urlscan.io logo urlscan.io
SecurityTrails logo

myeducation.com Open in urlscan Pro
20.40.202.36  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://myeducation.com/
Effective URL: https://myeducation.com/
Submission: On June 26 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 3 countries across 13 domains to perform 48 HTTP transactions. The main IP is 20.40.202.36, located in Des Moines, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is myeducation.com.
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 08 on March 13th 2024. Valid for: a year.
This is the only time myeducation.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 20.40.202.36 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
4 152.199.19.160 15133 (EDGECAST)
1 2a04:4e42:600... 54113 (FASTLY)
2 104.17.25.14 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
5 2.18.64.26 20940 (AKAMAI-ASN1)
1 6 52.205.118.103 14618 (AMAZON-AES)
2 2600:9000:223... 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
4 45.223.19.68 19551 (INCAPSULA)
1 13.32.23.225 16509 (AMAZON-02)
48 15
17    20.40.202.36 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
myeducation.com
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
ajax.aspnetcdn.com
1    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
5    2.18.64.26 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-64-26.deploy.static.akamaitechnologies.com
analytics.tiktok.com
6    52.205.118.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-118-103.compute-1.amazonaws.com
api.trustedform.com
2    2600:9000:223d:e200:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.trustedform.com
1    2606:4700:10::6816:27b6 (United States)

ASN13335 (CLOUDFLARENET, US)
create.lidstatic.com
2    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    45.223.19.68 (United States)

ASN19551 (INCAPSULA, US)
create.leadid.com
1    13.32.23.225 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-225.fra56.r.cloudfront.net
d2m2wsoho8qq12.cloudfront.net
Apex Domain
Subdomains		 Transfer
17 myeducation.com
myeducation.com
756 KB
8 trustedform.com
api.trustedform.com — Cisco Umbrella Rank: 24046
cdn.trustedform.com — Cisco Umbrella Rank: 29437
44 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 787
140 KB
4 leadid.com
create.leadid.com — Cisco Umbrella Rank: 13933
3 KB
4 aspnetcdn.com
ajax.aspnetcdn.com — Cisco Umbrella Rank: 3146
150 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 204
73 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 268
9 KB
1 cloudfront.net
d2m2wsoho8qq12.cloudfront.net
1 gstatic.com
fonts.gstatic.com
33 KB
1 lidstatic.com
create.lidstatic.com — Cisco Umbrella Rank: 21704
39 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 381
40 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
1 KB
48 13
Domain Requested by
17 myeducation.com myeducation.com
ajax.aspnetcdn.com
6 api.trustedform.com 1 redirects analytics.tiktok.com
cdn.trustedform.com
5 analytics.tiktok.com myeducation.com
analytics.tiktok.com
4 create.leadid.com analytics.tiktok.com
4 ajax.aspnetcdn.com myeducation.com
ajax.aspnetcdn.com
2 www.facebook.com myeducation.com
2 cdn.trustedform.com myeducation.com
api.trustedform.com
2 connect.facebook.net myeducation.com
connect.facebook.net
2 cdnjs.cloudflare.com myeducation.com
1 d2m2wsoho8qq12.cloudfront.net create.lidstatic.com
1 fonts.gstatic.com fonts.googleapis.com
1 create.lidstatic.com myeducation.com
1 cdn.jsdelivr.net myeducation.com
1 fonts.googleapis.com myeducation.com
48 14

This site contains no links.

Subject Issuer Validity Valid
*.azurewebsites.net
Microsoft Azure RSA TLS Issuing CA 08		 2024-03-13 -
2025-03-08		 a year crt.sh
upload.video.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2024-06-06 -
2025-06-06		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-04-05 -
2024-07-04		 3 months crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
lidstatic.com
E1		 2024-05-25 -
2024-08-23		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
imperva.com
GlobalSign Atlas R3 DV TLS CA 2024 Q2		 2024-04-24 -
2024-10-21		 6 months crt.sh
*.trustedform.com
Amazon RSA 2048 M03		 2023-08-11 -
2024-09-07		 a year crt.sh
cdn.trustedform.com
Amazon RSA 2048 M03		 2024-02-13 -
2025-03-13		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh

This page contains 2 frames:

Primary Page: https://myeducation.com/
Frame ID: 2A916DAB5891809D2D4D7B93638D26B0
Requests: 48 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=D393C0AC-9530-0E12-DD91-A8D46808475E&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=4E946A7E-30A0-4C73-A9D8-43E60AF35787&lac=48FB0190-F35E-11E0-9AF4-12313D1C3D7C
Frame ID: 2BA1B90AFA6E1782AC5AC24A1CB179AE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MyEducation.com - School Search

Page URL History Show full URLs

  1. http://myeducation.com/ HTTP 307
    https://myeducation.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

48
Requests

63 %
HTTPS

50 %
IPv6

13
Domains

14
Subdomains

15
IPs

3
Countries

1301 kB
Transfer

2437 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://myeducation.com/ HTTP 307
    https://myeducation.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17194380125010.5271344998969822&invert_field_sensitivity=false HTTP 301
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17194380125010.5271344998969822&invert_field_sensitivity=false

