intiwin.sa.com Open in urlscan Pro
45.74.8.8 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://juleacapulco.com/mountain/service
Effective URL:
https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Submission: On May 06 via automatic, source openphish (May 6th 2023, 5:30:21 am UTC) — Scanned from DE

Summary HTTP 118 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 39 IPs in 7 countries across 33 domains to perform 118 HTTP transactions. The main IP is 45.74.8.8, located in Los Angeles, United States and belongs to VOXILITY, GB. The main domain is intiwin.sa.com.
TLS certificate: Issued by R3 on May 4th 2023. Valid for: 3 months.

This is the only time intiwin.sa.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Mountain America Credit Union (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 2	201.131.21.96 201.131.21.96	28399 (BTU COMUN...) (BTU COMUNICACION SA DE CV)
21	45.74.8.8 45.74.8.8	3223 (VOXILITY) (VOXILITY)
5	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:350... 2a02:26f0:3500:591::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	3.248.155.70 3.248.155.70	16509 (AMAZON-02) (AMAZON-02)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
7	45.60.46.50 45.60.46.50	19551 (INCAPSULA) (INCAPSULA)
1	2a04:4e42:600... 2a04:4e42:600::282	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	23.32.242.89 23.32.242.89	16625 (AKAMAI-AS) (AKAMAI-AS)
1	63.140.62.135 63.140.62.135	15224 (OMNITURE) (OMNITURE)
1 1	52.48.138.69 52.48.138.69	16509 (AMAZON-02) (AMAZON-02)
1 4	142.0.173.12 142.0.173.12	7160 (NETDYNAMICS) (NETDYNAMICS)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:400c:c0b::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	3.224.163.117 3.224.163.117	14618 (AMAZON-AES) (AMAZON-AES)
1	108.138.15.119 108.138.15.119	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:20e... 2600:9000:20eb:6c00:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
6 6	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1 1	2001:4860:480... 2001:4860:4802:36::15	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
11	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
1	2606:4700:440... 2606:4700:4400::ac40:97de	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
13	2606:4700:440... 2606:4700:4400::6812:2422	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.218.219.143 34.218.219.143	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:811::2003	() ()
118	39

2 201.131.21.96 (Iztapalapa, Mexico) 1 redirects

ASN28399 (BTU COMUNICACION SA DE CV, MX)
PTR: clsv06.btu.com.mx

juleacapulco.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 45.74.8.8 (Los Angeles, United States)

ASN3223 (VOXILITY, GB)

intiwin.sa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:591::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.248.155.70 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-155-70.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
macu.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 45.60.46.50 (United States)

ASN19551 (INCAPSULA, US)

www.macu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::282 (United States)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.242.89 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-242-89.deploy.static.akamaitechnologies.com

img.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.62.135 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-135.data.adobedc.net

macu.d2.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.138.69 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-138-69.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.0.173.12 (Toronto, Canada) 1 redirects

ASN7160 (NETDYNAMICS, US)

elq.macu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0b::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.224.163.117 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-163-117.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:6c00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:21::14 (United States) 6 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:36::15 (United States) 1 redirects

ASN15169 (GOOGLE, US)

gtm.macu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:97de (United States)

ASN13335 (CLOUDFLARENET, US)

wsmcdn.audioeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:4400::6812:2422 (United States)

ASN13335 (CLOUDFLARENET, US)

wsv3cdn.audioeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.218.219.143 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-218-219-143.us-west-2.compute.amazonaws.com

analytics.audioeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (None, )

ASN- ()

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	sa.com intiwin.sa.com	482 KB
15	audioeye.com wsmcdn.audioeye.com — Cisco Umbrella Rank: 6146 wsv3cdn.audioeye.com — Cisco Umbrella Rank: 3283 analytics.audioeye.com — Cisco Umbrella Rank: 4963	311 KB
12	macu.com 2 redirects www.macu.com — Cisco Umbrella Rank: 333581 elq.macu.com — Cisco Umbrella Rank: 442094 gtm.macu.com — Cisco Umbrella Rank: 533985	500 KB
11	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 385	30 KB
8	linkedin.com 6 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 347 www.linkedin.com — Cisco Umbrella Rank: 594 px4.ads.linkedin.com — Cisco Umbrella Rank: 6148	6 KB
5	typekit.net use.typekit.net — Cisco Umbrella Rank: 432 p.typekit.net — Cisco Umbrella Rank: 559	57 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6386	871 B
4	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 2815	7 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 150	90 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	84 KB
4	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 1722	29 KB
4	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 74 googleads.g.doubleclick.net — Cisco Umbrella Rank: 34	19 KB
3	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 4365 www.google.com — Cisco Umbrella Rank: 2	967 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	261 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 198 macu.demdex.net — Cisco Umbrella Rank: 470584	5 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 241	740 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	216 B
2	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 830	802 B
2	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1372 insight.adsrvr.org — Cisco Umbrella Rank: 527	3 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30 region1.google-analytics.com — Cisco Umbrella Rank: 2587	21 KB
2	en25.com img.en25.com — Cisco Umbrella Rank: 5880	5 KB
2	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 423	100 KB
2	juleacapulco.com 1 redirects juleacapulco.com	719 B
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 176	411 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 629	394 B
1	t.co t.co — Cisco Umbrella Rank: 503	377 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 736	5 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 654	15 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1068	517 B
1	omtrdc.net macu.d2.sc.omtrdc.net — Cisco Umbrella Rank: 446648	266 B
1	polyfill.io cdn.polyfill.io — Cisco Umbrella Rank: 2738	668 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 346	24 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 708	30 KB
118	33

