v7.birdeye.com/_next/static/css/ Frame 3970	6 KB 2 KB	114ms 106ms	Stylesheet text/css	54.215.170.252 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widgets-v7.birdeye.com/_next/static/css/543b166e566793c9.css Requested by Host: widgets-v7.birdeye.com URL: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.215.170.252 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-215-170-252.us-west-1.compute.amazonaws.com Software / Resource Hash 0173900051eca3e73d1ff9febfe462216ec16101ca2020cf2e296cf03804861f Request headers accept-language en-US,en;q=0.9 Referer https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:27 GMT content-encoding gzip last-modified Fri, 03 Nov 2023 03:00:12 GMT etag W/"1754-18b931fba60" vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control public, max-age=31536000, immutable accept-ranges bytes
GET H2	200	webpack-514908bffb652963.js Show response widgets-v7.birdeye.com/_next/static/chunks/ Frame 3970	1 KB 1004 B	109ms 103ms	Script application/javascript	54.215.170.252 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widgets-v7.birdeye.com/_next/static/chunks/webpack-514908bffb652963.js Requested by Host: widgets-v7.birdeye.com URL: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.215.170.252 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-215-170-252.us-west-1.compute.amazonaws.com Software / Resource Hash 88b7b60abfbcd15997d22d2839830aa4593142a21fc2b7be01f6896ac3d27310 Request headers accept-language en-US,en;q=0.9 Referer https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:27 GMT content-encoding gzip last-modified Fri, 03 Nov 2023 03:00:12 GMT etag W/"5c0-18b931fba60" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable accept-ranges bytes
GET H2	200	framework-91d7f78b5b4003c8.js Show response widgets-v7.birdeye.com/_next/static/chunks/ Frame 3970	127 KB 41 KB	194ms 188ms	Script application/javascript	54.215.170.252 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widgets-v7.birdeye.com/_next/static/chunks/framework-91d7f78b5b4003c8.js Requested by Host: widgets-v7.birdeye.com URL: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.215.170.252 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-215-170-252.us-west-1.compute.amazonaws.com Software / Resource Hash ce3783d4091c989beac6560ce4ba0032d52339854010ac19358dfb702f226167 Request headers accept-language en-US,en;q=0.9 Referer https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:27 GMT content-encoding gzip last-modified Fri, 03 Nov 2023 03:00:12 GMT etag W/"1fc6a-18b931fba60" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable accept-ranges bytes
GET H2	200	main-ba832cad11a030f7.js Show response widgets-v7.birdeye.com/_next/static/chunks/ Frame 3970	111 KB 31 KB	193ms 188ms	Script application/javascript	54.215.170.252 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widgets-v7.birdeye.com/_next/static/chunks/main-ba832cad11a030f7.js Requested by Host: widgets-v7.birdeye.com URL: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.215.170.252 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-215-170-252.us-west-1.compute.amazonaws.com Software / Resource Hash 8955274567e7fe987a9de393cf379bb4c3d4fa37e124414f5f2385d6c1e9e770 Request headers accept-language en-US,en;q=0.9 Referer https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:27 GMT content-encoding gzip last-modified Fri, 03 Nov 2023 03:00:12 GMT etag W/"1ba4a-18b931fba60" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable accept-ranges bytes
GET H2	200	_app-9813aaabf7b75be1.js Show response widgets-v7.birdeye.com/_next/static/chunks/pages/ Frame 3970	4 KB 2 KB	192ms 187ms	Script application/javascript	54.215.170.252 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widgets-v7.birdeye.com/_next/static/chunks/pages/_app-9813aaabf7b75be1.js Requested by Host: widgets-v7.birdeye.com URL: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.215.170.252 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-215-170-252.us-west-1.compute.amazonaws.com Software / Resource Hash 1ec4fbec6b02a439bad4ece44d16811ebe29e374da31c611ab1218220e5a1d04 Request headers accept-language en-US,en;q=0.9 Referer https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:27 GMT content-encoding gzip last-modified Fri, 03 Nov 2023 03:00:12 GMT etag W/"11ed-18b931fba60" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable accept-ranges bytes
GET H2	200	new-rotating-8a699c6e04dc2ec5.js Show response widgets-v7.birdeye.com/_next/static/chunks/pages/v8/ Frame 3970	12 KB 5 KB	109ms 105ms	Script application/javascript	54.215.170.252 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widgets-v7.birdeye.com/_next/static/chunks/pages/v8/new-rotating-8a699c6e04dc2ec5.js Requested by Host: widgets-v7.birdeye.com URL: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.215.170.252 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-215-170-252.us-west-1.compute.amazonaws.com Software / Resource Hash f5df67e620930892df72a02097cd31909aea56ea0501dbe12f09a9a2f3f88731 Request headers accept-language en-US,en;q=0.9 Referer https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:27 GMT content-encoding gzip last-modified Fri, 03 Nov 2023 03:00:12 GMT etag W/"3101-18b931fba60" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable accept-ranges bytes
GET H2	200	_buildManifest.js Show response widgets-v7.birdeye.com/_next/static/kf_4G-AsMtcF60i4rIMFK/ Frame 3970	3 KB 1 KB	299ms 297ms	Script application/javascript	54.215.170.252 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widgets-v7.birdeye.com/_next/static/kf_4G-AsMtcF60i4rIMFK/_buildManifest.js Requested by Host: widgets-v7.birdeye.com URL: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.215.170.252 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-215-170-252.us-west-1.compute.amazonaws.com Software / Resource Hash 79e088ee3377eda0f358623fc79ab1a06ce8bd1558f0788f84e43d05bb8dfcdc Request headers accept-language en-US,en;q=0.9 Referer https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:27 GMT content-encoding gzip last-modified Fri, 03 Nov 2023 03:00:12 GMT etag W/"dc8-18b931fba60" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable accept-ranges bytes
GET H2	200	_ssgManifest.js Show response widgets-v7.birdeye.com/_next/static/kf_4G-AsMtcF60i4rIMFK/ Frame 3970	77 B 289 B	301ms 299ms	Script application/javascript	54.215.170.252 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widgets-v7.birdeye.com/_next/static/kf_4G-AsMtcF60i4rIMFK/_ssgManifest.js Requested by Host: widgets-v7.birdeye.com URL: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.215.170.252 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-215-170-252.us-west-1.compute.amazonaws.com Software / Resource Hash 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e Request headers accept-language en-US,en;q=0.9 Referer https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:27 GMT last-modified Fri, 03 Nov 2023 03:00:12 GMT etag W/"4d-18b931fba60" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable accept-ranges bytes content-length 77
GET H2	200	_middlewareManifest.js Show response widgets-v7.birdeye.com/_next/static/kf_4G-AsMtcF60i4rIMFK/ Frame 3970	92 B 304 B	302ms 300ms	Script application/javascript	54.215.170.252 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widgets-v7.birdeye.com/_next/static/kf_4G-AsMtcF60i4rIMFK/_middlewareManifest.js Requested by Host: widgets-v7.birdeye.com URL: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.215.170.252 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-215-170-252.us-west-1.compute.amazonaws.com Software / Resource Hash de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a Request headers accept-language en-US,en;q=0.9 Referer https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:27 GMT last-modified Fri, 03 Nov 2023 03:00:21 GMT etag W/"5c-18b931fdd88" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable accept-ranges bytes content-length 92
GET H2	200	css2 fonts.googleapis.com/ Frame 3970	7 KB 1 KB	222ms 78ms	Stylesheet text/css	2607:f8b0:4006:81d::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap Requested by Host: widgets-v7.birdeye.com URL: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d5e4168c549beeeb7946e688c11e8ebec9ae7d2d53fd20a1992660551b7b3668 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://widgets-v7.birdeye.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 18 Nov 2023 16:30:27 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 18 Nov 2023 16:20:08 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 18 Nov 2023 16:30:27 GMT
GET H2	200	23893b43a33e440e884869a9ffb7d0a7.png ddjkm7nmu27lx.cloudfront.net/283679764/ Frame 3970	32 KB 32 KB	239ms 70ms	Image image/png	108.139.38.143 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ddjkm7nmu27lx.cloudfront.net/283679764/23893b43a33e440e884869a9ffb7d0a7.png Requested by Host: widgets-v7.birdeye.com URL: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.139.38.143 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-38-143.jfk50.r.cloudfront.net Software AmazonS3 / Resource Hash 5d6c3b2fc4bc70d3f833e12d18f67e54ba75324c8700a7d74249e410ce95920a Request headers accept-language en-US,en;q=0.9 Referer https://widgets-v7.birdeye.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 01:42:33 GMT x-amz-version-id pPAHM_cGm52xis51JWGd9QCrjlIHQETa via 1.1 baec235d174153a8f2e92ea724643824.cloudfront.net (CloudFront) last-modified Fri, 17 Nov 2023 23:31:08 GMT server AmazonS3 x-amz-cf-pop JFK50-P2 age 53275 etag "78ec1eefcf17d2396ec5f3b344a6685e" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/png x-amz-storage-class REDUCED_REDUNDANCY accept-ranges bytes content-length 32708 x-amz-cf-id afA50Azwko0QDvysCak4BzKX9nUxzJvDgXMZ9_uwkN256I39VSuJRQ==
GET H2	200	left-arrow.png widgets-v7.birdeye.com/ Frame 3970	2 KB 2 KB	109ms 102ms	Image image/png	54.215.170.252 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://widgets-v7.birdeye.com/left-arrow.png Requested by Host: widgets-v7.birdeye.com URL: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.215.170.252 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-215-170-252.us-west-1.compute.amazonaws.com Software / Resource Hash 2b7d3452288cef3342b8db2e74bd7320026c6dc8cd07d6b9568e0d4ddcfdac43 Request headers accept-language en-US,en;q=0.9 Referer https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:27 GMT cache-control public, max-age=0 last-modified Fri, 03 Nov 2023 02:59:13 GMT accept-ranges bytes etag W/"746-18b931ed3e8" content-length 1862 content-type image/png
GET H2	200	right-arrow.png widgets-v7.birdeye.com/ Frame 3970	2 KB 2 KB	112ms 105ms	Image image/png	54.215.170.252 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://widgets-v7.birdeye.com/right-arrow.png Requested by Host: widgets-v7.birdeye.com URL: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.215.170.252 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-215-170-252.us-west-1.compute.amazonaws.com Software / Resource Hash c59f3ba94e761497a4b1e94125a40d4363b28c55b24003bdb73243660499905d Request headers accept-language en-US,en;q=0.9 Referer https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:27 GMT cache-control public, max-age=0 last-modified Fri, 03 Nov 2023 02:59:13 GMT accept-ranges bytes etag W/"782-18b931ed3e8" content-length 1922 content-type image/png