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
myeducation.com/
Redirect Chain
  • http://myeducation.com/
  • https://myeducation.com/
26 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://myeducation.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.40.202.36 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a6c01be2b11a120d765885714dca24737e86061e20a49be710a1caba35f1140c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Encoding
gzip
Content-Length
8484
Content-Type
text/html; charset=utf-8
Date
Wed, 26 Jun 2024 21:40:11 GMT
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
X-Powered-By
ASP.NET

Redirect headers

Location
https://myeducation.com/
Non-Authoritative-Reason
HttpsUpgrades
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:100,400,600,700,800
Requested by
Host: myeducation.com
URL: https://myeducation.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f67b0d45b9ca6673aac4eca28d8ff4d809d86ec36a25a3dbfdd739841a4c9919
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://myeducation.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 26 Jun 2024 21:40:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 26 Jun 2024 21:40:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 26 Jun 2024 21:40:12 GMT
bootstrap.min.css
ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/css/ 		118 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: myeducation.com
URL: https://myeducation.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CB2) /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://myeducation.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 21:40:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8185976
x-cache
HIT
content-length
19629
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:10:18 GMT
server
ECAcc (frc/4CB2)
etag
"0e914f2cb33d21:0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
site.min.css
myeducation.com/css/ 		7 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://myeducation.com/css/site.min.css?v=LVG3J--HTFuBxRP8vah4LJPkB2blBI_q8mY7RXTN--c
Requested by
Host: myeducation.com
URL: https://myeducation.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.40.202.36 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2d51b727ef874c5b81c513fcbda8782c93e40766e5048feaf2663b4574cdfbe7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://myeducation.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 26 Jun 2024 21:40:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Mar 2022 12:32:20 GMT
Server
Microsoft-IIS/10.0
ETag
"1d83931e1173ea1"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
2635
logo.png
myeducation.com/images/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myeducation.com/images/logo.png
Requested by
Host: myeducation.com
URL: https://myeducation.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.40.202.36 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f13b802e83536ab3764578309bac5241bee4e75e5d54729b11cb023c04c41247