	Domain	Requested by
21	intiwin.sa.com	juleacapulco.com intiwin.sa.com
13	wsv3cdn.audioeye.com	intiwin.sa.com
11	js-agent.newrelic.com	intiwin.sa.com
7	www.macu.com	intiwin.sa.com
4	www.google.de	intiwin.sa.com
4	px.ads.linkedin.com	4 redirects
4	tags.srv.stackadapt.com	intiwin.sa.com
4	connect.facebook.net	intiwin.sa.com
4	script.crazyegg.com	intiwin.sa.com script.crazyegg.com
4	elq.macu.com	1 redirects intiwin.sa.com
4	use.typekit.net	intiwin.sa.com use.typekit.net
3	stats.g.doubleclick.net	1 redirects intiwin.sa.com www.googletagmanager.com
3	www.googletagmanager.com	intiwin.sa.com
2	fonts.gstatic.com
2	bam.nr-data.net	intiwin.sa.com
2	www.facebook.com	intiwin.sa.com
2	www.google.com	1 redirects intiwin.sa.com
2	px4.ads.linkedin.com	intiwin.sa.com
2	www.linkedin.com	2 redirects
2	cdn.linkedin.oribi.io	intiwin.sa.com
2	www.gstatic.com	intiwin.sa.com
2	img.en25.com	intiwin.sa.com
2	dpm.demdex.net	assets.adobedtm.com intiwin.sa.com
2	assets.adobedtm.com	intiwin.sa.com assets.adobedtm.com
2	juleacapulco.com	1 redirects
1	analytics.audioeye.com	wsv3cdn.audioeye.com
1	insight.adsrvr.org	intiwin.sa.com
1	wsmcdn.audioeye.com	intiwin.sa.com
1	www.googleadservices.com	1 redirects
1	gtm.macu.com	1 redirects
1	region1.google-analytics.com	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	analytics.twitter.com	intiwin.sa.com
1	t.co	intiwin.sa.com
1	js.adsrvr.org	intiwin.sa.com
1	snap.licdn.com	intiwin.sa.com
1	static.ads-twitter.com	intiwin.sa.com
1	googleads.g.doubleclick.net	intiwin.sa.com
1	www.google-analytics.com	intiwin.sa.com
1	cm.everesttech.net	1 redirects
1	macu.d2.sc.omtrdc.net	intiwin.sa.com
1	macu.demdex.net	intiwin.sa.com
1	cdn.polyfill.io	intiwin.sa.com
1	cdn.jsdelivr.net	intiwin.sa.com
1	code.jquery.com	intiwin.sa.com
1	p.typekit.net	use.typekit.net
118	46

This site contains links to these domains. Also see Links.

Domain
www.ordermychecks.com
schedule.macu.com
myaccountviewonline.com
www.greenpath.com
o.macu.com
careers.macu.com
www.ncua.gov
portal.hud.gov
www.facebook.com
www.youtube.com
www.instagram.com
twitter.com
www.linkedin.com

Subject Issuer	Validity	Valid
juleacapulco.com cPanel, Inc. Certification Authority	`2023-03-23` - `2023-06-21`	3 months	crt.sh
intiwin.sa.com R3	`2023-05-04` - `2023-08-02`	3 months	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.macu.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-31` - `2023-08-30`	a year	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-10` - `2024-01-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.en25.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-17` - `2023-07-18`	a year	crt.sh
*.d2.sc.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-03-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-09` - `2024-03-08`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-12` - `2023-05-13`	3 months	crt.sh
*.srv.stackadapt.com Amazon RSA 2048 M02	`2023-02-27` - `2023-11-07`	8 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-02-24` - `2023-08-06`	5 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh
elq.macu.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-27` - `2023-06-29`	a year	crt.sh
report-prod.audioeye.com Amazon RSA 2048 M02	`2022-10-17` - `2023-11-15`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Frame ID: E3070FB733E02FCC9077FC2CF42E0486
Requests: 121 HTTP requests in this frame

Frame: https://macu.demdex.net/dest5.html?d_nsid=0
Frame ID: B70B2A70F8D37C0FEAB0C5ADE408895A
Requests: 1 HTTP requests in this frame

Frame: https://script.crazyegg.com/pages/data-scripts/0033/6538/site/intiwin.sa.com.json?t=1
Frame ID: B6823AC02084A2E2F3FA87A65385EB8C
Requests: 2 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=mptvp60&ref=https%3A%2F%2Fintiwin.sa.com%2Fservice2%2Fmon%2Ftain%2Fsafe%2Fmountain1.html&upid=dq1k7ca&upv=1.1.0
Frame ID: 7AA56BE8DA41B01C6141C93CD290F8B6
Requests: 1 HTTP requests in this frame