GET H2	200	birdeye-logo.svg widgets-v7.birdeye.com/ Frame 3970	3 KB 2 KB	113ms 105ms	Image image/svg+xml	54.215.170.252 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://widgets-v7.birdeye.com/birdeye-logo.svg Requested by Host: widgets-v7.birdeye.com URL: https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.215.170.252 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-215-170-252.us-west-1.compute.amazonaws.com Software / Resource Hash 19003bda0af25def358e5f521924bc2658b65dc47ca722fbba68684516a3ec48 Request headers accept-language en-US,en;q=0.9 Referer https://widgets-v7.birdeye.com/api/widgets?bid=168150068519072&wno=8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:27 GMT content-encoding gzip last-modified Fri, 03 Nov 2023 02:59:13 GMT etag W/"c2c-18b931ed3e8" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=0 accept-ranges bytes
GET H2	200	336474686714648 Show response connect.facebook.net/signals/config/	124 KB 33 KB	67ms 66ms	Script application/x-javascript	2a03:2880:f012:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/336474686714648?v=2.9.138&r=stable&domain=www.imcu.com Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 18593949479827e48e87e970d17923131b0812675f4f13cf58a8b1d6bcf8234c Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sat, 18 Nov 2023 16:30:27 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 33453 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug MEKQ9PrXyNpxMVMVRJgXWEMX/q2GEwdY7CxjqFhyt29GTuxj2k4asPI05dwIT06xX4oLC9qKGtcJciUw4OU1uw== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 3970	16 KB 16 KB	211ms 66ms	Font font/woff2	2607:f8b0:4006:822::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://widgets-v7.birdeye.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 15 Nov 2023 22:45:45 GMT x-content-type-options nosniff age 236682 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15920 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 14 Nov 2024 22:45:45 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 3970	15 KB 15 KB	228ms 83ms	Font font/woff2	2607:f8b0:4006:822::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://widgets-v7.birdeye.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 07:56:27 GMT x-content-type-options nosniff age 117240 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 16 Nov 2024 07:56:27 GMT
GET H2	200	/ www.facebook.com/tr/	0 185 B	213ms 65ms	Image text/plain	2a03:2880:f112:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=336474686714648&ev=PageView&dl=https%3A%2F%2Fwww.imcu.com&rl=&if=false&ts=1700325027240&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4124&fbp=fb.1.1700325027233.840416780&cs_est=true&pm=1&hrl=733a4a&ler=empty&it=1700325027127&coo=false&cs_cc=1&rqm=GET Requested by Host: www.imcu.com URL: https://www.imcu.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Sat, 18 Nov 2023 16:30:27 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	p Show response i.simpli.fi/ Frame 08AF	804 B 767 B	211ms 57ms	Script application/javascript	34.86.70.109 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://i.simpli.fi/p?cid=283320&cb=sifi_att_27612299117._hp Requested by Host: tag.simpli.fi URL: https://tag.simpli.fi/sifitag/ec0a3730-0bdd-0139-387d-06abc14c0bc6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.86.70.109 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 109.70.86.34.bc.googleusercontent.com Software openresty / Resource Hash 71bd9e370ba39a7761d1be81efb1ab5a891e5228edc6a4218994ca01acd949b1 Request headers accept-language en-US,en;q=0.9 Referer https://connect.segmint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sat, 18 Nov 2023 16:30:27 GMT content-encoding gzip server openresty vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	fonts.css Show response www.imcu.com/assets/css/	16 KB 2 KB	78ms 77ms	XHR text/css	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.imcu.com/assets/css/fonts.css?v=1699977987413 Requested by Host: www.imcu.com URL: https://www.imcu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash e862c691893c4c35b8c83bf72079bcda4b2223096980fa54dba8e346c4b944a5 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:27 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff content-encoding gzip x-b3-traceid ecc43b5b32d387f5 age 84317 via varnish x-varnish-ttl 259200.000 x-varnish-hitmiss HIT x-envoy-upstream-service-time 0 content-disposition filename="fonts.css" content-length 1149 x-xss-protection 1; mode=block x-request-id a9bb7496-572b-9ebe-8e9c-d37802e582bc x-varnish-count 1358 last-modified Tue, 14 Nov 2023 17:04:40 GMT server nginx etag "f65a0181f7fba375fcbc27fa75f7b1f4" x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/css x-varnish 106665190 88089540 cache-control public, max-age=0 accept-ranges bytes expires Fri, 17 Nov 2023 17:05:09 GMT
GET H2	200	slick.woff www.imcu.com/assets/font/	1 KB 2 KB	79ms 79ms	Font application/font-woff	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.imcu.com/assets/font/slick.woff Requested by Host: www.imcu.com URL: https://www.imcu.com/assets/css/main.min.css?v=1699977987544 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash 26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.imcu.com/assets/css/main.min.css?v=1699977987544 Origin https://www.imcu.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:27 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=16070400 via varnish x-b3-traceid 1507c21216df5fd8 age 84316 x-varnish-ttl 259200.000 x-varnish-hitmiss HIT x-envoy-upstream-service-time 0 content-disposition filename="slick.woff" content-length 1343 x-xss-protection 1; mode=block x-request-id e96c2cc2-3a44-943e-8888-1aef1eb71414 x-varnish-count 3486 last-modified Tue, 14 Nov 2023 17:04:41 GMT server nginx etag "68b7679274615f255c862e55e2a2ba3c" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/font-woff x-varnish 107975695 88680289 cache-control public, max-age=0 accept-ranges bytes expires Fri, 17 Nov 2023 17:05:10 GMT
GET H/1.1	200 OK	segmint.min.js Show response cdn.segmint.net/	16 KB 16 KB	63ms 62ms	Script application/javascript	3.160.5.116 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segmint.net/segmint.min.js Requested by Host: www.imcu.com URL: https://www.imcu.com/assets/js/script.min.js?v=1699977987500 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.160.5.116 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-160-5-116.cmh68.r.cloudfront.net Software AmazonS3 / Resource Hash 8d5d3f4a44a4e9c6ea8f6c84f8dcc1fd7a31ad4c07df78b237c41c4d7fc10ecb Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Sat, 18 Nov 2023 15:22:37 GMT Via 1.1 60a4019a365a195cb4f354a7c8fdb39a.cloudfront.net (CloudFront) Last-Modified Wed, 20 Sep 2023 12:33:41 GMT Server AmazonS3 X-Amz-Cf-Pop CMH68-P4 Age 4071 x-amz-server-side-encryption AES256 ETag "6bdf8bf9c48aef3424ec8556d42ae32e" X-Cache Hit from cloudfront Content-Type application/javascript Cache-Control max-age:900 Connection keep-alive Accept-Ranges bytes Content-Length 16163 X-Amz-Cf-Id c8DCP4JX9WuxVSTfy0MXyBB1HDYbfooAvMbuaAkVsOJP7eLu59OVQA==
GET H2	200	Sallie-Mae-Fall-2021-Rotating-Banner.jpg www.imcu.com/assets/files/C4i0XSCv/	492 KB 493 KB	318ms 313ms	Image image/jpeg	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.imcu.com/assets/files/C4i0XSCv/Sallie-Mae-Fall-2021-Rotating-Banner.jpg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash ee812a922fafe6ac67e8a6b135e812e58b24030def1850886bb862060817ce9e Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:27 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff via varnish x-b3-traceid 9af4e2651dafc832 age 0 x-varnish-hitmiss MISS x-envoy-upstream-service-time 238 content-disposition filename="Sallie-Mae-Fall-2021-Rotating-Banner.jpg" x-varnish-count 0 x-xss-protection 1; mode=block x-request-id aa8bc4de-266c-96ca-ae1e-5af08f39224b last-modified Mon, 14 Nov 2022 13:18:21 GMT server nginx etag "910b304bd6e60a796fb1df5cdf1f19af" x-frame-options SAMEORIGIN content-type image/jpeg x-varnish 105179005 cache-control private accept-ranges bytes expires Sat, 18 Nov 2023 16:30:27 GMT
GET H/1.1	200 OK	df3d488ee2994024b76c77e63db14393.jpg cdn.segmint.net/	405 KB 405 KB	102ms 66ms	Image image/jpeg	3.160.5.116 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.segmint.net/df3d488ee2994024b76c77e63db14393.jpg?cb=447162775 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.160.5.116 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-160-5-116.cmh68.r.cloudfront.net Software AmazonS3 / Resource Hash 3629dcd8b7f1a9245b5033de276b9fcd3b5f4b9ae8245814dc10d630ae10fdb3 Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Sat, 18 Nov 2023 16:11:27 GMT Via 1.1 60a4019a365a195cb4f354a7c8fdb39a.cloudfront.net (CloudFront) Last-Modified Tue, 07 Nov 2023 14:35:08 GMT Server AmazonS3 X-Amz-Cf-Pop CMH68-P4 Age 6994 x-amz-server-side-encryption AES256 ETag "3efc6689bfbfbe2ddc89e9d88f0c0d19" X-Cache Hit from cloudfront Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 414718 X-Amz-Cf-Id sBVscTdWwH-evSmhLwu-3xhtBn9M35kgJyLVA92tPqafRuRCseUDNA==
GET H2	200	Toy-Drive-2022-Rotating-Banner.jpg www.imcu.com/assets/files/of1iqyfG/	332 KB 333 KB	92ms 87ms	Image image/jpeg	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.imcu.com/assets/files/of1iqyfG/Toy-Drive-2022-Rotating-Banner.jpg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash 6c6a03ff6652de29b2cc7597dcc5754ba2cd0c946392859d88f5256a8cfaeca2 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:27 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff via varnish x-b3-traceid 3f2dd91f7c1c5672 age 0 x-varnish-hitmiss MISS x-envoy-upstream-service-time 7 content-disposition filename="Toy-Drive-2022-Rotating-Banner.jpg" x-varnish-count 0 x-xss-protection 1; mode=block x-request-id 93b51993-0d0d-9b19-b92d-ea96f76c0044 last-modified Mon, 07 Nov 2022 13:04:36 GMT server nginx etag "73051b4af3a6a9d1d14c2a022b6b6ee0" x-frame-options SAMEORIGIN content-type image/jpeg x-varnish 96919052 cache-control private accept-ranges bytes expires Sat, 18 Nov 2023 16:30:27 GMT
GET H2	200	13-Month-Certificate-Rotating-Banner-10.2023.jpg www.imcu.com/assets/files/iBzefd7y/	792 KB 793 KB	89ms 85ms	Image image/jpeg	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.imcu.com/assets/files/iBzefd7y/13-Month-Certificate-Rotating-Banner-10.2023.jpg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash cff88ecc4da0fe4641c1d4ce57313b1801118b59426c09b1f9d7392ef33a5874 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:27 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff via varnish x-b3-traceid fafdabc951d4ec2b age 0 x-varnish-hitmiss MISS x-envoy-upstream-service-time 6 content-disposition filename="13-Month-Certificate-Rotating-Banner-10.2023.jpg" x-varnish-count 0 x-xss-protection 1; mode=block x-request-id 519029fb-71cc-99d6-b1b8-bae406ef18fd last-modified Fri, 29 Sep 2023 17:54:42 GMT server nginx etag "07a73c804a6b5dbc28299e99a1d8a885" x-frame-options SAMEORIGIN content-type image/jpeg x-varnish 97809317 cache-control private accept-ranges bytes expires Sat, 18 Nov 2023 16:30:27 GMT