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://myeducation.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 26 Jun 2024 21:40:12 GMT
Last-Modified
Wed, 16 Mar 2022 12:32:20 GMT
Server
Microsoft-IIS/10.0
ETag
"1d83931e1171398"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
12696
MatchMaxForm.js
myeducation.com/js/ 		45 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myeducation.com/js/MatchMaxForm.js?v=WzNQUUswQWxxy85fTMewJGHTWaMoURmVzAfc1hE47_k
Requested by
Host: myeducation.com
URL: https://myeducation.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.40.202.36 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a576b44576fb48ed2282092b8a8d4131b60c431a487e90eb409086a4533deee1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://myeducation.com/
Origin
https://myeducation.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 26 Jun 2024 21:40:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Mar 2022 12:32:20 GMT
Server
Microsoft-IIS/10.0
ETag
"1d83931e117901c"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
11420
book-icon.png
myeducation.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myeducation.com/images/book-icon.png
Requested by
Host: myeducation.com
URL: https://myeducation.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.40.202.36 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ddae01837899260db1fe9fe661093b176747326f4358fe947e5ab790143213b7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://myeducation.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 26 Jun 2024 21:40:12 GMT
Last-Modified
Wed, 16 Mar 2022 12:32:20 GMT
Server
Microsoft-IIS/10.0
ETag
"1d83931e1172538"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1848
phone-icon.png
myeducation.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myeducation.com/images/phone-icon.png
Requested by
Host: myeducation.com
URL: https://myeducation.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.40.202.36 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
481a728c1d104d98f6edb0b5c872f829d27a2f90b055aeac7eda28a10e29b07c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://myeducation.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 26 Jun 2024 21:40:12 GMT
Last-Modified
Wed, 16 Mar 2022 12:32:20 GMT
Server
Microsoft-IIS/10.0
ETag
"1d83931e1172afb"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
2299
shadow-divider.png
myeducation.com/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myeducation.com/images/shadow-divider.png
Requested by
Host: myeducation.com
URL: https://myeducation.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.40.202.36 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
08100de389d23b2b5bf70de6c3bde8dd25a99fb2612c5942f0920812ce746db5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://myeducation.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 26 Jun 2024 21:40:12 GMT
Last-Modified
Wed, 16 Mar 2022 12:32:20 GMT
Server
Microsoft-IIS/10.0
ETag
"1d83931e1172f67"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
3431
logo-grey.png
myeducation.com/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myeducation.com/images/logo-grey.png
Requested by
Host: myeducation.com
URL: https://myeducation.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.40.202.36 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1f26c5c6227919364b63acbc7d08a15e72be4dccd400c8a693444b6382bab3e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://myeducation.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 26 Jun 2024 21:40:12 GMT
Last-Modified
Wed, 16 Mar 2022 12:32:20 GMT
Server
Microsoft-IIS/10.0
ETag
"1d83931e1170bd0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
10704
jquery-3.2.1.js
ajax.aspnetcdn.com/ajax/jQuery/ 		262 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.2.1.js
Requested by
Host: myeducation.com
URL: https://myeducation.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CEC) /
Resource Hash
0d9027289ffa5d9f6c8b4e0782bb31bbff2cef5ee3708ccbcb7a22df9128bb21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://myeducation.com/
Origin
https://myeducation.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 21:40:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8185808
x-cache
HIT
content-length
105302
x-xss-protection
1; mode=block
last-modified
Mon, 20 Mar 2017 19:54:12 GMT
server
ECAcc (frc/4CEC)
etag
"3df23bfb3a1d21:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
bootstrap.min.js
ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/bootstrap.min.js
Requested by
Host: myeducation.com
URL: https://myeducation.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C95) /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://myeducation.com/
Origin
https://myeducation.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 21:40:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8186019
x-cache
HIT
content-length
9839
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:09:59 GMT
server
ECAcc (frc/4C95)
etag
"80bdc1e6cb33d21:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
vue.min.js
cdn.jsdelivr.net/npm/vue@2/dist/ 		105 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vue@2/dist/vue.min.js
Requested by
Host: myeducation.com
URL: https://myeducation.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3c1d4b0c549e8de9d4a9bafb12ab70b6a1ac747d07293b98c5b25b6632999afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://myeducation.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 26 Jun 2024 21:40:12 GMT
x-content-type-options
nosniff
content-encoding
br
age
13068
x-jsd-version
2.7.16
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
40342
x-served-by
cache-fra-eddf8230139-FRA, cache-cph2320050-CPH
x-jsd-version-type
version
etag
W/"1a49f-RSXL0WfJYyQBbqolhHA+ICToXJA"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
site.min.js
myeducation.com/js/ 		168 B
542 B 		Script
General
Check archive.org
Download Go to
Full URL
https://myeducation.com/js/site.min.js?v=LOSGAWKld1qC02wH0hUXv5kTNbK_PimaczbSokvCbD0
Requested by
Host: myeducation.com
URL: https://myeducation.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.40.202.36 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2ce4860162a5775a82d36c07d21517bf991335b2bf3e299a7336d2a24bc26c3d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://myeducation.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 26 Jun 2024 21:40:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Mar 2022 12:32:22 GMT
Server
Microsoft-IIS/10.0
ETag
"1d83931e2484fa8"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
236
jquery.validate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.17.0/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.17.0/jquery.validate.min.js
Requested by
Host: myeducation.com
URL: https://myeducation.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://myeducation.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 21:40:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1135605
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6677
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-5add"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bfJA5hDZGsQvdaw7vJ5XT0LDJUeXXBGGsUEEjo0qpOymiH05z%2B6uTFzZnSbmhXyIK8e85qGyOXW4fjTyA20n5ocpqAunT7KRVPHg5VJagLHKvS8Qe0QGQEu2H7qj93PW%2FIE5UQhp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
89a05aba493e3718-FRA
expires
Mon, 16 Jun 2025 21:40:12 GMT
jquery.validate.unobtrusive.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-validation-unobtrusive/3.2.6/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-validation-unobtrusive/3.2.6/jquery.validate.unobtrusive.min.js
Requested by
Host: myeducation.com
URL: https://myeducation.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83540a1b1aaca7ec79264b8dfc98c797dea37b6c33b604b95a8e21e1cee09bd3
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://myeducation.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 21:40:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
531333
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1740
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-1494"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JbrJGs5wRYnmssC2tITMHQ9DKirS%2FdcIBhwH03VzUndGLyx6ybrAv7gGnzauMZr0L4Vz3WZWSAckKa9UZ4An64wB2QYcwwfqN41Ozj6mEvxu%2FNNpqcO7y1zceNpZmQ2CU6GhVncI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
89a05aba49423718-FRA
expires
Mon, 16 Jun 2025 21:40:12 GMT
LoadCss.js
myeducation.com/js/ 		176 B
566 B 		Script
General
Check archive.org
Download Go to
Full URL
https://myeducation.com/js/LoadCss.js
Requested by
Host: myeducation.com
URL: https://myeducation.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.40.202.36 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3d908a2a266f5b6f3a5b9bf582f1c5606935db7d2ce6447f5b199aebe829ae24

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://myeducation.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 26 Jun 2024 21:40:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Mar 2022 12:32:20 GMT
Server
Microsoft-IIS/10.0
ETag
"1d83931e11722b0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
260
fbevents.js
connect.facebook.net/en_US/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: myeducation.com
URL: https://myeducation.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
de1805522e8bde4516893684590f431b5bc8716638f3b9cdbf4e987767e61a65
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://myeducation.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 26 Jun 2024 21:40:12 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58251
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1297, tbw=2787, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
LmaesZw1YsdvjNyIvtOUe3nSpsJ6e3PtECLVFsRnuTtJbBCZWWwfjIfrDwHsAf5kk3kWxGHc87S0BotnAtIg7Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2SE5S7ITOVKPVP61TFG&lib=ttq
Requested by
Host: myeducation.com
URL: https://myeducation.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-64-26.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b45c2cf3470fdfb0d31be644d7b351059b71d0a899db8c2c5906097d4e64f905