Frame: https://wsv3cdn.audioeye.com/v2/frame/cookieStorage.html?build=prod/m&pscb=&cb=de1cf08
Frame ID: E94510D6C0A0F262D1C537592143C707
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mountain America Credit Union in Utah & the Westclose carousel

Page URL History Show full URLs

https://juleacapulco.com/mountain/service HTTP 301
https://juleacapulco.com/mountain/service/ Page URL
https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

118
Requests

95 %
HTTPS

55 %
IPv6

33
Domains

46
Subdomains

39
IPs

7
Countries

2105 kB
Transfer

4226 kB
Size

30
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ordermychecks.com/login_a.jsp
Title: Order Checks

Search URL Search Domain Scan URL

URL: https://schedule.macu.com/
Title: Schedule an Appointment

Search URL Search Domain Scan URL

URL: https://myaccountviewonline.com/login/
Title: LPL Log In

Search URL Search Domain Scan URL

URL: https://www.greenpath.com/wellness/home/?utm_source=partner&utm_medium=Website+redirect&partner_type=credit_union&partner_name=Mountain+America+CU&utm_campaign=Website+redirect+for+Mountain+America+CU
Title: GreenPath Financial Wellness

Search URL Search Domain Scan URL

URL: https://schedule.macu.com/s/espanol
Title: Programe una Cita

Search URL Search Domain Scan URL

URL: https://o.macu.com/Registration
Title: Register

Search URL Search Domain Scan URL

URL: https://o.macu.com/ForgotUsername
Title: ID

Search URL Search Domain Scan URL

URL: https://o.macu.com/ForgotPassword
Title: Password

Search URL Search Domain Scan URL

URL: https://careers.macu.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.ncua.gov/Pages/default.aspx
Title: Go to the National Credit Union AdministrationFederally insured by NCUA

Search URL Search Domain Scan URL

URL: http://portal.hud.gov/hudportal/HUD
Title: Equal Housing Lender

Search URL Search Domain Scan URL

URL: https://www.facebook.com/MountainAmerica/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/mountainamerica

Search URL Search Domain Scan URL

URL: https://www.instagram.com/mountainamericacu/

Search URL Search Domain Scan URL

URL: https://twitter.com/MountainAmerica

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/mountain-america-credit-union/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://juleacapulco.com/mountain/service HTTP 301
https://juleacapulco.com/mountain/service/ Page URL
https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://juleacapulco.com/mountain/service HTTP 301
https://juleacapulco.com/mountain/service/

Request Chain 38

https://cm.everesttech.net/cm/dd?d_uuid=47952012306200206772761966976906625279 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZFXl5QAAAGvgGgNx

Request Chain 51

https://elq.macu.com/visitor/v200/svrGP?pps=3&siteid=2213&ref=https%3A%2F%2Fintiwin.sa.com%2Fservice2%2Fmon%2Ftain%2Fsafe%2Fmountain1.html&ref2=https%3A%2F%2Fjuleacapulco.com%2F&tzo=0&ms=738&optin=disabled&firstPartyCookieDomain=elq.macu.com HTTP 302
https://elq.macu.com/visitor/v200/svrGP?pps=3&siteid=2213&ref=https%3A%2F%2Fintiwin.sa.com%2Fservice2%2Fmon%2Ftain%2Fsafe%2Fmountain1.html&ref2=https%3A%2F%2Fjuleacapulco.com%2F&tzo=0&ms=738&optin=disabled&elq1pcGUID=2C1C2C213ACE41C98C6DE4E733009368

Request Chain 65

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5049985%2C540924&time=1683351013915&url=https%3A%2F%2Fintiwin.sa.com%2Fservice2%2Fmon%2Ftain%2Fsafe%2Fmountain1.html&tm=gtmv2 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D5049985%252C540924%26time%3D1683351013915%26url%3Dhttps%253A%252F%252Fintiwin.sa.com%252Fservice2%252Fmon%252Ftain%252Fsafe%252Fmountain1.html%26tm%3Dgtmv2%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5049985%2C540924&time=1683351013915&url=https%3A%2F%2Fintiwin.sa.com%2Fservice2%2Fmon%2Ftain%2Fsafe%2Fmountain1.html&tm=gtmv2&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5049985%2C540924&time=1683351013915&url=https%3A%2F%2Fintiwin.sa.com%2Fservice2%2Fmon%2Ftain%2Fsafe%2Fmountain1.html&tm=gtmv2&liSync=true&e_ipv6=AQK6FWhJAy1arAAAAYfviguM9d2qF2pJDnu9NbHKBLM0B4gEPV0qXDaxaolcoYF7hx2gl5OJ

Request Chain 67

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5049985%2C540924&time=1683351013918&url=https%3A%2F%2Fintiwin.sa.com%2Fservice2%2Fmon%2Ftain%2Fsafe%2Fmountain1.html&tm=gtmv2 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D5049985%252C540924%26time%3D1683351013918%26url%3Dhttps%253A%252F%252Fintiwin.sa.com%252Fservice2%252Fmon%252Ftain%252Fsafe%252Fmountain1.html%26tm%3Dgtmv2%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5049985%2C540924&time=1683351013918&url=https%3A%2F%2Fintiwin.sa.com%2Fservice2%2Fmon%2Ftain%2Fsafe%2Fmountain1.html&tm=gtmv2&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5049985%2C540924&time=1683351013918&url=https%3A%2F%2Fintiwin.sa.com%2Fservice2%2Fmon%2Ftain%2Fsafe%2Fmountain1.html&tm=gtmv2&liSync=true&e_ipv6=AQIUsVq_BXrKhAAAAYfvigvk4l4QYR-5rExI1mlNfs3zKb3k2M_LgZYy1hJ2PvQzCxsreL9e