GET H2	200	Hiring-Open-House-2023-Rotating-Banner.jpg www.imcu.com/assets/files/H0pnGJns/	461 KB 462 KB	163ms 159ms	Image image/jpeg	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.imcu.com/assets/files/H0pnGJns/Hiring-Open-House-2023-Rotating-Banner.jpg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash 8ee5ce60cbae1e58b5e55b571efe515a0e418f5e3967484ccec19ce9dfe59b2f Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:27 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff via varnish x-b3-traceid cbc3b4f76ed6f0df age 0 x-varnish-hitmiss MISS x-envoy-upstream-service-time 8 content-disposition filename="Hiring-Open-House-2023-Rotating-Banner.jpg" x-varnish-count 0 x-xss-protection 1; mode=block x-request-id 7027ae83-825a-9893-a1e6-dc179389c9de last-modified Mon, 06 Nov 2023 14:49:11 GMT server nginx etag "ab23a39368f4f6a7f97034b8edf4aef9" x-frame-options SAMEORIGIN content-type image/jpeg x-varnish 108036734 cache-control private accept-ranges bytes expires Sat, 18 Nov 2023 16:30:27 GMT
GET H2	200	T-Mobile-2023-Rotating-Banner.jpg www.imcu.com/assets/files/MrVTNGFD/	367 KB 368 KB	317ms 314ms	Image image/jpeg	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.imcu.com/assets/files/MrVTNGFD/T-Mobile-2023-Rotating-Banner.jpg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash 6da3c49e01d71fe6ad6c731dd3352fb5b43114024a7a53e6a0692657b1c63dd1 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:27 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff via varnish x-b3-traceid 5814ba7470bf253e age 0 x-varnish-hitmiss MISS x-envoy-upstream-service-time 235 content-disposition filename="T-Mobile-2023-Rotating-Banner.jpg" x-varnish-count 0 x-xss-protection 1; mode=block x-request-id 33373974-225b-9fd8-8da1-80dfb0f3bedd last-modified Mon, 16 Oct 2023 17:58:14 GMT server nginx etag "ab20e3ae89461333ebd1c67500b68752" x-frame-options SAMEORIGIN content-type image/jpeg x-varnish 105599157 cache-control private accept-ranges bytes expires Sat, 18 Nov 2023 16:30:27 GMT
GET H2	200	large-p-certificate.jpg www.imcu.com/assets/content/wLXmk3VS/	264 KB 265 KB	78ms 75ms	Image image/jpeg	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.imcu.com/assets/content/wLXmk3VS/large-p-certificate.jpg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash b9067cbeb9d1f73d6d399fe3336d85ebfd394f52e5aa1ad843391c420dfe97d6 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:27 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff via varnish x-b3-traceid 308d5d9ec97fc28d age 84318 x-varnish-ttl 259200.000 x-varnish-hitmiss HIT x-envoy-upstream-service-time 0 content-disposition filename="large-p-certificate.jpg" content-length 270023 x-xss-protection 1; mode=block x-request-id 218ada9b-d064-9e18-a43d-17115a0efe64 x-varnish-count 1111 last-modified Mon, 22 Oct 2018 21:04:48 GMT server nginx etag "1d5d218ae8b4b545ea3f1693ea17802d" x-frame-options SAMEORIGIN content-type image/jpeg x-varnish 105700541 88384633 cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 16 Nov 2024 17:05:08 GMT
GET H2	200	montserrat-bold-webfont.woff2 www.imcu.com/assets/font/	18 KB 19 KB	129ms 128ms	Font application/octet-stream	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.imcu.com/assets/font/montserrat-bold-webfont.woff2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash e63a6b5008fdcd33d835ed9d11e4fa939639220adc592f0dc3e0537935366325 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.imcu.com/ Origin https://www.imcu.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:27 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff via varnish x-b3-traceid 79726a7bda3cc796 age 84317 x-varnish-ttl 259200.000 x-varnish-hitmiss HIT x-envoy-upstream-service-time 0 content-disposition filename="montserrat-bold-webfont.woff2" content-length 18616 x-xss-protection 1; mode=block x-request-id fabb8071-3b20-97e8-af41-ef17afc0899b x-varnish-count 4256 last-modified Tue, 14 Nov 2023 17:04:41 GMT server nginx etag "9f0fe404514ff7a8f05f6cf7f726a726" x-frame-options SAMEORIGIN content-type application/octet-stream x-varnish 105957986 85541169 cache-control public, max-age=0 accept-ranges bytes expires Fri, 17 Nov 2023 17:05:10 GMT
GET H2	200	montserrat-extralight-webfont.woff2 www.imcu.com/assets/font/	18 KB 18 KB	130ms 129ms	Font application/octet-stream	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.imcu.com/assets/font/montserrat-extralight-webfont.woff2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash 203fc1a4d3e07fd93d7afc29b41aa5e720343f8a126e446ceed930ec2746029d Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.imcu.com/ Origin https://www.imcu.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:27 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff via varnish x-b3-traceid 46c6ff5f765ef10a age 84317 x-varnish-ttl 259200.000 x-varnish-hitmiss HIT x-envoy-upstream-service-time 0 content-disposition filename="montserrat-extralight-webfont.woff2" content-length 18024 x-xss-protection 1; mode=block x-request-id d631895a-839a-909d-a7df-ec5bc8df71cb x-varnish-count 4639 last-modified Tue, 14 Nov 2023 17:04:41 GMT server nginx etag "4303be735143b509feaba7a4d10dfd95" x-frame-options SAMEORIGIN content-type application/octet-stream x-varnish 101575182 88905605 cache-control public, max-age=0 accept-ranges bytes expires Fri, 17 Nov 2023 17:05:10 GMT
GET H2	200	montserrat-light-webfont.woff2 www.imcu.com/assets/font/	18 KB 18 KB	129ms 127ms	Font application/octet-stream	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.imcu.com/assets/font/montserrat-light-webfont.woff2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash 44de8d3c22224f052fa98c400574244686f2d34237b15f280ca46864bf3fb641 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.imcu.com/ Origin https://www.imcu.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:27 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff via varnish x-b3-traceid 7e810de4b5c38b49 age 84342 x-varnish-ttl 259200.000 x-varnish-hitmiss HIT x-envoy-upstream-service-time 0 content-disposition filename="montserrat-light-webfont.woff2" content-length 18304 x-xss-protection 1; mode=block x-request-id f67cc223-c164-9943-824a-24bbee389810 x-varnish-count 4767 last-modified Tue, 14 Nov 2023 17:04:41 GMT server nginx etag "45dca2b26dfb46bcb62318a0c82338c9" x-frame-options SAMEORIGIN content-type application/octet-stream x-varnish 105957987 86571443 cache-control public, max-age=0 accept-ranges bytes expires Fri, 17 Nov 2023 17:04:45 GMT
GET H2	200	montserrat-regular-webfont.woff2 www.imcu.com/assets/font/	18 KB 19 KB	126ms 125ms	Font application/octet-stream	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.imcu.com/assets/font/montserrat-regular-webfont.woff2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash 27f3557cf2b2a8e9ad2ca51eb3f3bf784a03e9dd4e149b50122179492480baaa Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.imcu.com/ Origin https://www.imcu.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:27 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff via varnish x-b3-traceid 42bbf10954a9ced4 age 84342 x-varnish-ttl 259200.000 x-varnish-hitmiss HIT x-envoy-upstream-service-time 0 content-disposition filename="montserrat-regular-webfont.woff2" content-length 18500 x-xss-protection 1; mode=block x-request-id 6167d320-e11f-9116-95c1-969c82652f2b x-varnish-count 4800 last-modified Tue, 14 Nov 2023 17:04:41 GMT server nginx etag "53eca2b5ec904d06652753d02b06fd30" x-frame-options SAMEORIGIN content-type application/octet-stream x-varnish 105925560 86885246 cache-control public, max-age=0 accept-ranges bytes expires Fri, 17 Nov 2023 17:04:45 GMT
GET H2	200	montserrat-lightitalic-webfont.woff2 www.imcu.com/assets/font/	20 KB 21 KB	151ms 150ms	Font application/octet-stream	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.imcu.com/assets/font/montserrat-lightitalic-webfont.woff2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash b5e5860634bdd32e8c252820ec604974db116b506451fa7b4c2511d200547ade Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.imcu.com/ Origin https://www.imcu.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:27 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff via varnish x-b3-traceid 0ff1f11d1e4d0438 age 84342 x-varnish-ttl 259200.000 x-varnish-hitmiss HIT x-envoy-upstream-service-time 0 content-disposition filename="montserrat-lightitalic-webfont.woff2" content-length 20952 x-xss-protection 1; mode=block x-request-id 8befba97-c828-9159-b537-3dfe733069cd x-varnish-count 3260 last-modified Tue, 14 Nov 2023 17:04:41 GMT server nginx etag "a7fb4a29f4c5f62e384d31442f9ebfd3" x-frame-options SAMEORIGIN content-type application/octet-stream x-varnish 101575183 88194417 cache-control public, max-age=0 accept-ranges bytes expires Fri, 17 Nov 2023 17:04:45 GMT
GET H2	200	big_noodle_titling-webfont.woff2 www.imcu.com/assets/font/	7 KB 8 KB	127ms 120ms	Font application/octet-stream	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.imcu.com/assets/font/big_noodle_titling-webfont.woff2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash 63fd15be26a1aa843ba677f3013c0d0af56bd78e12e71dd8497bafd87baf47ec Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.imcu.com/ Origin https://www.imcu.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:27 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff via varnish x-b3-traceid a22a9037614167ce age 84317 x-varnish-ttl 259200.000 x-varnish-hitmiss HIT x-envoy-upstream-service-time 0 content-disposition filename="big_noodle_titling-webfont.woff2" content-length 7484 x-xss-protection 1; mode=block x-request-id 9ae47781-d07d-9730-9f53-f648f9c90ecf x-varnish-count 4903 last-modified Tue, 14 Nov 2023 17:04:41 GMT server nginx etag "6b1676b5c7c740bcfa57e8c94e2c784f" x-frame-options SAMEORIGIN content-type application/octet-stream x-varnish 107975698 87706306 cache-control public, max-age=0 accept-ranges bytes expires Fri, 17 Nov 2023 17:05:10 GMT
GET H2	200	sourcesanspro-regular.woff2 www.imcu.com/assets/font/	45 KB 46 KB	128ms 121ms	Font application/octet-stream	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.imcu.com/assets/font/sourcesanspro-regular.woff2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash fe03463c16e34490f3ea189edc669bc48d45eacbeadfa2411f712697ff798ad1 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.imcu.com/ Origin https://www.imcu.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:27 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff via varnish x-b3-traceid 58ac9d60b8caa2b7 age 84317 x-varnish-ttl 259200.000 x-varnish-hitmiss HIT x-envoy-upstream-service-time 0 content-disposition filename="sourcesanspro-regular.woff2" content-length 46132 x-xss-protection 1; mode=block x-request-id 6bc2a4a4-1432-98ca-bb5d-60b59225f810 x-varnish-count 4720 last-modified Tue, 14 Nov 2023 17:04:41 GMT server nginx etag "c53bf4d759e26cf5ee64d22ab1e91fdb" x-frame-options SAMEORIGIN content-type application/octet-stream x-varnish 106472984 87936848 cache-control public, max-age=0 accept-ranges bytes expires Fri, 17 Nov 2023 17:05:10 GMT