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://myeducation.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
13f639a2
date
Wed, 26 Jun 2024 21:40:12 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240626214012518FE4299BB68B08DE31-7978783557330F15-00
x-cache
TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
server-timing
inner; dur=21, cdn-cache; desc=MISS, edge; dur=0, origin; dur=110
content-length
1677
pragma
no-cache
server
nginx
x-tt-logid
20240626214012518FE4299BB68B08DE31
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
110,2.20.179.90
x-tt-trace-host
01ff6b768b14294ecff56a5a18a214780caa282160f035960ed159d517b5f1b9fa5f20134c8b74ca48fe61366b3bc15429631af6347f73f737b840b0bd67dc60e1cd402eb485346b47d0feb64c36ed56b8d1109b91530d70da87dff18a17c38e14
expires
Wed, 26 Jun 2024 21:40:12 GMT
bg-img.jpg
myeducation.com/images/ 		640 KB
640 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myeducation.com/images/bg-img.jpg
Requested by
Host: myeducation.com
URL: https://myeducation.com/css/site.min.css?v=LVG3J--HTFuBxRP8vah4LJPkB2blBI_q8mY7RXTN--c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.40.202.36 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
867f1b9c827705eed429c2db787a8b082479ebea292174dbffe4dc5e0a234e8f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://myeducation.com/css/site.min.css?v=LVG3J--HTFuBxRP8vah4LJPkB2blBI_q8mY7RXTN--c
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 26 Jun 2024 21:40:12 GMT
Last-Modified
Wed, 16 Mar 2022 12:32:20 GMT
Server
Microsoft-IIS/10.0
ETag
"1d83931e11edd40"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
655168
bootstrap.js
cdn.trustedform.com/
Redirect Chain
  • https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17194380125010.5271344998969822&invert_field_sensitivity=false
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17194380125010.5271344998969822&invert_field_sensitivity=false
16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17194380125010.5271344998969822&invert_field_sensitivity=false
Requested by
Host: myeducation.com
URL: https://myeducation.com/
Protocol
H2
Server
2600:9000:223d:e200:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5bd89bfca3ca1cb53de9cf357ddc8e0e2041837783db4d49995cfb5ddd4acbc9

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://myeducation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 26 Jun 2024 21:40:14 GMT
x-amz-version-id
USH.kGm.LW1lWf1QLkIlyNzwTMcmWmXb
content-encoding
gzip
last-modified
Thu, 06 Jun 2024 20:45:19 GMT
server
AmazonS3
via
1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
etag
W/"7714c59720fe363c09fbb7ada2282741"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
Oc8XMBBodYeAy9CiNZU14jy1n5LMehwYnZqzqFj13LnuJzew61zrrg==