Request Chain 78

https://gtm.macu.com/j/collect?v=1&_v=j100&a=474121732&t=pageview&_s=1&dl=https%3A%2F%2Fintiwin.sa.com%2Fservice2%2Fmon%2Ftain%2Fsafe%2Fmountain1.html&dr=https%3A%2F%2Fjuleacapulco.com%2F&ul=en-us&de=UTF-8&dt=Mountain%20America%20Credit%20Union%20in%20Utah%20%26%20the%20West&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAII~&jid=1920139971&gjid=1421992705&cid=1267918708.1683351014&tid=UA-42841702-1&_gid=673672004.1683351014&_fplc=0&_r=1&gtm=45He3530n513LRX&z=1648813560 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-42841702-1&cid=wxcp7t%2BVm3IEdrSQSAfkFsS6jRq4pobv0tPDC1wHGBg%3D.1683351014&jid=1920139971&_gid=673672004.1683351014&gjid=1421992705&_v=j100&z=1648813560 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42841702-1&cid=wxcp7t%2BVm3IEdrSQSAfkFsS6jRq4pobv0tPDC1wHGBg%3D.1683351014&jid=1920139971&_v=j100&z=1648813560 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42841702-1&cid=wxcp7t%2BVm3IEdrSQSAfkFsS6jRq4pobv0tPDC1wHGBg%3D.1683351014&jid=1920139971&_v=j100&z=1648813560&slf_rd=1&random=1334418559

Request Chain 86

https://www.googleadservices.com/pagead/conversion/979871099/wcm?cc=ZZ&dn=18007484302&cl=or7rCKbAuqwBEPvKntMD&ref=https%3A%2F%2Fjuleacapulco.com%2F&ct_eid=2 HTTP 302
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18007484302&cl=or7rCKbAuqwBEPvKntMD

118 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/
juleacapulco.com/mountain/service/
Redirect Chain

https://juleacapulco.com/mountain/service
https://juleacapulco.com/mountain/service/

215 B
456 B

149ms
149ms

Document
text/html

201.131.21.96
BTU COMUNICACION ...

General

Check archive.org

Show headers Download Go to

Full URL: https://juleacapulco.com/mountain/service/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 201.131.21.96 Iztapalapa, Mexico, ASN28399 (BTU COMUNICACION SA DE CV, MX),
Reverse DNS: clsv06.btu.com.mx
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 215
Content-Type: text/html
Date: Sat, 06 May 2023 05:30:11 GMT
Keep-Alive: timeout=5, max=99
Last-Modified: Fri, 05 May 2023 08:46:00 GMT
Server: Apache

Redirect headers

Connection: Keep-Alive
Content-Length: 250
Content-Type: text/html; charset=iso-8859-1
Date: Sat, 06 May 2023 05:30:11 GMT
Keep-Alive: timeout=5, max=100
Location: https://juleacapulco.com/mountain/service/
Server: Apache

GET
H/1.1 200
OK Primary Request mountain1.html Show response
intiwin.sa.com/service2/mon/tain/safe/ 480 KB
480 KB 731ms
178ms Document
text/html 45.74.8.8
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Requested by: Host: juleacapulco.com
URL: https://juleacapulco.com/mountain/service/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.74.8.8 Los Angeles, United States, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: Apache /
Resource Hash: d156f12f98d66cc129c3b0667d04338be8eea26b592dd0838b0f867c03d573fb

Request headers

Referer: https://juleacapulco.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 491641
Content-Type: text/html
Date: Sat, 06 May 2023 05:30:12 GMT
Keep-Alive: timeout=5, max=100
Last-Modified: Fri, 05 May 2023 07:02:02 GMT
Server: Apache

GET
H2 200 cvd1zmo.css
use.typekit.net/ 3 KB
919 B 163ms
128ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/cvd1zmo.css

Requested by

Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

fa7c2783ee6b79ec8c6a022152d7a7bedcc4f881de735e1de3b026a233f981d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Sat, 06 May 2023 05:30:13 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 687

GET
H2 200 launch-89ad88ac02aa.min.js Show response
assets.adobedtm.com/124d515fb9f9/b07ff2eac9f1/ 285 KB
82 KB 49ms
7ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/124d515fb9f9/b07ff2eac9f1/launch-89ad88ac02aa.min.js
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: cc4c6fa45c295e9c8021c6dbaa5fdb7475dbd264eaf672baec264c0a3cb428c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:30:13 GMT
content-encoding: gzip
last-modified: Thu, 27 Apr 2023 21:07:04 GMT
server: AkamaiNetStorage
etag: "003321e7c3710fe8e86e2c12f85ff3ab:1682629624.119064"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://intiwin.sa.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 83880
expires: Sat, 06 May 2023 06:30:13 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 363 B
1 KB 141ms
31ms XHR
application/json 3.248.155.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=BF06317853BFD2160A490D4E%40AdobeOrg&d_nsid=0&ts=1683351013490