GET H2	200	sourcesanspro-light.woff2 www.imcu.com/assets/font/	45 KB 46 KB	122ms 116ms	Font application/octet-stream	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.imcu.com/assets/font/sourcesanspro-light.woff2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash d87970bf467a996cd954b95004295ec93a16448c279a91a9057e7d1c1aa9349c Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.imcu.com/ Origin https://www.imcu.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:27 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff via varnish x-b3-traceid fa20f58718ad1aff age 84313 x-varnish-ttl 259200.000 x-varnish-hitmiss HIT x-envoy-upstream-service-time 0 content-disposition filename="sourcesanspro-light.woff2" content-length 46108 x-xss-protection 1; mode=block x-request-id 585b16c8-61c0-9471-a888-f5ad6d6df6e6 x-varnish-count 4862 last-modified Tue, 14 Nov 2023 17:04:41 GMT server nginx etag "1d66e92b3708bed75317ef50795cf7a4" x-frame-options SAMEORIGIN content-type application/octet-stream x-varnish 105306949 84465533 cache-control public, max-age=0 accept-ranges bytes expires Fri, 17 Nov 2023 17:05:14 GMT
GET H2	200	sourcesanspro-semibold.woff2 www.imcu.com/assets/font/	45 KB 45 KB	119ms 118ms	Font application/octet-stream	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.imcu.com/assets/font/sourcesanspro-semibold.woff2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash dfff06cba861f460a8e1fad3e324f973acb4879d52140d5b296d990463325837 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.imcu.com/ Origin https://www.imcu.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:27 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff via varnish x-b3-traceid 74ce0d6ced35e296 age 84317 x-varnish-ttl 259200.000 x-varnish-hitmiss HIT x-envoy-upstream-service-time 0 content-disposition filename="sourcesanspro-semibold.woff2" content-length 45936 x-xss-protection 1; mode=block x-request-id 7def058d-de5b-914c-9619-856a9bae83ad x-varnish-count 4597 last-modified Tue, 14 Nov 2023 17:04:41 GMT server nginx etag "b862dcfab752adadf80299425574f5aa" x-frame-options SAMEORIGIN content-type application/octet-stream x-varnish 103510623 86006611 cache-control public, max-age=0 accept-ranges bytes expires Fri, 17 Nov 2023 17:05:10 GMT
GET H2	200	montserrat-thin-webfont.woff2 www.imcu.com/assets/font/	17 KB 17 KB	112ms 111ms	Font application/octet-stream	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.imcu.com/assets/font/montserrat-thin-webfont.woff2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash 1771a218aed647200de0deda659d6ac94a25729b4e9cf7f78e2efa1c52b90b22 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.imcu.com/ Origin https://www.imcu.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:27 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff via varnish x-b3-traceid 461278c4728513e4 age 84342 x-varnish-ttl 259200.000 x-varnish-hitmiss HIT x-envoy-upstream-service-time 0 content-disposition filename="montserrat-thin-webfont.woff2" content-length 17260 x-xss-protection 1; mode=block x-request-id 883a3550-e982-94e0-9287-082f5f29aab6 x-varnish-count 3899 last-modified Tue, 14 Nov 2023 17:04:41 GMT server nginx etag "0aad665492adfa220981fba714c2bc85" x-frame-options SAMEORIGIN content-type application/octet-stream x-varnish 107053944 86885249 cache-control public, max-age=0 accept-ranges bytes expires Fri, 17 Nov 2023 17:04:45 GMT
GET H2	200	sourcesanspro-italic.woff2 www.imcu.com/assets/font/	36 KB 37 KB	110ms 109ms	Font application/octet-stream	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.imcu.com/assets/font/sourcesanspro-italic.woff2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash 91db5317414cb41f684846ada251e11a6926ba2860a702cee2287e98b70c5dfb Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.imcu.com/ Origin https://www.imcu.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:27 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff via varnish x-b3-traceid c0af955f0496a6e9 age 84303 x-varnish-ttl 259200.000 x-varnish-hitmiss HIT x-envoy-upstream-service-time 0 content-disposition filename="sourcesanspro-italic.woff2" content-length 37256 x-xss-protection 1; mode=block x-request-id bf941863-93ea-9247-a729-d641c492863a x-varnish-count 3674 last-modified Tue, 14 Nov 2023 17:04:41 GMT server nginx etag "3c28ae2ca469f5f4f7dc664ae917c17c" x-frame-options SAMEORIGIN content-type application/octet-stream x-varnish 107331546 86960910 cache-control public, max-age=0 accept-ranges bytes expires Fri, 17 Nov 2023 17:05:24 GMT
GET H2	200	sourcesanspro-extralight.woff2 www.imcu.com/assets/font/	44 KB 45 KB	109ms 108ms	Font application/octet-stream	20.118.17.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.imcu.com/assets/font/sourcesanspro-extralight.woff2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 20.118.17.184 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash 46b1f1cb2341d81a988bb35b370ee6b4aaad6a2897c9134fe655d6e02404f2c8 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.imcu.com/ Origin https://www.imcu.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:27 GMT strict-transport-security max-age=16070400 x-content-type-options nosniff via varnish x-b3-traceid ad917279f4989abf age 84342 x-varnish-ttl 259200.000 x-varnish-hitmiss HIT x-envoy-upstream-service-time 0 content-disposition filename="sourcesanspro-extralight.woff2" content-length 45100 x-xss-protection 1; mode=block x-request-id 3de8effd-772c-95d8-abe1-5fdca5fe6c7f x-varnish-count 4834 last-modified Tue, 14 Nov 2023 17:04:41 GMT server nginx etag "ac5583a8382c06d5b1f1774461ec3bc4" x-frame-options SAMEORIGIN content-type application/octet-stream x-varnish 103510624 88260712 cache-control public, max-age=0 accept-ranges bytes expires Fri, 17 Nov 2023 17:04:45 GMT
GET H2	200	ads-user-sync www.tumblr.com/ Frame 08AF Redirect Chain https://um.simpli.fi/smaato https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=114FF666A680434C9B9F2D99EA9A80F5 https://www.tumblr.com/ads-user-sync?partner=smaato&uid=db27c704ed&gdpr=0&gdpr_consent=	70 B 1 KB	162ms 75ms	Image image/png	192.0.77.40 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://www.tumblr.com/ads-user-sync?partner=smaato&uid=db27c704ed&gdpr=0&gdpr_consent= Protocol H2 Server 192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS assets.tumblr.com Software nginx / Resource Hash a73237a07cec4d81b7cb7995220839f554e2e8936e5d5ae25cc47753f9737c07 Security Headers Name Value Content-Security-Policy script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com/beacon.js https://ssl.google-analytics.com/ga.js https://www.google-analytics.com/analytics.js https://fc.yahoo.com/sdarla/php/client.php https://s.yimg.com/rq/darla/ https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://*.gemini.yahoo.com https://s.yimg.com/av/gemini/ga/gemini-iframe.js https://s.yimg.com/av/curveball/ 'unsafe-eval' 'nonce-ElwnWl5mKma9TvuQ2Pq9rXumxo'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; Strict-Transport-Security max-age=31536000; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://connect.segmint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers x-nc mia 1 date Sat, 18 Nov 2023 16:30:28 GMT content-security-policy script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com/beacon.js https://ssl.google-analytics.com/ga.js https://www.google-analytics.com/analytics.js https://fc.yahoo.com/sdarla/php/client.php https://s.yimg.com/rq/darla/ https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://*.gemini.yahoo.com https://s.yimg.com/av/gemini/ga/gemini-iframe.js https://s.yimg.com/av/curveball/ 'unsafe-eval' 'nonce-ElwnWl5mKma9TvuQ2Pq9rXumxo'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports; x-content-type-options nosniff referrer-policy origin-when-cross-origin server nginx strict-transport-security max-age=31536000; preload x-frame-options deny p3p CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy" content-type image/png x-rid 1065f5535da4823b55cbb5aeaeefcb21 content-length 70 x-xss-protection 1; mode=block x-ua-compatible IE=Edge,chrome=1 Redirect headers date Sat, 18 Nov 2023 16:30:28 GMT via 1.1 79455aeea26d3c071fd96c3c1432669a.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop EWR53-P1 x-cache Miss from cloudfront location https://www.tumblr.com/ads-user-sync?partner=smaato&uid=db27c704ed&gdpr=0&gdpr_consent= cache-control no-cache, must-revalidate content-length 0 x-amz-cf-id s7KKGSpUMD6CRx3LQyLXfL60Mij5P5e0W8aTZXkf1DlRAVv7QO9XQw==
GET H/1.1	200 OK	RX-e512e359-0418-4500-b2f1-1c2453998d9d-005 sync.targeting.unrulymedia.com/csync/ Frame 08AF Redirect Chain https://um.simpli.fi/nexxen https://sync.1rx.io/usersync/simplifi/114FF666A680434C9B9F2D99EA9A80F5 https://sync.1rx.io/usersync/simplifi/114FF666A680434C9B9F2D99EA9A80F5?zcc=1&cb=1700325028121 https://sync.targeting.unrulymedia.com/csync/RX-e512e359-0418-4500-b2f1-1c2453998d9d-005	43 B 452 B	303ms 65ms	Image image/gif	199.127.204.171 RHYTHMONE
General Check archive.org Show headers Download Go to Show image Full URL https://sync.targeting.unrulymedia.com/csync/RX-e512e359-0418-4500-b2f1-1c2453998d9d-005 Protocol HTTP/1.1 Server 199.127.204.171 , United States, ASN26120 (RHYTHMONE, US), Reverse DNS Software Tengine / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Request headers accept-language en-US,en;q=0.9 Referer https://connect.segmint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Sat, 18 Nov 2023 16:30:28 GMT Server Tengine Connection keep-alive Content-Length 43 P3P CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why" Redirect headers Pragma no-cache Date Sat, 18 Nov 2023 16:30:28 GMT Server Tengine Transfer-Encoding chunked Content-Type text/html Location https://sync.targeting.unrulymedia.com/csync/RX-e512e359-0418-4500-b2f1-1c2453998d9d-005 Cache-Control no-store, no-cache, must-revalidate Connection keep-alive Expires 0
GET H2	200	xuid eb2.3lift.com/ Frame 08AF Redirect Chain https://um.simpli.fi/triplelift https://eb2.3lift.com/xuid?mid=7969&xuid=114FF666A680434C9B9F2D99EA9A80F5&dongle=yf3 https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=114FF666A680434C9B9F2D99EA9A80F5&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=	37 B 354 B	63ms 63ms	Image image/gif	35.71.139.29 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=114FF666A680434C9B9F2D99EA9A80F5&dongle=yf3&gdpr=0&cmp_cs=&us_privacy= Protocol H2 Server 35.71.139.29 , United States, ASN16509 (AMAZON-02, US), Reverse DNS afb83dd09526a6517.awsglobalaccelerator.com Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers accept-language en-US,en;q=0.9 Referer https://connect.segmint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers content-type image/gif date Sat, 18 Nov 2023 16:30:28 GMT cache-control no-cache, no-store, must-revalidate content-length 37 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers location /xuid?ld=1&mid=7969&xuid=114FF666A680434C9B9F2D99EA9A80F5&dongle=yf3&gdpr=0&cmp_cs=&us_privacy= date Sat, 18 Nov 2023 16:30:28 GMT cache-control no-cache, no-store, must-revalidate content-length 0 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H2	200	sync simplifi.partners.tremorhub.com/ Frame 08AF Redirect Chain https://um.simpli.fi/telaria_p https://simplifi.partners.tremorhub.com/sync?UISF=114FF666A680434C9B9F2D99EA9A80F5	43 B 175 B	234ms 59ms	Image image/gif	2600:1f18:612b:4200:ca6a:b7c3:dc21:bc28 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://simplifi.partners.tremorhub.com/sync?UISF=114FF666A680434C9B9F2D99EA9A80F5 Protocol H2 Server 2600:1f18:612b:4200:ca6a:b7c3:dc21:bc28 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language en-US,en;q=0.9 Referer https://connect.segmint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/' date Sat, 18 Nov 2023 16:30:28 GMT server nginx content-type image/gif Redirect headers date Sat, 18 Nov 2023 16:30:27 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://simplifi.partners.tremorhub.com/sync?UISF=114FF666A680434C9B9F2D99EA9A80F5 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Fri, 17 Nov 2023 16:30:27 GMT