Redirect headers

location
https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17194380125010.5271344998969822&invert_field_sensitivity=false
date
Wed, 26 Jun 2024 21:40:12 GMT
server
awselb/2.0
content-length
134
content-type
text/html
320329805763272
connect.facebook.net/signals/config/ 		68 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/320329805763272?v=2.9.159&r=stable&domain=myeducation.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C39%2C33%2C134%2C14%2C48%2C180%2C179%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b4982d1a8a71a41bdd43b2de498b9f41ebdb16e450f35bea52ef546fd53636d3
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://myeducation.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 26 Jun 2024 21:40:12 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=44, rtx=0, c=65, mss=1297, tbw=63773, tp=-1, tpl=-1, uplat=247, ullat=0
pragma
public
x-fb-debug
LhYd+0zL7jfNXAyEp5GNsZ9EPfRkqU833Oy+KZ2J6Mx6EsdhywgGzV1aV4wtBJTS+ibOjLhwcXdjbVUQbnbp5w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
main.MTU0NDc1MDUxMA.js
analytics.tiktok.com/i18n/pixel/static/ 		339 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2SE5S7ITOVKPVP61TFG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-64-26.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
47d3e5c22630f08413d65b1507e3c2600f0dea1ae83f045f9f1a0be5514efee2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://myeducation.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
13f63c47
date
Wed, 26 Jun 2024 21:40:12 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20240620151359C335DD061A25F985A2C3
x-tt-trace-id
00-240620151359C335DD061A25F985A2C3-0E6C0D03514DC990-00
vary
Accept-Encoding
x-cache
TCP_HIT from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01be17cf2c4172650f467eaa12ea488c851337ef95428b315102f23f109f3e48bc4823203045d83bc0df83689808f2135b22c360b91060d6282dd48ae8aa1c41e86429abceba0eeaf8d51df670fd53e94bb7af2ec99248844040dba64470e71e13
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length
98483
identify_ce1d8843.js
analytics.tiktok.com/i18n/pixel/static/ 		146 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_ce1d8843.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-64-26.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://myeducation.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
13f63eb9
date
Wed, 26 Jun 2024 21:40:12 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202405211400007B05E65B9CAD80486EDE
x-tt-trace-id
00-2405211400007B05E65B9CAD80486EDE-400B715293803C3A-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
017874a0935aef664d38b9a2c29dcae40eace53b0c18a95cd6e37f0e5a78c95d464bff2c84cd6cf36ca5b1dbb61279987bfbbfc383295ed68a6d7fe8c387f300402c8156a89d9a6220adf260fbbfb9d4fdd65a4c8c0c529b5204175296c6f72401
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length
39577
pixel
analytics.tiktok.com/api/v2/ 		0
699 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-64-26.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://myeducation.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
13f63eeb
date
Wed, 26 Jun 2024 21:40:13 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-24062621401294E8E95099EC8A1DAA17-6E5B0A9D27F5C833-00
x-cache
TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
server-timing
inner; dur=29, cdn-cache; desc=MISS, edge; dur=4, origin; dur=118
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2024062621401294E8E95099EC8A1DAA17
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
118,2.20.179.90
x-tt-trace-host
01ff6b768b14294ecff56a5a18a214780caa282160f035960ed159d517b5f1b9fa2849a0bc574192f811ffaabf15ef24304bdee84659be9569162b7756d4fd0a856ad6313da54a820e3fa126e6cfa7af963e66040d3dcf3ef98667c5d017e19f64
access-control-allow-headers
Authorization,*
expires
Wed, 26 Jun 2024 21:40:13 GMT
4e946a7e-30a0-4c73-a9d8-43e60af35787.js
create.lidstatic.com/campaign/ 		121 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://create.lidstatic.com/campaign/4e946a7e-30a0-4c73-a9d8-43e60af35787.js?snippet_version=2
Requested by
Host: myeducation.com
URL: https://myeducation.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:27b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f19def1d5f761ba1e6240a99bbddc1ea1d22e37ad4731c78da648b3ad219bf4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://myeducation.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 21:40:13 GMT
x-amz-version-id
6bzmuPBP0RE0s0nqyKCmb5rgSKcfoeIO
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
3V6ZRSHV9DYFE2J2
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
zp17Kt26MMoJvyu0L5SWespCPnzoZdnGSXTk84lkiiQ3qDAn97WsJDjaBAFfsP9XNEMoOp6Y4f5mZNNR2GtoTIucrhhePuxO
last-modified
Wed, 17 Jan 2024 16:43:39 GMT
server
cloudflare
etag
W/"a16454abd2e9c73875aa06c449894469"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=1800
cf-ray
89a05abd8f6a381b-FRA
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=320329805763272&ev=PageView&dl=https%3A%2F%2Fmyeducation.com%2F&rl=&if=false&ts=1719438013069&sw=1600&sh=1200&v=2.9.159&r=stable&ec=0&o=4126&fbp=fb.1.1719438013067.122194912232545786&cs_est=true&ler=empty&cdl=API_unavailable&it=1719438012701&coo=false&rqm=GET
Requested by
Host: myeducation.com
URL: https://myeducation.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://myeducation.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=36, rtx=0, c=10, mss=1297, tbw=2792, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 26 Jun 2024 21:40:13 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=320329805763272&ev=PageView&dl=https%3A%2F%2Fmyeducation.com%2F&rl=&if=false&ts=1719438013069&sw=1600&sh=1200&v=2.9.159&r=stable&ec=0&o=4126&fbp=fb.1.1719438013067.122194912232545786&cs_est=true&ler=empty&cdl=API_unavailable&it=1719438012701&coo=false&rqm=FGET
Requested by
Host: myeducation.com
URL: https://myeducation.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://myeducation.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xed96551d41413612","source_keys":["1","2"]},{"key_piece":"0x173a48696976652b","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Wed, 26 Jun 2024 21:40:13 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7384930034230630578", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=36, rtx=0, c=10, mss=1297, tbw=3110, tp=-1, tpl=-1, uplat=210, ullat=0
pragma
no-cache
x-fb-debug
8IpXvGKU3jzYPYNvGtuOWobXBLgnRFqlp/5zS2QA0TKb4Brko2sTke94YQh/AZte1/blqQz0ozCLdM5wO8gM0Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7384930034230630578"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
act
analytics.tiktok.com/api/v2/pixel/ 		0
839 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-64-26.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://myeducation.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
e2873fb.13f64235
date
Wed, 26 Jun 2024 21:40:13 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240626214013C6C91DE970C961123B84-3CD8C55A190F9D32-00
x-cache
TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
x-parent-response-time
110,2.20.179.90
server-timing
cdn-cache; desc=MISS, edge; dur=91, origin; dur=24, inner; dur=20
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240626214013C6C91DE970C961123B84
x-cache-remote
TCP_MISS from a23-48-200-72.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
25,23.48.200.72
x-tt-trace-host
01ff6b768b14294ecff56a5a18a214780cb934740c3161e4de8b3262dcce13516b5b3d11d96e90ab42b3dfa9f4d08a1017bc9db9951d87ec724aa7df2040cb10f510290d3bfb5c9f18b9fef146f846a5a4390f66353da2ff684f8f674324f7068fc0a63625ac8d81a5e7d41374f7e6c3c1
access-control-allow-headers
Authorization,*
expires
Wed, 26 Jun 2024 21:40:13 GMT
MatchMaxForm.min.css
myeducation.com/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://myeducation.com/css/MatchMaxForm.min.css
Requested by
Host: ajax.aspnetcdn.com
URL: https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.2.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.40.202.36 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3d8432cbdded53f11e22fd7f38539f176d65c2b063e22b9aa43e7778b9986d92