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/124d515fb9f9/b07ff2eac9f1/launch-89ad88ac02aa.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.248.155.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-155-70.eu-west-1.compute.amazonaws.com

Software

Resource Hash

fdbecbd63733ac320b464c156043867a8485520337b5013419a62201f3b241bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://intiwin.sa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v048-0fa823568.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: 0DVVcB8nQwU=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://intiwin.sa.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 308
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 EX9d76e22134504bcbaed350e9a9941fed-libraryCode_source.min.js Show response
assets.adobedtm.com/124d515fb9f9/b07ff2eac9f1/5ffa51b61b58/ 48 KB
18 KB 7ms
7ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/124d515fb9f9/b07ff2eac9f1/5ffa51b61b58/EX9d76e22134504bcbaed350e9a9941fed-libraryCode_source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/124d515fb9f9/b07ff2eac9f1/launch-89ad88ac02aa.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 52ab6be1b9ef2881a8cad2684bc5848a00b67a2c82d848c770a76e152f9024b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:30:13 GMT
content-encoding: gzip
last-modified: Thu, 27 Apr 2023 21:07:04 GMT
server: AkamaiNetStorage
etag: "7efe25efa708ef12095d023e01edc0e0:1682629624.892783"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://intiwin.sa.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 18084
expires: Sat, 06 May 2023 06:30:13 GMT

GET
H/1.1 404
Not Found webpack-runtime-884b2d773e3a7ffe2c40.js
intiwin.sa.com/ 0
0 175ms
174ms Script
text/html 45.74.8.8
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://intiwin.sa.com/webpack-runtime-884b2d773e3a7ffe2c40.js
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.74.8.8 Los Angeles, United States, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 05:30:13 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found framework-d57f860b8956cf8c9f70.js
intiwin.sa.com/ 0
0 186ms
178ms Script
text/html 45.74.8.8
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://intiwin.sa.com/framework-d57f860b8956cf8c9f70.js
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.74.8.8 Los Angeles, United States, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 05:30:13 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found aaa5778d-04a131f86a008b57859b.js
intiwin.sa.com/ 0
0 352ms
177ms Script
text/html 45.74.8.8
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://intiwin.sa.com/aaa5778d-04a131f86a008b57859b.js
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.74.8.8 Los Angeles, United States, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 05:30:13 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found happ-d272f87d6b2df3a675bd.js
intiwin.sa.com/service2/mon/tain/safe/ 0
0 366ms
179ms Script
text/html 45.74.8.8
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://intiwin.sa.com/service2/mon/tain/safe/happ-d272f87d6b2df3a675bd.js
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.74.8.8 Los Angeles, United States, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 05:30:13 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found hcb1608f2-0057d41c6bdf4bfeb908.js
intiwin.sa.com/service2/mon/tain/safe/ 0
0 527ms
174ms Script
text/html 45.74.8.8
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://intiwin.sa.com/service2/mon/tain/safe/hcb1608f2-0057d41c6bdf4bfeb908.js
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.74.8.8 Los Angeles, United States, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 05:30:14 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found h84b384f4-046c54ac5dba593827d2.js
intiwin.sa.com/service2/mon/tain/safe/ 0
0 527ms
175ms Script
text/html 45.74.8.8
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://intiwin.sa.com/service2/mon/tain/safe/h84b384f4-046c54ac5dba593827d2.js
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.74.8.8 Los Angeles, United States, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 05:30:14 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found commons-3365dfddf1ca2e24c21f.js
intiwin.sa.com/ 0
0 534ms
178ms Script
text/html 45.74.8.8
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://intiwin.sa.com/commons-3365dfddf1ca2e24c21f.js
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.74.8.8 Los Angeles, United States, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 05:30:14 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found hcomponent---src-pages-index-mdx-b8351effa489dd13739d.js
intiwin.sa.com/service2/mon/tain/safe/ 0
0 538ms
178ms Script
text/html 45.74.8.8
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://intiwin.sa.com/service2/mon/tain/safe/hcomponent---src-pages-index-mdx-b8351effa489dd13739d.js
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.74.8.8 Los Angeles, United States, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 05:30:14 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found page-data.json
intiwin.sa.com/page-data/index/ 315 B
515 B 543ms
177ms Other
text/html 45.74.8.8
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://intiwin.sa.com/page-data/index/page-data.json
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.74.8.8 Los Angeles, United States, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Referer: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Origin: https://intiwin.sa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 05:30:14 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found 2013016621.json
intiwin.sa.com/service2/mon/tain/safe/hpage-data/sq/d/ 315 B
516 B 549ms
183ms Other
text/html 45.74.8.8
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://intiwin.sa.com/service2/mon/tain/safe/hpage-data/sq/d/2013016621.json
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.74.8.8 Los Angeles, United States, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Referer: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Origin: https://intiwin.sa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 05:30:14 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found 63159454.json
intiwin.sa.com/page-data/sq/d/ 315 B
515 B 702ms
174ms Other
text/html 45.74.8.8
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://intiwin.sa.com/page-data/sq/d/63159454.json
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.74.8.8 Los Angeles, United States, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Referer: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Origin: https://intiwin.sa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 05:30:14 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found app-data.json
intiwin.sa.com/service2/mon/tain/safe/hpage-data/ 315 B
515 B 702ms
174ms Other
text/html 45.74.8.8
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://intiwin.sa.com/service2/mon/tain/safe/hpage-data/app-data.json
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.74.8.8 Los Angeles, United States, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Referer: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Origin: https://intiwin.sa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 05:30:14 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 p.css
p.typekit.net/ 5 B
195 B 15ms
6ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=cvd1zmo&ht=tk&f=39680.39685.39687&a=1540528&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/cvd1zmo.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