GET H2	200	check pixel.tapad.com/idsync/ex/receive/ Frame 08AF Redirect Chain https://um.simpli.fi/tapad https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=114FF666A680434C9B9F2D99EA9A80F5 https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=114FF666A680434C9B9F2D99EA9A80F5	95 B 428 B	53ms 51ms	Image image/png	34.111.113.62 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=114FF666A680434C9B9F2D99EA9A80F5 Protocol H2 Server 34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 62.113.111.34.bc.googleusercontent.com Software Jetty(11.0.13) / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://connect.segmint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:28 GMT strict-transport-security max-age=31536000 via 1.1 google accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server Jetty(11.0.13) content-type image/png access-control-allow-origin * p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 95 Redirect headers date Sat, 18 Nov 2023 16:30:28 GMT strict-transport-security max-age=31536000 via 1.1 google accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server Jetty(11.0.13) p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" access-control-allow-origin * location https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=114FF666A680434C9B9F2D99EA9A80F5 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	empty.gif um.simpli.fi/ Frame 08AF Redirect Chain https://um.simpli.fi/ad_advisor https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=114FF666A680434C9B9F2D99EA9A80F5 https://d.agkn.com/pixel/10751/?che=1700325028174&ip=38.132.118.71&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D214440604704008582890 https://um.simpli.fi/aa_px?sk=214440604704008582890 https://um.simpli.fi/empty.gif	43 B 361 B	56ms 55ms	Image image/gif	35.236.220.17 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://um.simpli.fi/empty.gif Protocol H2 Server 35.236.220.17 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 17.220.236.35.bc.googleusercontent.com Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://connect.segmint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:28 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff last-modified Mon, 28 Sep 1970 06:00:00 GMT access-control-allow-methods GET, POST, OPTIONS content-type image/gif access-control-allow-origin * access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 43 Redirect headers date Sat, 18 Nov 2023 16:30:28 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location /empty.gif access-control-allow-origin * access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142
GET H2	403	ProfilesEngineServlet syncv4.intentiq.com/profiles_engine/ Frame 08AF Redirect Chain https://um.simpli.fi/intentiq https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=114FF666A680434C9B9F2D99EA9A80F5 https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=114FF666A680434C9B9F2D99EA9A80F5&ripv6=2001:550:1d05:1::3	0 0	249ms 65ms	Image text/html	18.164.96.10 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=114FF666A680434C9B9F2D99EA9A80F5&ripv6=2001:550:1d05:1::3 Protocol H2 Server 18.164.96.10 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-10.jfk50.r.cloudfront.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://connect.segmint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Redirect headers date Sat, 18 Nov 2023 16:30:28 GMT via 1.1 38bc9c97daf30f968ccac44ef89e14e0.cloudfront.net (CloudFront) server Apache-Coyote/1.1 x-amz-cf-pop JFK50-P5 x-cache Miss from cloudfront location https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=114FF666A680434C9B9F2D99EA9A80F5&ripv6=2001:550:1d05:1::3 alt-svc h3=":443"; ma=86400 content-length 0 x-amz-cf-id Ul9U-bK9jvM3hTdZ6Ke8uAtuRrREP9IYPzNv96Xq8K_YeckHCQT5Mw==
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame 08AF Redirect Chain https://um.simpli.fi/pubmatic https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:114FF666A680434C9B9F2D99EA9A80F5	42 B 551 B	205ms 60ms	Image image/gif	8.28.7.83 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:114FF666A680434C9B9F2D99EA9A80F5 Protocol H2 Server 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-US,en;q=0.9 Referer https://connect.segmint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers content-type image/gif; charset=utf-8 date Sat, 18 Nov 2023 07:50:17 GMT cache-control no-store, no-cache, private server nginx content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers date Sat, 18 Nov 2023 16:30:27 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:114FF666A680434C9B9F2D99EA9A80F5 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Fri, 17 Nov 2023 16:30:27 GMT
GET H/1.1	200	user-registering ads.stickyadstv.com/ Frame 08AF Redirect Chain https://um.simpli.fi/freewheel https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=114FF666A680434C9B9F2D99EA9A80F5	43 B 656 B	297ms 70ms	Image image/gif	63.251.28.233 FREEWHEEL
General Check archive.org Show headers Download Go to Show image Full URL https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=114FF666A680434C9B9F2D99EA9A80F5 Protocol HTTP/1.1 Server 63.251.28.233 Secaucus, United States, ASN26558 (FREEWHEEL, US), Reverse DNS Software nginx / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language en-US,en;q=0.9 Referer https://connect.segmint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Pragma no-cache Date Sat, 18 Nov 2023 16:30:28 GMT Server nginx Transfer-Encoding chunked Content-Type image/gif Access-Control-Allow-Origin * Cache-Control no-cache Access-Control-Allow-Credentials true Connection keep-alive x-sticky-vk 1700325028192004-1178 Redirect headers date Sat, 18 Nov 2023 16:30:27 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=114FF666A680434C9B9F2D99EA9A80F5 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Fri, 17 Nov 2023 16:30:27 GMT
GET H2	200	engine pbid.pro-market.net/ Frame 08AF Redirect Chain https://um.simpli.fi/dtnx https://fei.pro-market.net/engine?du=24;csync=114FF666A680434C9B9F2D99EA9A80F5;mimetype=img; https://fei.pro-market.net/engine?du=24;csync=114FF666A680434C9B9F2D99EA9A80F5;mimetype=img;sr https://cms.analytics.yahoo.com/cms?partner_id=DATCS https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS https://pbid.pro-market.net/engine?du=81&mimetype=img&csync=y-LgSLUxxE2pSWPnrNsTxiGiHpr1Yt23kZniM-~A	43 B 399 B	80ms 71ms	Image image/gif	2600:1901:0:8eee:: GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://pbid.pro-market.net/engine?du=81&mimetype=img&csync=y-LgSLUxxE2pSWPnrNsTxiGiHpr1Yt23kZniM-~A Protocol H2 Server 2600:1901:0:8eee:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash 3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a Request headers accept-language en-US,en;q=0.9 Referer https://connect.segmint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sat, 18 Nov 2023 16:30:28 GMT via 1.1 google server Apache-Coyote/1.1 anserver gapp1 content-type image/gif access-control-allow-origin * p3p CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC" cache-control no-cache, no-store, must-revalidate alt-svc clear content-length 43 expires Mon, 1 Jan 1990 0:0:0 GMT Redirect headers location https://pbid.pro-market.net/engine?du=81&mimetype=img&csync=y-LgSLUxxE2pSWPnrNsTxiGiHpr1Yt23kZniM-~A date Sat, 18 Nov 2023 16:30:28 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.87 age 0 content-length 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H2	204	/ loadm.exelator.com/load/ Frame 08AF Redirect Chain https://um.simpli.fi/exelatem https://loadm.exelator.com/load/?p=204&g=2191&simid=114FF666A680434C9B9F2D99EA9A80F5&j=0 https://loadm.exelator.com/load/?p=204&g=2191&simid=114FF666A680434C9B9F2D99EA9A80F5&j=0&xl8blockcheck=1	0 771 B	63ms 62ms	Image text/plain	52.0.156.250 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://loadm.exelator.com/load/?p=204&g=2191&simid=114FF666A680434C9B9F2D99EA9A80F5&j=0&xl8blockcheck=1 Protocol H2 Server 52.0.156.250 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-0-156-250.compute-1.amazonaws.com Software nginx / Undertow/1 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://connect.segmint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:28 GMT cache-control no-cache access-control-allow-credentials true server nginx x-powered-by Undertow/1 p3p policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA Redirect headers date Sat, 18 Nov 2023 16:30:28 GMT server nginx p3p policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA location https://loadm.exelator.com/load/?p=204&g=2191&simid=114FF666A680434C9B9F2D99EA9A80F5&j=0&xl8blockcheck=1 content-type image/gif cache-control no-cache access-control-allow-credentials true content-length 0
GET H2	204	sync ups.analytics.yahoo.com/ups/55964/ Frame 08AF Redirect Chain https://um.simpli.fi/yahoo https://ups.analytics.yahoo.com/ups/55964/sync?uid=114FF666A680434C9B9F2D99EA9A80F5 https://ups.analytics.yahoo.com/ups/55964/sync?uid=114FF666A680434C9B9F2D99EA9A80F5&verify=true	0 121 B	60ms 59ms	Image text/plain	3.225.218.10 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ups.analytics.yahoo.com/ups/55964/sync?uid=114FF666A680434C9B9F2D99EA9A80F5&verify=true Protocol H2 Server 3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-225-218-10.compute-1.amazonaws.com Software ATS/9.1.10.87 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://connect.segmint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:28 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.87 age 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Redirect headers location https://ups.analytics.yahoo.com/ups/55964/sync?uid=114FF666A680434C9B9F2D99EA9A80F5&verify=true date Sat, 18 Nov 2023 16:30:28 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.87 age 0 content-length 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H/1.1	204	sync sync.bfmio.com/ Frame 08AF Redirect Chain https://um.simpli.fi/beachfront https://sync.bfmio.com/sync?pid=141&uid=114FF666A680434C9B9F2D99EA9A80F5	0 421 B	260ms 57ms	Image text/plain	52.44.8.231 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://sync.bfmio.com/sync?pid=141&uid=114FF666A680434C9B9F2D99EA9A80F5 Protocol HTTP/1.1 Server 52.44.8.231 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-44-8-231.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://connect.segmint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Connection keep-alive Date Sat, 18 Nov 2023 16:30:27 GMT Redirect headers date Sat, 18 Nov 2023 16:30:27 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://sync.bfmio.com/sync?pid=141&uid=114FF666A680434C9B9F2D99EA9A80F5 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Fri, 17 Nov 2023 16:30:27 GMT