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://myeducation.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 26 Jun 2024 21:40:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Mar 2022 12:32:20 GMT
Server
Microsoft-IIS/10.0
ETag
"1d83931e1172872"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
1102
book-icon.png
myeducation.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myeducation.com/images/book-icon.png
Requested by
Host: myeducation.com
URL: https://myeducation.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.40.202.36 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ddae01837899260db1fe9fe661093b176747326f4358fe947e5ab790143213b7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://myeducation.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 26 Jun 2024 21:40:12 GMT
Last-Modified
Wed, 16 Mar 2022 12:32:20 GMT
Server
Microsoft-IIS/10.0
ETag
"1d83931e1172538"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1848
glyphicons-halflings-regular.woff2
ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: ajax.aspnetcdn.com
URL: https://ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/css/bootstrap.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CAD) /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/css/bootstrap.min.css
Origin
https://myeducation.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 21:40:13 GMT
x-content-type-options
nosniff
last-modified
Mon, 31 Oct 2016 23:10:18 GMT
server
ECAcc (frc/4CAD)
age
8185907
etag
"49259bf2cb33d21:0"
x-cache
HIT
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
18028
x-xss-protection
1; mode=block
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,400,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://myeducation.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 22:16:51 GMT
x-content-type-options
nosniff
age
84202
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Jun 2025 22:16:51 GMT
GenerateToken
create.leadid.com/2.12.1/ 		36 B
980 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.12.1/GenerateToken?msn=1&pid=051e7ce6-0d61-42ac-844d-75e8404962e4&_=803548554
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.223.19.68 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
f77e5d480526f38c44897a55105e8a45b884b5090fb0b5d75fe4ebafb0ee9f9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://myeducation.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 26 Jun 2024 21:40:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
x-cdn
Imperva
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
x-iinfo
7-61550123-61550127 NNNN CT(94 94 0) RT(1719438013708 40) q(0 0 2 0) r(3 3) U24
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
certs
api.trustedform.com/ 		475 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.205.118.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-118-103.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
c1ab679039de975538974ee644c5d317cdd8726cc1a6db95611c7b002a18484f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://myeducation.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 Jun 2024 21:40:14 GMT
server
Cowboy
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
475
favicon.ico
myeducation.com/ 		31 KB
32 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://myeducation.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.40.202.36 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a94f8a8553caea8430dd4ca3cc01d4e318d19828f74cb65453ffb7f5d9e2f44d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://myeducation.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 26 Jun 2024 21:40:13 GMT
Last-Modified
Wed, 16 Mar 2022 12:32:20 GMT
Server
Microsoft-IIS/10.0
ETag
"1d83931e1175f26"
X-Powered-By
ASP.NET
Content-Type
image/x-icon
Accept-Ranges
bytes
Content-Length
32038
trustedform-1.9.17.js
cdn.trustedform.com/ 		94 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustedform.com/trustedform-1.9.17.js
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17194380125010.5271344998969822&invert_field_sensitivity=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:e200:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1f3261b41b272b75587ac413fafb9b6ffd836858578557f32bea87b143dd0169

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://myeducation.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
yPCS4iNdfsh5BqX6qtsN5d5eM3wY99Uk
content-encoding
gzip
via
1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront)
date
Wed, 26 Jun 2024 21:40:15 GMT
last-modified
Thu, 06 Jun 2024 20:45:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
etag
W/"8bed3069af20b4729a119828224df24b"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
x-amz-cf-id
YVDf4vyopZt_d9XRG_nNHhjEr2A7Y0RmB6N-VsIAhUtOsxOtIzpjBQ==
iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 2BA1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=D393C0AC-9530-0E12-DD91-A8D46808475E&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=4E946A7E-30A0-4C73-A9D8-43E60AF35787&lac=48FB0190-F35E-11E0-9AF4-12313D1C3D7C
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/4e946a7e-30a0-4c73-a9d8-43e60af35787.js?snippet_version=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-225.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://myeducation.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Headers
*
Access-Control-Allow-Origin
*
Age
54920
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 26 Jun 2024 06:25:15 GMT
Etag
W/"65a0715c-dbb"
Last-Modified
Thu, 11 Jan 2024 22:53:16 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Via
1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
X-Amz-Cf-Id
yl9A6QQEwTExWd0LenAD3iNKPelO7c_joyzc1TwC5b7ILvmQsK0wYQ==
X-Amz-Cf-Pop
FRA56-C2
X-Cache
Hit from cloudfront
SaveDom
create.leadid.com/2.12.1/ 		0
728 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.12.1/SaveDom?msn=2&pid=051e7ce6-0d61-42ac-844d-75e8404962e4&token=D393C0AC-9530-0E12-DD91-A8D46808475E&_=803548555
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.223.19.68 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://myeducation.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 26 Jun 2024 21:40:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
x-cdn
Imperva
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
x-iinfo
7-61550123-61550168 NNNY CT(94 95 0) RT(1719438013708 439) q(0 0 0 9) r(0 1) U24
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
InitFormData
create.leadid.com/2.12.1/ 		0
727 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.12.1/InitFormData?msn=3&pid=051e7ce6-0d61-42ac-844d-75e8404962e4&token=D393C0AC-9530-0E12-DD91-A8D46808475E&_=803548556
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.223.19.68 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://myeducation.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 26 Jun 2024 21:40:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
x-cdn
Imperva
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
x-iinfo
7-61550123-61550171 NNNY CT(98 97 0) RT(1719438013708 451) q(0 0 0 0) r(0 3) U24
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
snapshot
api.trustedform.com/certs/6562529ed85b69c48c3170e41e2f7288d5ad96c5/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/6562529ed85b69c48c3170e41e2f7288d5ad96c5/snapshot
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.205.118.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-118-103.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://myeducation.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 26 Jun 2024 21:40:14 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy
fingerprints
api.trustedform.com/certs/6562529ed85b69c48c3170e41e2f7288d5ad96c5/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/6562529ed85b69c48c3170e41e2f7288d5ad96c5/fingerprints
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.205.118.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-118-103.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://myeducation.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 26 Jun 2024 21:40:14 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy
logo.png
myeducation.com/images/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myeducation.com/images/logo.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.40.202.36 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f13b802e83536ab3764578309bac5241bee4e75e5d54729b11cb023c04c41247