unused62: 8096267
date: Sat, 06 May 2023 05:30:13 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 70ms
18ms Script
application/javascript 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: https://intiwin.sa.com/
Origin: https://intiwin.sa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:30:13 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
server: nginx
etag: W/"620cd6ff-15d9d"
vary: Accept-Encoding
x-hw: 1683351013.dop216.am5.t,1683351013.cds240.am5.hn,1683351013.cds004.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/ 81 KB
24 KB 29ms
7ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/bootstrap.bundle.min.js

Requested by

Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

19126b874a32753d42c12dfa6c17892bfd93820a5a5100ba1b34da4d07599b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://intiwin.sa.com/
Origin: https://intiwin.sa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 06 May 2023 05:30:13 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2087388
x-jsd-version: 4.6.2
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23636
x-served-by: cache-fra-eddf8230108-FRA
x-jsd-version-type: version
etag: W/"145b0-MjP9Adh/ukV+qtjcvCifdbFw+BQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 e4e5e6-pixel.png
www.macu.com/media/Images/ 3 KB
4 KB 1277ms
1193ms Image
image/png 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/media/Images/e4e5e6-pixel.png
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: dcb3ae25ce4f06b3a348b4db58db5b5c2913e7681708c723309121eed01d7e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:30:14 GMT
last-modified: Fri, 05 May 2023 20:47:44 GMT
x-cdn: Imperva
etag: "b8f8735761d8c625db313a8b25f4da2f"
content-type: image/png
x-iinfo: 12-47228182-47228187 2VNN RT(1683351013622 13) q(0 0 10 0) r(10 12)
cache-control: max-age=1, public
content-length: 3435
expires: Sat, 06 May 2023 05:30:15 GMT

GET
H2 200 polyfill.min.js Show response
cdn.polyfill.io/v3/ 101 B
668 B 36ms
7ms Script
text/javascript 2a04:4e42:600::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v3/polyfill.min.js?features=fetch

Requested by

Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 06 May 2023 05:30:13 GMT
age: 67204
detected-user-agent: Chrome/113.0.0
useragent_normaliser: chrome/113.0.0
server-timing: HIT, fastly;desc="Edge time";dur=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 113
referrer-policy: origin-when-cross-origin
last-modified: Wed, 03 May 2023 00:17:37 GMT
fastly_service_version: 195
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
normalized-user-agent: chrome/113.0.0
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 404
Not Found component---src-pages-index-mdx-b8351effa489dd13739d.js
intiwin.sa.com/ 0
0 179ms
179ms Script
text/html 45.74.8.8
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://intiwin.sa.com/component---src-pages-index-mdx-b8351effa489dd13739d.js
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.74.8.8 Los Angeles, United States, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 05:30:14 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found hommons-3365dfddf1ca2e24c21f.js
intiwin.sa.com/service2/mon/tain/safe/ 0
0 182ms
182ms Script
text/html 45.74.8.8
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://intiwin.sa.com/service2/mon/tain/safe/hommons-3365dfddf1ca2e24c21f.js
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.74.8.8 Los Angeles, United States, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 05:30:14 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found htb384f4-046c54ac5dba593827d2.js
intiwin.sa.com/service2/mon/tain/safe/ 0
0 178ms
178ms Script
text/html 45.74.8.8
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://intiwin.sa.com/service2/mon/tain/safe/htb384f4-046c54ac5dba593827d2.js
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.74.8.8 Los Angeles, United States, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 05:30:14 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found http608f2-0057d41c6bdf4bfeb908.js
intiwin.sa.com/service2/mon/tain/safe/ 0
0 178ms
178ms Script
text/html 45.74.8.8
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://intiwin.sa.com/service2/mon/tain/safe/http608f2-0057d41c6bdf4bfeb908.js
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.74.8.8 Los Angeles, United States, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 05:30:14 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found http-d272f87d6b2df3a675bd.js
intiwin.sa.com/service2/mon/tain/safe/ 0
0 179ms
179ms Script
text/html 45.74.8.8
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://intiwin.sa.com/service2/mon/tain/safe/http-d272f87d6b2df3a675bd.js
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.74.8.8 Los Angeles, United States, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 05:30:14 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found http5778d-04a131f86a008b57859b.js
intiwin.sa.com/service2/mon/tain/safe/ 0
0 174ms
174ms Script
text/html 45.74.8.8
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://intiwin.sa.com/service2/mon/tain/safe/http5778d-04a131f86a008b57859b.js
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.74.8.8 Los Angeles, United States, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 05:30:14 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found httpmework-d57f860b8956cf8c9f70.js
intiwin.sa.com/service2/mon/tain/safe/ 0
0 182ms
182ms Script
text/html 45.74.8.8
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://intiwin.sa.com/service2/mon/tain/safe/httpmework-d57f860b8956cf8c9f70.js
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.74.8.8 Los Angeles, United States, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 05:30:14 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found httbpack-runtime-884b2d773e3a7ffe2c40.js
intiwin.sa.com/service2/mon/tain/safe/ 0
0 178ms
178ms Script
text/html 45.74.8.8
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://intiwin.sa.com/service2/mon/tain/safe/httbpack-runtime-884b2d773e3a7ffe2c40.js
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.74.8.8 Los Angeles, United States, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 05:30:14 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 292 KB
94 KB 142ms
61ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-3LRX