GET H2	200	29931 stags.bluekai.com/site/ Frame 08AF Redirect Chain https://um.simpli.fi/bluekai https://stags.bluekai.com/site/29931?id=114FF666A680434C9B9F2D99EA9A80F5	62 B 446 B	353ms 170ms	Image image/gif	23.47.69.85 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stags.bluekai.com/site/29931?id=114FF666A680434C9B9F2D99EA9A80F5 Protocol H2 Server 23.47.69.85 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-47-69-85.deploy.static.akamaitechnologies.com Software / Resource Hash 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80 Request headers accept-language en-US,en;q=0.9 Referer https://connect.segmint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml" date Sat, 18 Nov 2023 16:30:28 GMT content-length 62 content-type image/gif Redirect headers date Sat, 18 Nov 2023 16:30:27 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://stags.bluekai.com/site/29931?id=114FF666A680434C9B9F2D99EA9A80F5 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Fri, 17 Nov 2023 16:30:27 GMT
GET H2	404	tpid=114FF666A680434C9B9F2D99EA9A80F5 bcp.crwdcntrl.net/map/c=7625/tp=SIMP/ Frame 08AF Redirect Chain https://um.simpli.fi/crwdcntrl https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=114FF666A680434C9B9F2D99EA9A80F5	49 B 265 B	196ms 60ms	Image image/gif	44.195.240.36 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=114FF666A680434C9B9F2D99EA9A80F5 Protocol H2 Server 44.195.240.36 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-195-240-36.compute-1.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers accept-language en-US,en;q=0.9 Referer https://connect.segmint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sat, 18 Nov 2023 16:30:28 GMT server Jetty(9.4.38.v20210224) content-type image/gif p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.40.7.156 content-length 49 expires 0 Redirect headers date Sat, 18 Nov 2023 16:30:27 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=114FF666A680434C9B9F2D99EA9A80F5 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Fri, 17 Nov 2023 16:30:27 GMT
GET H/1.1	204 No Content	merge ce.lijit.com/ Frame 08AF Redirect Chain https://um.simpli.fi/lj_match https://ce.lijit.com/merge?pid=2&3pid=114FF666A680434C9B9F2D99EA9A80F5 https://ce.lijit.com/merge?pid=2&3pid=114FF666A680434C9B9F2D99EA9A80F5&dnr=1	0 465 B	75ms 75ms	Image text/plain	63.251.114.136 SINGLEHOP-LLC
General Check archive.org Show headers Download Go to Show image Full URL https://ce.lijit.com/merge?pid=2&3pid=114FF666A680434C9B9F2D99EA9A80F5&dnr=1 Protocol HTTP/1.1 Server 63.251.114.136 , United States, ASN32475 (SINGLEHOP-LLC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://connect.segmint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Expires Fri, 20 Mar 2009 00:00:00 GMT Pragma no-cache Date Sat, 18 Nov 2023 16:30:28 GMT X-MERGE GDPR Optout true Cache-Control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 X-Sovrn-Pod ad_ap5ewr1 P3P CP="CUR ADM OUR NOR STA NID" Redirect headers Pragma no-cache Date Sat, 18 Nov 2023 16:30:28 GMT P3P CP="CUR ADM OUR NOR STA NID" Location https://ce.lijit.com/merge?pid=2&3pid=114FF666A680434C9B9F2D99EA9A80F5&dnr=1 Cache-Control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 X-Sovrn-Pod ad_ap5ewr1 Content-Length 0 Expires Fri, 20 Mar 2009 00:00:00 GMT
GET H2	200	db_sync px.ads.linkedin.com/ Frame 08AF Redirect Chain https://um.simpli.fi/liveramp_match https://idsync.rlcdn.com/419566.gif?partner_uid=114FF666A680434C9B9F2D99EA9A80F5 https://idsync.rlcdn.com/1000.gif?memo=CO7NGRIrCicIARDuJBogMTE0RkY2NjZBNjgwNDM0QzlCOUYyRDk5RUE5QTgwRjUQABoNCKTN46oGEgUI6AcQAEIASgA https://pippio.com/api/sync?pid=5324&it=1&iv=5d25c3f87c7265500703ce2f4773573aadb305ff3e88c5d86de36113e0a075a7791426b5417dce21&_=2 https://px.ads.linkedin.com/db_sync?pid=10339&puuid=5d25c3f87c7265500703ce2f4773573aadb305ff3e88c5d86de36113e0a075a7791426b5417dce21&rand=03622194 https://px.ads.linkedin.com/db_sync?pid=10339&puuid=5d25c3f87c7265500703ce2f4773573aadb305ff3e88c5d86de36113e0a075a7791426b5417dce21&rand=03622194&expected_cookie=760a280c-7b59-41d2-a55e-dcbef12fb8fb	0 141 B	85ms 84ms	Image text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px.ads.linkedin.com/db_sync?pid=10339&puuid=5d25c3f87c7265500703ce2f4773573aadb305ff3e88c5d86de36113e0a075a7791426b5417dce21&rand=03622194&expected_cookie=760a280c-7b59-41d2-a55e-dcbef12fb8fb Protocol H2 Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://connect.segmint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:27 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: 0AAFFB8E6680407281994A80FA7D0E8A Ref B: MIAEDGE2620 Ref C: 2023-11-18T16:30:28Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-ltx1 x-li-proto http/2 content-length 0 x-li-uuid AAYKb8VV5tLPfLAtYRYSDA== Redirect headers date Sat, 18 Nov 2023 16:30:27 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: 8287AB29DAC64F0BA517300D0B51CBCB Ref B: MIAEDGE2620 Ref C: 2023-11-18T16:30:28Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-ltx1 location /db_sync?pid=10339&puuid=5d25c3f87c7265500703ce2f4773573aadb305ff3e88c5d86de36113e0a075a7791426b5417dce21&rand=03622194&expected_cookie=760a280c-7b59-41d2-a55e-dcbef12fb8fb x-li-proto http/2 content-length 0 x-li-uuid AAYKb8VUKDpGktBdW0CElw==
GET H2	200	/ www.google.com/pagead/1p-conversion/1026675585/ Frame 08AF Redirect Chain https://www.googleadservices.com/pagead/conversion/1026675585/?random=1700325027468&cv=7&fst=1700325027468&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1848132200&cv=7&fst=1700325027468&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=... https://www.google.com/pagead/1p-conversion/1026675585/?random=1848132200&cv=7&fst=1700325027468&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI4bqzq...	42 B 455 B	233ms 88ms	Image image/gif	2607:f8b0:4006:81e::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-conversion/1026675585/?random=1848132200&cv=7&fst=1700325027468&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI4bqzqvzNggMVhhtoCB2PVwwg&is_vtc=1&ocp_id=pOZYZeHYA4a3oPMPj6-xgAI&cid=CAQSKQDICaaNTo8BAi1QiTNnkV4Vbu72FXUq0GM5REw6tfsTKJjXdoPCIYfI&random=3514725820 Protocol H2 Server 2607:f8b0:4006:81e::2004 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://connect.segmint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sat, 18 Nov 2023 16:30:28 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sat, 18 Nov 2023 16:30:28 GMT x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://www.google.com/pagead/1p-conversion/1026675585/?random=1848132200&cv=7&fst=1700325027468&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI4bqzqvzNggMVhhtoCB2PVwwg&is_vtc=1&ocp_id=pOZYZeHYA4a3oPMPj6-xgAI&cid=CAQSKQDICaaNTo8BAi1QiTNnkV4Vbu72FXUq0GM5REw6tfsTKJjXdoPCIYfI&random=3514725820 content-type image/gif cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	spotx_match um.simpli.fi/ Frame 08AF	0 272 B	125ms 112ms	Image text/plain	35.236.220.17 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://um.simpli.fi/spotx_match Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.236.220.17 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 17.220.236.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://connect.segmint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers access-control-allow-origin * date Sat, 18 Nov 2023 16:30:27 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type access-control-allow-methods GET, POST, OPTIONS
GET H2	200	setuid ib.adnxs.com/ Frame 08AF Redirect Chain https://um.simpli.fi/an https://ib.adnxs.com/setuid?entity=66&code=114FF666A680434C9B9F2D99EA9A80F5	43 B 853 B	74ms 71ms	Image image/gif	68.67.161.208 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=66&code=114FF666A680434C9B9F2D99EA9A80F5 Protocol H2 Server 68.67.161.208 Brooklyn, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://connect.segmint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sat, 18 Nov 2023 16:30:28 GMT an-x-request-uuid f38968ad-bcc4-42fe-918a-9257b0ffcf3b server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif cache-control no-store, no-cache, private x-proxy-origin 38.132.118.71; 38.132.118.71; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers date Sat, 18 Nov 2023 16:30:27 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://ib.adnxs.com/setuid?entity=66&code=114FF666A680434C9B9F2D99EA9A80F5 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Fri, 17 Nov 2023 16:30:27 GMT
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame 08AF Redirect Chain https://um.simpli.fi/rb_match https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=114FF666A680434C9B9F2D99EA9A80F5&expires=365	42 B 774 B	280ms 60ms	Image image/gif	69.173.151.100 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=114FF666A680434C9B9F2D99EA9A80F5&expires=365 Protocol HTTP/1.1 Server 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-US,en;q=0.9 Referer https://connect.segmint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 42 X-RPHost 83041abbe8494cb29eff3083edd6dff6 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers date Sat, 18 Nov 2023 16:30:27 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=114FF666A680434C9B9F2D99EA9A80F5&expires=365 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Fri, 17 Nov 2023 16:30:27 GMT
GET H2	200	sd us-u.openx.net/w/1.0/ Frame 08AF Redirect Chain https://um.simpli.fi/ox_match https://us-u.openx.net/w/1.0/sd?id=537072966&val=114FF666A680434C9B9F2D99EA9A80F5 https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=114FF666A680434C9B9F2D99EA9A80F5	43 B 171 B	95ms 95ms	Image image/gif	35.244.159.8 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=114FF666A680434C9B9F2D99EA9A80F5 Protocol H2 Server 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language en-US,en;q=0.9 Referer https://connect.segmint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sat, 18 Nov 2023 16:30:28 GMT via 1.1 google server OXGW/0.0.0 vary Accept content-type image/gif p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers location https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=114FF666A680434C9B9F2D99EA9A80F5 date Sat, 18 Nov 2023 16:30:28 GMT via 1.1 google server OXGW/0.0.0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 p3p CP="CUR ADM OUR NOR STA NID"
GET H2	204	g_match um.simpli.fi/ Frame 08AF Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc= https://um.simpli.fi/g_match?id=&google_gid=CAESELWXqzKARYI5WJJlFMIP3o4&google_cver=1 https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=114FF666A680434C9B9F2D99EA9A80F5 https://um.simpli.fi/g_match?id=	0 320 B	57ms 56ms	Image text/plain	35.236.220.17 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://um.simpli.fi/g_match?id= Protocol H2 Server 35.236.220.17 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 17.220.236.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://connect.segmint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:28 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type expires Fri, 17 Nov 2023 16:30:28 GMT Redirect headers pragma no-cache date Sat, 18 Nov 2023 16:30:28 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://um.simpli.fi/g_match?id= p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 229 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	1cb1ecef-4911-4acc-b8a4-323103090a15.json Show response cdn.segmint.net/	313 B 962 B	64ms 62ms	XHR application/json	3.160.5.116 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segmint.net/1cb1ecef-4911-4acc-b8a4-323103090a15.json Requested by Host: cdn.segmint.net URL: https://cdn.segmint.net/segmint.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.160.5.116 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-160-5-116.cmh68.r.cloudfront.net Software AmazonS3 / Resource Hash 143e78d0fc535e02e2c719c0a29f9a6e2ac00959a552de99a3d62fb36b1e3cbf Request headers Referer https://www.imcu.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/json Response headers Date Sat, 18 Nov 2023 16:25:55 GMT Via 1.1 3553261692b84388f31d013fa1d022f0.cloudfront.net (CloudFront) X-Amz-Cf-Pop CMH68-P4 Age 328 x-amz-server-side-encryption AES256 X-Cache Hit from cloudfront Connection keep-alive Content-Length 313 Last-Modified Thu, 02 Mar 2023 21:15:14 GMT Server AmazonS3 ETag "9e8243276c884811a405bf54321be0b6" Access-Control-Max-Age 3000 Access-Control-Allow-Methods PUT, POST, DELETE, GET Content-Type application/json Access-Control-Allow-Origin * Cache-Control max-age=900 Accept-Ranges bytes X-Amz-Cf-Id zzwfdmcMhR0TmQ898Jt53RMs04onbUsoUD4Jfe_yySL9kSfDlb2oOg==