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://myeducation.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 26 Jun 2024 21:40:13 GMT
Last-Modified
Wed, 16 Mar 2022 12:32:20 GMT
Server
Microsoft-IIS/10.0
ETag
"1d83931e1171398"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
12696
book-icon.png
myeducation.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myeducation.com/images/book-icon.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.40.202.36 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ddae01837899260db1fe9fe661093b176747326f4358fe947e5ab790143213b7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://myeducation.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 26 Jun 2024 21:40:13 GMT
Last-Modified
Wed, 16 Mar 2022 12:32:20 GMT
Server
Microsoft-IIS/10.0
ETag
"1d83931e1172538"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1848
logo-grey.png
myeducation.com/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myeducation.com/images/logo-grey.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.40.202.36 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1f26c5c6227919364b63acbc7d08a15e72be4dccd400c8a693444b6382bab3e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://myeducation.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 26 Jun 2024 21:40:13 GMT
Last-Modified
Wed, 16 Mar 2022 12:32:20 GMT
Server
Microsoft-IIS/10.0
ETag
"1d83931e1170bd0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
10704
truncated
/ 		10 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
text/javascript
events
api.trustedform.com/certs/6562529ed85b69c48c3170e41e2f7288d5ad96c5/ 		0
159 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/6562529ed85b69c48c3170e41e2f7288d5ad96c5/events
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.17.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.205.118.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-118-103.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://myeducation.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 26 Jun 2024 21:40:14 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy
Snap
create.leadid.com/2.12.1/ 		0
753 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.12.1/Snap?msn=4&pid=051e7ce6-0d61-42ac-844d-75e8404962e4&token=D393C0AC-9530-0E12-DD91-A8D46808475E&_=803548557
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.223.19.68 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://myeducation.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 26 Jun 2024 21:40:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
x-cdn
Imperva
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
x-iinfo
7-61550123-61550229 NNNN CT(228 96 0) RT(1719438013708 947) q(0 0 3 0) r(4 7) U24
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
events
api.trustedform.com/certs/6562529ed85b69c48c3170e41e2f7288d5ad96c5/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/6562529ed85b69c48c3170e41e2f7288d5ad96c5/events
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.205.118.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-118-103.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://myeducation.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 26 Jun 2024 21:40:15 GMT
access-control-expose-headers
access-control-allow-credentials
true
cache-control
max-age=0, private, must-revalidate
server
Cowboy

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage function| fbq function| _fbq string| TiktokAnalyticsObject object| ttq object| PrePop function| $ function| jQuery function| Vue object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks string| uri undefined| clean_uri object| trustedForm function| trustedFormStartRecording function| trustedFormStopRecording object| LeadiDconfig object| LeadiD string| label string| id boolean| sensitiveData object| regeneratorRuntime function| trustedFormNext object| defaultStyleFrame