Requested by

Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a88b390363b57d9e7da5e24df6c39a99706a5128f00577a3ec15aa3fd6e4ee3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:30:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96282
x-xss-protection: 0
last-modified: Sat, 06 May 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 06 May 2023 05:30:13 GMT

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 737472d1ebf560cc3c2eebadaab70cc3560a10954f3b178704791136b10d17c1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK elqCfg.min.js Show response
img.en25.com/i/ 6 KB
3 KB 112ms
77ms Script
application/x-javascript 23.32.242.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img.en25.com/i/elqCfg.min.js

Requested by

Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.32.242.89 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-32-242-89.deploy.static.akamaitechnologies.com

Software

Resource Hash

3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sat, 06 May 2023 05:30:13 GMT
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 2183
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Wed, 11 Jan 2023 20:34:04 GMT
ETag: "39c1adbfc25d91:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-store
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Expires: Sat, 06 May 2023 05:30:13 GMT

GET
DATA 200
OK truncated
/ 541 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d7b050def2d324b2a09d3ef158f1d15e09be476aee22cbdfd7fa3660952df0a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 l
use.typekit.net/af/a3a085/00000000000000007735ba73/30/ 16 KB
17 KB 36ms
8ms Font
application/font-woff2 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/a3a085/00000000000000007735ba73/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/cvd1zmo.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: ab072a017662be34b6ac4da319eeffa3a6b1132ba5fc02875b3e10dfb765471a

Request headers

Referer: https://use.typekit.net/cvd1zmo.css
Origin: https://intiwin.sa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:30:13 GMT
server: nginx
etag: "c8312ec3794d199c4baa21fae3f300f4162a37ff"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16816

GET
H2 200 l
use.typekit.net/af/e7065f/00000000000000007735ba3f/30/ 20 KB
20 KB 35ms
7ms Font
application/font-woff2 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/e7065f/00000000000000007735ba3f/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/cvd1zmo.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: ed6e7f434ca0748610440d7d2b5903e49325a70406fb695eb91104e42114bdda

Request headers

Referer: https://use.typekit.net/cvd1zmo.css
Origin: https://intiwin.sa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:30:13 GMT
server: nginx
etag: "65381862afa1e35bdce2a257727d8a6c9625f357"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20476

GET
H/1.1 200
OK dest5.html Show response
macu.demdex.net/ Frame B70B 7 KB
3 KB 131ms
30ms Document
text/html 3.248.155.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://macu.demdex.net/dest5.html?d_nsid=0

Requested by

Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.248.155.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-155-70.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://intiwin.sa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-2-v048-09053e61f.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: MK0t4O3tTAo=
content-encoding: gzip
date: Sat, 6 May 2023 05:30:13 GMT
last-modified: Thu, 27 Apr 2023 14:39:20 GMT
vary: accept-encoding

GET
H2 200 id Show response
macu.d2.sc.omtrdc.net/ 2 B
266 B 69ms
22ms XHR
application/x-javascript 63.140.62.135
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://macu.d2.sc.omtrdc.net/id?d_visid_ver=5.3.0&d_fieldgroup=A&mcorgid=BF06317853BFD2160A490D4E%40AdobeOrg&mid=48197389387601759442755261031274344050&ts=1683351013649

Requested by

Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.135 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-135.data.adobedc.net

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://intiwin.sa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 06 May 2023 05:30:13 GMT
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://intiwin.sa.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 2
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=ZFXl5QAAAGvgGgNx
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=47952012306200206772761966976906625279
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZFXl5QAAAGvgGgNx

42 B
942 B

32ms
32ms

Image
image/gif

3.248.155.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZFXl5QAAAGvgGgNx

Requested by

Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html

Protocol

HTTP/1.1

Server

3.248.155.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-155-70.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v048-0f7ff0385.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: E9UExm3HSpg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZFXl5QAAAGvgGgNx
Date: Sat, 06 May 2023 05:30:13 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
DATA 200
OK truncated
/ 786 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7331a1509613667f6fe8676501f2c1149a59e27807a177639096c0aa74618cc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 538 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99d7790aa855f59628f5538eb7a239829e05bd0197daf1c6e82b1b0809338cf7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e23b1851926f1f909295d26142dfe45ceabc52fe898f724b4f61a659f6ac6a53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ncua_logo.png
www.macu.com/media/Icons/ 2 KB
2 KB 1402ms
1398ms Image
image/png 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/media/Icons/ncua_logo.png
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: a7a05d6db9fff3ed1d8626f59c88628a08dd321a7bc8682e007f2f8de2f9cd3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:30:15 GMT
last-modified: Fri, 05 May 2023 20:47:41 GMT
x-cdn: Imperva
etag: "accb9a62a1f0a2e6d8ed74ccdd3d7a74"
content-type: image/png
x-iinfo: 12-47228182-47228190 2VNN RT(1683351013622 18) q(0 0 10 0) r(11 14)
cache-control: max-age=1, public
content-length: 1989
expires: Sat, 06 May 2023 05:30:16 GMT