OPTIONS H/1.1	200 OK	1cb1ecef-4911-4acc-b8a4-323103090a15.json cdn.segmint.net/ Frame	0 0	143ms 143ms	Preflight	3.160.5.116 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segmint.net/1cb1ecef-4911-4acc-b8a4-323103090a15.json Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.160.5.116 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-160-5-116.cmh68.r.cloudfront.net Software AmazonS3 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://www.imcu.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Connection keep-alive Content-Length 0 Via 1.1 3553261692b84388f31d013fa1d022f0.cloudfront.net (CloudFront) X-Amz-Cf-Id vhrdY9BEaf-3IEJBWU091VKDSjlOwE17feJZ_x8OpvLJQYkgIBpPSA== X-Amz-Cf-Pop CMH68-P4 X-Cache Miss from cloudfront access-control-allow-headers content-type access-control-allow-methods PUT, POST, DELETE, GET access-control-allow-origin * access-control-max-age 3000 date Sat, 18 Nov 2023 16:30:29 GMT server AmazonS3 vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	223ms 64ms	Script text/javascript	2607:f8b0:4006:80a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRHXN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80a::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sat, 18 Nov 2023 14:38:10 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 6738 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Sat, 18 Nov 2023 16:38:10 GMT
GET H2	200	swap.js Show response cdn.callrail.com/companies/903706234/2b7b80f06241081c703b/12/	36 KB 11 KB	256ms 82ms	Script text/javascript	52.85.61.39 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.callrail.com/companies/903706234/2b7b80f06241081c703b/12/swap.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRHXN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.61.39 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-61-39.ewr53.r.cloudfront.net Software / Resource Hash 8d4e19d4fbff09f97d19c07963009c1e4cda8e37c4e34150fee1888f49033431 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:28 GMT content-encoding gzip x-content-type-options nosniff via 1.1 79455aeea26d3c071fd96c3c1432669a.cloudfront.net (CloudFront) x-permitted-cross-domain-policies none x-amz-cf-pop EWR53-P1 x-cache Miss from cloudfront x-xss-protection 1; mode=block x-request-id 3f3d2893-3e84-4d59-a4f9-ce98955a2bf7 x-runtime 0.009770 referrer-policy strict-origin-when-cross-origin etag W/"8d4e19d4fbff09f97d19c07963009c1e" x-download-options noopen vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control max-age=3600, public timing-allow-origin * x-amz-cf-id Qnd9CAMwpqy2aJW1dkRBYNE2DVXyfFsA-sAfnYn5yaxT5KwKshZlXw==
GET H2	200	activityi;dc_pre=CKPTwar8zYIDFcArigMdhl0Jhw;src=8136673;type=pagehit;cat=imcu-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5351284726013.759 Show response 8136673.fls.doubleclick.net/ Frame 79A0 Redirect Chain https://8136673.fls.doubleclick.net/activityi;src=8136673;type=pagehit;cat=imcu-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5351284726013.759? https://8136673.fls.doubleclick.net/activityi;dc_pre=CKPTwar8zYIDFcArigMdhl0Jhw;src=8136673;type=pagehit;cat=imcu-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5351284726013.759?	388 B 326 B	189ms 186ms	Document text/html	142.250.81.230 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://8136673.fls.doubleclick.net/activityi;dc_pre=CKPTwar8zYIDFcArigMdhl0Jhw;src=8136673;type=pagehit;cat=imcu-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5351284726013.759? Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRHXN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.81.230 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s74-in-f6.1e100.net Software cafe / Resource Hash f00a6206373d39de9cd049faaf850b7737eb6eec2ff2ae9a476053a7ce4493bf Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.imcu.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-encoding br content-length 217 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 18 Nov 2023 16:30:28 GMT expires Sat, 18 Nov 2023 16:30:28 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 18 Nov 2023 16:30:28 GMT expires Fri, 01 Jan 1990 00:00:00 GMT follow-only-when-prerender-shown 1 location https://8136673.fls.doubleclick.net/activityi;dc_pre=CKPTwar8zYIDFcArigMdhl0Jhw;src=8136673;type=pagehit;cat=imcu-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5351284726013.759? p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	activityi;dc_pre=CPu4war8zYIDFaPpKAUdCG8GDQ;src=8242951;type=pagehit;cat=aimcu006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9818525438304.107 Show response 8242951.fls.doubleclick.net/ Frame B218 Redirect Chain https://8242951.fls.doubleclick.net/activityi;src=8242951;type=pagehit;cat=aimcu006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9818525438304.107? https://8242951.fls.doubleclick.net/activityi;dc_pre=CPu4war8zYIDFaPpKAUdCG8GDQ;src=8242951;type=pagehit;cat=aimcu006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9818525438304.107?	390 B 327 B	96ms 88ms	Document text/html	142.250.81.230 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://8242951.fls.doubleclick.net/activityi;dc_pre=CPu4war8zYIDFaPpKAUdCG8GDQ;src=8242951;type=pagehit;cat=aimcu006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9818525438304.107? Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRHXN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.81.230 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s74-in-f6.1e100.net Software cafe / Resource Hash 6dac19c69634b63cddb5289df1dea28a707720466ad67e8915af0e13df90dda5 Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.imcu.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-encoding br content-length 218 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 18 Nov 2023 16:30:28 GMT expires Sat, 18 Nov 2023 16:30:28 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 18 Nov 2023 16:30:28 GMT expires Fri, 01 Jan 1990 00:00:00 GMT follow-only-when-prerender-shown 1 location https://8242951.fls.doubleclick.net/activityi;dc_pre=CPu4war8zYIDFaPpKAUdCG8GDQ;src=8242951;type=pagehit;cat=aimcu006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9818525438304.107? p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
OPTIONS H/1.1	204 No Content	event connect.segmint.net/ Frame	0 0	61ms 60ms	Preflight	52.45.67.236 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://connect.segmint.net/event Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.45.67.236 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-45-67-236.compute-1.amazonaws.com Software openresty / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://www.imcu.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers X-Auth-Username, X-Auth-Password, X-Auth-New-Password, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since Access-Control-Allow-Methods GET, POST, PUT, DELETE, OPTIONS, HEAD Access-Control-Allow-Origin https://www.imcu.com Access-Control-Max-Age 1728000 Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 0 Date Sat, 18 Nov 2023 16:30:26 GMT Expires 0 P3P CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info." Pragma no-cache Server openresty
POST H/1.1	200 OK	event Show response connect.segmint.net/	0 637 B	66ms 64ms	XHR text/plain	52.45.67.236 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://connect.segmint.net/event Requested by Host: cdn.segmint.net URL: https://cdn.segmint.net/segmint.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.45.67.236 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-45-67-236.compute-1.amazonaws.com Software openresty / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.imcu.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/json Response headers Pragma no-cache Date Sat, 18 Nov 2023 16:30:14 GMT Server openresty P3P CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info." Access-Control-Allow-Origin https://www.imcu.com Content-Type text/plain;charset=UTF-8 Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Length 0 X-Application-Context site-event-receiver-service:prod:7084 Expires 0
GET H/1.1	200 OK	en1Er9rn5M Show response connect.segmint.net/iframe/doughnut/ Frame 21EA	509 B 1 KB	77ms 76ms	Document text/html	52.45.67.236 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://connect.segmint.net/iframe/doughnut/en1Er9rn5M Requested by Host: cdn.segmint.net URL: https://cdn.segmint.net/segmint.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.45.67.236 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-45-67-236.compute-1.amazonaws.com Software openresty / Resource Hash 0aa49cded6c89343a514ac6a5bdf368cc49b43193c968852fa56a9b82e25cb32 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.imcu.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Access-Control-Allow-Credentials true Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Encoding gzip Content-Language en-US Content-Length 307 Content-Type text/html;charset=UTF-8 Date Sat, 18 Nov 2023 16:30:14 GMT Expires 0 P3P CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info." Pragma no-cache Server openresty Vary Accept-Encoding X-Application-Context offer-delivery:prod:7074 X-B3-Sampled 1 X-B3-SpanId 69a1d301d07699aa X-B3-TraceId 69a1d301d07699aa X-Content-Type-Options nosniff X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	cookie-mapper maprtb.segmint.net/rtb/simpli-fi/ Frame 21EA Redirect Chain https://um.simpli.fi/segmint https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=114FF666A680434C9B9F2D99EA9A80F5	43 B 412 B	63ms 62ms	Image image/gif	54.156.136.130 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=114FF666A680434C9B9F2D99EA9A80F5 Requested by Host: connect.segmint.net URL: https://connect.segmint.net/iframe/doughnut/en1Er9rn5M Protocol HTTP/1.1 Server 54.156.136.130 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-156-136-130.compute-1.amazonaws.com Software openresty / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language en-US,en;q=0.9 Referer https://connect.segmint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Pragma no-cache Date Sat, 18 Nov 2023 16:30:28 GMT Server openresty X-B3-TraceId 90563210aeb5b990 Content-Type image/gif; charset=UTF-8 Cache-Control no-cache, no-store, must-revalidate X-B3-SpanId 90563210aeb5b990 X-B3-Sampled 1 Connection keep-alive Content-Length 43 X-Application-Context cookie-mapper:prod:7077 Expires 0 Redirect headers date Sat, 18 Nov 2023 16:30:28 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=114FF666A680434C9B9F2D99EA9A80F5 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Fri, 17 Nov 2023 16:30:28 GMT