14 Cookies

Domain/Path Name / Value
.myeducation.com/ Name: ARRAffinity
Value: 1f57d01c0f0b5b57cbf5e0fd88a5735076bc54ac05d019d1e4488585e263fe7d
.myeducation.com/ Name: ARRAffinitySameSite
Value: 1f57d01c0f0b5b57cbf5e0fd88a5735076bc54ac05d019d1e4488585e263fe7d
.tiktok.com/ Name: _ttp
Value: 2iR0JldrNfErTyfqTajjGkIM85R
.myeducation.com/ Name: _tt_enable_cookie
Value: 1
.myeducation.com/ Name: _ttp
Value: uKa4wbNs6Fi0q5YgA_pi6EV8VXE
.myeducation.com/ Name: _fbp
Value: fb.1.1719438013067.122194912232545786
myeducation.com/ Name: leadid_token-48FB0190-F35E-11E0-9AF4-12313D1C3D7C-4E946A7E-30A0-4C73-A9D8-43E60AF35787
Value: D393C0AC-9530-0E12-DD91-A8D46808475E
.trueleadid.com/ Name: nlbi_3051494
Value: fXz4HoKBeXgSEziNC30iGwAAAADqAQr0py1OO02NRycfdtkG
.trueleadid.com/ Name: visid_incap_3051494
Value: oDJEZgUFTPWukl3ILaifDb6KfGYAAAAAQUIPAAAAAABG+WkRKkQRS4UFSHvbdvVj
.trueleadid.com/ Name: incap_ses_875_3051494
Value: 3AKBJ8awjggu2uw18p8kDL6KfGYAAAAA6h14k76JBG8NjneOc25X8g==
.deviceid.trueleadid.com/ Name: uuid
Value: 3a5cf8cbeece4aa5b3e31c9a7a688f51
.leadid.com/ Name: visid_incap_3079785
Value: yPOTzh1uRV6bs1+Rh7rJ4L6KfGYAAAAAQUIPAAAAAAChnEpJYsJFb3hFIXNroYZg
.leadid.com/ Name: nlbi_3079785
Value: O516FfAS8h64jJ0aoCxIyQAAAADc8H6eisGMbotwsSfZphob
.leadid.com/ Name: incap_ses_875_3079785
Value: F6tJSzB2CnZ32uw18p8kDL6KfGYAAAAA3BB71vEUiaRsZX/2TtfXnQ==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
analytics.tiktok.com
api.trustedform.com
cdn.jsdelivr.net
cdn.trustedform.com
cdnjs.cloudflare.com
connect.facebook.net
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
myeducation.com
www.facebook.com
104.17.25.14
13.32.23.225
152.199.19.160
2.18.64.26
20.40.202.36
2600:9000:223d:e200:1c:7f1a:6680:93a1
2606:4700:10::6816:27b6
2a00:1450:4001:808::2003
2a00:1450:4001:810::200a
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:600::485
45.223.19.68
52.205.118.103
08100de389d23b2b5bf70de6c3bde8dd25a99fb2612c5942f0920812ce746db5
0d9027289ffa5d9f6c8b4e0782bb31bbff2cef5ee3708ccbcb7a22df9128bb21
17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50
1f3261b41b272b75587ac413fafb9b6ffd836858578557f32bea87b143dd0169
2ce4860162a5775a82d36c07d21517bf991335b2bf3e299a7336d2a24bc26c3d
2d51b727ef874c5b81c513fcbda8782c93e40766e5048feaf2663b4574cdfbe7
3c1d4b0c549e8de9d4a9bafb12ab70b6a1ac747d07293b98c5b25b6632999afd
3d8432cbdded53f11e22fd7f38539f176d65c2b063e22b9aa43e7778b9986d92
3d908a2a266f5b6f3a5b9bf582f1c5606935db7d2ce6447f5b199aebe829ae24
47d3e5c22630f08413d65b1507e3c2600f0dea1ae83f045f9f1a0be5514efee2
481a728c1d104d98f6edb0b5c872f829d27a2f90b055aeac7eda28a10e29b07c
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5bd89bfca3ca1cb53de9cf357ddc8e0e2041837783db4d49995cfb5ddd4acbc9
7f19def1d5f761ba1e6240a99bbddc1ea1d22e37ad4731c78da648b3ad219bf4
83540a1b1aaca7ec79264b8dfc98c797dea37b6c33b604b95a8e21e1cee09bd3
867f1b9c827705eed429c2db787a8b082479ebea292174dbffe4dc5e0a234e8f
a576b44576fb48ed2282092b8a8d4131b60c431a487e90eb409086a4533deee1
a6c01be2b11a120d765885714dca24737e86061e20a49be710a1caba35f1140c
a94f8a8553caea8430dd4ca3cc01d4e318d19828f74cb65453ffb7f5d9e2f44d
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b1f26c5c6227919364b63acbc7d08a15e72be4dccd400c8a693444b6382bab3e
b45c2cf3470fdfb0d31be644d7b351059b71d0a899db8c2c5906097d4e64f905
b4982d1a8a71a41bdd43b2de498b9f41ebdb16e450f35bea52ef546fd53636d3
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c1ab679039de975538974ee644c5d317cdd8726cc1a6db95611c7b002a18484f
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03
ddae01837899260db1fe9fe661093b176747326f4358fe947e5ab790143213b7
de1805522e8bde4516893684590f431b5bc8716638f3b9cdbf4e987767e61a65
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
f13b802e83536ab3764578309bac5241bee4e75e5d54729b11cb023c04c41247
f67b0d45b9ca6673aac4eca28d8ff4d809d86ec36a25a3dbfdd739841a4c9919
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f77e5d480526f38c44897a55105e8a45b884b5090fb0b5d75fe4ebafb0ee9f9e
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c