GET H2	200	ec0a3730-0bdd-0139-387d-06abc14c0bc6 Show response tag.simpli.fi/sifitag/ Frame 21EA	3 KB 1 KB	71ms 70ms	Script application/javascript	34.171.47.125 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://tag.simpli.fi/sifitag/ec0a3730-0bdd-0139-387d-06abc14c0bc6 Requested by Host: connect.segmint.net URL: https://connect.segmint.net/iframe/doughnut/en1Er9rn5M Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.171.47.125 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 125.47.171.34.bc.googleusercontent.com Software openresty / Resource Hash 173dd338673eb7e21df3c0ff3a86e0f1f752bf33468b01d1d89d09ac39e64132 Request headers accept-language en-US,en;q=0.9 Referer https://connect.segmint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sat, 18 Nov 2023 16:30:28 GMT content-encoding gzip server openresty vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 x-request-id F5jEmsL4LoE69wPnb4jJ expires Thu, 01 Jan 1970 00:00:00 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	15 B 219 B	78ms 77ms	XHR text/plain	2607:f8b0:4006:80a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1626966769&t=pageview&_s=1&dl=https%3A%2F%2Fwww.imcu.com%2F&ul=en-us&de=UTF-8&dt=Indiana%20Members%20Credit%20Union%3A%20Keeping%20It%20Simple&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAAC~&jid=1652821966&gjid=1273035411&cid=2064449441.1700325027&tid=UA-101576590-3&_gid=1802294145.1700325028&_r=1&_slc=1&gtm=45He3b81n71WDRHXNv72671689&gcd=11l1l1l1l1&dma=0&z=787783389 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80a::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a5b94a48260f3b7d6b48c4f1a0516a1d3d7bc3e466e4e22b6440348fe46140b0 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.imcu.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 18 Nov 2023 16:30:28 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.imcu.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	external_forms.js Show response js.callrail.com/companies/903706234/	23 KB 7 KB	250ms 81ms	Script text/javascript	3.160.5.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.callrail.com/companies/903706234/external_forms.js?t=1700325028352& Requested by Host: cdn.callrail.com URL: https://cdn.callrail.com/companies/903706234/2b7b80f06241081c703b/12/swap.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.160.5.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-160-5-47.cmh68.r.cloudfront.net Software / Resource Hash bb520d834b4b8107e8cd589e6fb93cf0fd70c6282bc711c597978eb1598fa40c Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:28 GMT content-encoding gzip x-content-type-options nosniff via 1.1 4cdcf8406ed0f002560c00fdc60b6ee0.cloudfront.net (CloudFront) x-permitted-cross-domain-policies none x-amz-cf-pop CMH68-P4 x-cache Miss from cloudfront x-xss-protection 1; mode=block x-request-id c6537e1e-a532-4ecf-8dc4-2a8bf567d2bd x-runtime 0.003048 referrer-policy strict-origin-when-cross-origin etag W/"bb520d834b4b8107e8cd589e6fb93cf0" x-download-options noopen vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control max-age=0, private, must-revalidate x-amz-cf-id ulqdknAAthD336TIbNQUTaeq0jyKYnmvkbmDBLPAgYZRljtYHjYMNw==
POST		swap_session.json js.callrail.com/group/0/2b7b80f06241081c703b/12/	0 0
GET H2	200	p Show response i.simpli.fi/ Frame 21EA	40 B 291 B	57ms 57ms	Script application/javascript	34.86.70.109 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://i.simpli.fi/p?cid=283320&cb=sifi_att_27612299117._hp Requested by Host: tag.simpli.fi URL: https://tag.simpli.fi/sifitag/ec0a3730-0bdd-0139-387d-06abc14c0bc6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.86.70.109 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 109.70.86.34.bc.googleusercontent.com Software openresty / Resource Hash 4024823caf7d29310cc3dab0e50fb3e3f4347ec7b3961f3fed0a9b83690dd85e Request headers accept-language en-US,en;q=0.9 Referer https://connect.segmint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sat, 18 Nov 2023 16:30:28 GMT content-encoding gzip server openresty vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	227 KB 81 KB	109ms 106ms	Script application/javascript	2607:f8b0:4006:823::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-YV4CDMLBMQ&cx=c&_slc=1 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:823::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash fcea644b35f29712b4181b49691eb1cd81e8dd60ce59541100e159329ec2af35 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 16:30:28 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 82740 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sat, 18 Nov 2023 16:30:28 GMT
GET H2	200	dc_pre=CPu4war8zYIDFaPpKAUdCG8GDQ;src=8242951;type=pagehit;cat=aimcu006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9818525438304.107 adservice.google.com/ddm/fls/z/ Frame B218	42 B 401 B	429ms 93ms	Image image/gif	2607:f8b0:4006:81f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://adservice.google.com/ddm/fls/z/dc_pre=CPu4war8zYIDFaPpKAUdCG8GDQ;src=8242951;type=pagehit;cat=aimcu006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9818525438304.107 Requested by Host: 8242951.fls.doubleclick.net URL: https://8242951.fls.doubleclick.net/activityi;dc_pre=CPu4war8zYIDFaPpKAUdCG8GDQ;src=8242951;type=pagehit;cat=aimcu006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9818525438304.107? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://8242951.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sat, 18 Nov 2023 16:30:28 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dc_pre=CKPTwar8zYIDFcArigMdhl0Jhw;src=8136673;type=pagehit;cat=imcu-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5351284726013.759 adservice.google.com/ddm/fls/z/ Frame 79A0	42 B 107 B	336ms 98ms	Image image/gif	2607:f8b0:4006:81f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://adservice.google.com/ddm/fls/z/dc_pre=CKPTwar8zYIDFcArigMdhl0Jhw;src=8136673;type=pagehit;cat=imcu-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5351284726013.759 Requested by Host: 8136673.fls.doubleclick.net URL: https://8136673.fls.doubleclick.net/activityi;dc_pre=CKPTwar8zYIDFcArigMdhl0Jhw;src=8136673;type=pagehit;cat=imcu-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5351284726013.759? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://8136673.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sat, 18 Nov 2023 16:30:28 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	collect www.google-analytics.com/g/	0 17 B	79ms 78ms	Ping text/plain	2607:f8b0:4006:80a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-YV4CDMLBMQ&gtm=45je3b81v9124186657&_p=1700325025920&gcd=11l1l1l1l2&dma=0&ul=en-us&sr=1600x1200&cid=2064449441.1700325027&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.imcu.com%2F&dt=Indiana%20Members%20Credit%20Union%3A%20Keeping%20It%20Simple&sid=1700325028&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3419 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-YV4CDMLBMQ&cx=c&_slc=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80a::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sat, 18 Nov 2023 16:30:28 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.imcu.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activityi;dc_pre=CKax6Kz8zYIDFYUnigMdPH8APw;src=8242951;type=pagehit;cat=aimcu00h;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8991896321566.053 Show response 8242951.fls.doubleclick.net/ Frame 3FE2 Redirect Chain https://8242951.fls.doubleclick.net/activityi;src=8242951;type=pagehit;cat=aimcu00h;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8991896321566.053? https://8242951.fls.doubleclick.net/activityi;dc_pre=CKax6Kz8zYIDFYUnigMdPH8APw;src=8242951;type=pagehit;cat=aimcu00h;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8991896321566...	401 B 247 B	89ms 89ms	Document text/html	142.250.81.230 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://8242951.fls.doubleclick.net/activityi;dc_pre=CKax6Kz8zYIDFYUnigMdPH8APw;src=8242951;type=pagehit;cat=aimcu00h;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8991896321566.053? Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDRHXN Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.81.230 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s74-in-f6.1e100.net Software cafe / Resource Hash a4dd913b172c62e626ebfc0b936c3e75306e420069182e7504f86c8b49ef7e08 Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.imcu.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-encoding br content-length 224 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 18 Nov 2023 16:30:33 GMT expires Sat, 18 Nov 2023 16:30:33 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 18 Nov 2023 16:30:33 GMT expires Fri, 01 Jan 1990 00:00:00 GMT follow-only-when-prerender-shown 1 location https://8242951.fls.doubleclick.net/activityi;dc_pre=CKax6Kz8zYIDFYUnigMdPH8APw;src=8242951;type=pagehit;cat=aimcu00h;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8991896321566.053? p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	collect www.google-analytics.com/	35 B 55 B	66ms 64ms	Image image/gif	2607:f8b0:4006:80a::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j101&a=1626966769&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.imcu.com%2F&ul=en-us&de=UTF-8&dt=Indiana%20Members%20Credit%20Union%3A%20Keeping%20It%20Simple&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Engagement&ea=5%20Seconds&_u=aADAAAABAAAAAC~&jid=&gjid=&cid=2064449441.1700325027&tid=UA-101576590-3&_gid=1802294145.1700325028&gtm=45He3b81n71WDRHXNv72671689&gcd=11l1l1l1l1&dma=0&z=69591962 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80a::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://www.imcu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Fri, 17 Nov 2023 18:22:46 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 79667 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	dc_pre=CKax6Kz8zYIDFYUnigMdPH8APw;src=8242951;type=pagehit;cat=aimcu00h;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8991896321566.053 adservice.google.com/ddm/fls/z/ Frame 3FE2	42 B 107 B	94ms 93ms	Image image/gif	2607:f8b0:4006:81f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://adservice.google.com/ddm/fls/z/dc_pre=CKax6Kz8zYIDFYUnigMdPH8APw;src=8242951;type=pagehit;cat=aimcu00h;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8991896321566.053 Requested by Host: 8242951.fls.doubleclick.net URL: https://8242951.fls.doubleclick.net/activityi;dc_pre=CKax6Kz8zYIDFYUnigMdPH8APw;src=8242951;type=pagehit;cat=aimcu00h;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8991896321566.053? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://8242951.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sat, 18 Nov 2023 16:30:33 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.surveycarrot.com

URL

https://www.surveycarrot.com/js/image_view.js

Domain

analytics.tiktok.com

URL

https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CE7OEJRC77UA05OMSG6G&lib=ttq

Domain

js.callrail.com

URL

https://js.callrail.com/group/0/2b7b80f06241081c703b/12/swap_session.json