GET
H2 200 icon-equal-housing.svg
www.macu.com/media/Icons/ 629 B
882 B 1388ms
1384ms Image
image/svg+xml 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/media/Icons/icon-equal-housing.svg
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: d00d22f1cd4c89e84b29833c8877403c5fbbde7fb573ee50e384d38e00bcb88c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:30:15 GMT
content-encoding: gzip
last-modified: Fri, 05 May 2023 20:47:40 GMT
x-cdn: Imperva
etag: "7b56d1e41c159baf490fb9928dc381ff"
content-type: image/svg+xml
x-iinfo: 12-47228182-47228188 2VNN RT(1683351013622 13) q(0 0 10 3) r(11 14)
cache-control: max-age=1, public
content-length: 405
expires: Sat, 06 May 2023 05:30:16 GMT

GET
DATA 200
OK truncated
/ 13 KB
13 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 936aaa639be8fa6c83d6090a016cf175282c6102980ebb6ef79e84cd25ecf950

Request headers

Referer
Origin: https://intiwin.sa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: application/x-font-woff2

GET
H2 200 l
use.typekit.net/af/a741c0/00000000000000007735ba66/30/ 19 KB
19 KB 8ms
7ms Font
application/font-woff2 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/a741c0/00000000000000007735ba66/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/cvd1zmo.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4ca2d921b84e49dbe231d9885bd2ef8fdfb4c1d957bf35fa2b4bd642fe336929

Request headers

Referer: https://use.typekit.net/cvd1zmo.css
Origin: https://intiwin.sa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:30:13 GMT
server: nginx
etag: "519cefc842ab7db6e740a26a5e2b3c236659ca6b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19684

GET
DATA 200
OK truncated
/ 5 KB
5 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 138376ba413b29d8a4354768884cfa9f31417e682385990bdc02136cc2616087

Request headers

Referer
Origin: https://intiwin.sa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: application/x-font-woff2

GET
H2 200 mystyle-lizzie-2022-video-thumbnail.jpg
www.macu.com/media/video-thumbnails/ 181 KB
181 KB 2390ms
2390ms Image
image/jpeg 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/media/video-thumbnails/mystyle-lizzie-2022-video-thumbnail.jpg
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 03bf8fec823b2c223b27122d09a534ab3ba1c5fa35ba1b2faf8f7079410d44fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:30:16 GMT
last-modified: Fri, 05 May 2023 20:48:29 GMT
x-cdn: Imperva
etag: "a9eb14fe53e2b5657aeed2bed04be293"
content-type: image/jpeg
x-iinfo: 12-47228182-47228196 2VNN RT(1683351013622 33) q(0 0 21 0) r(22 24)
cache-control: max-age=1, public
content-length: 184961
expires: Sat, 06 May 2023 05:30:17 GMT

GET
H2 200 2023-MyStyleCampaign-FoodNanny-3-column-flex-promo-457x644-AL.jpg
www.macu.com/media/3-column-images/ 79 KB
80 KB 2410ms
2409ms Image
image/jpeg 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/media/3-column-images/2023-MyStyleCampaign-FoodNanny-3-column-flex-promo-457x644-AL.jpg
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 5a80a666e32d21dd695c31ea49b744e5651dceff994f4fcf2397b7df5135b095

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:30:16 GMT
last-modified: Fri, 05 May 2023 20:47:38 GMT
x-cdn: Imperva
etag: "34ce4b3e588a55a1309128c702f6844e"
content-type: image/jpeg
x-iinfo: 12-47228182-47228197 2VNN RT(1683351013622 34) q(0 0 21 2) r(22 24)
cache-control: max-age=1, public
content-length: 81386
expires: Sat, 06 May 2023 05:30:17 GMT

GET
H2 200 3-col-mortgage-v2cc-2023-457x645.jpg
www.macu.com/media/3-column-images/ 81 KB
81 KB 1365ms
1365ms Image
image/jpeg 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/media/3-column-images/3-col-mortgage-v2cc-2023-457x645.jpg
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: deed0694ab9b434aad2c6afa78bf7a2dac9af09af0783ab35bcfb1dfd61eed7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:30:15 GMT
last-modified: Fri, 05 May 2023 20:47:38 GMT
x-cdn: Imperva
etag: "596d227a68711fbb38d5f4e4726133a3"
content-type: image/jpeg
x-iinfo: 12-47228182-47228200 2VNN RT(1683351013622 38) q(0 0 10 0) r(11 14)
cache-control: max-age=1, public
content-length: 82631
expires: Sat, 06 May 2023 05:30:16 GMT

GET
H2 200 2023_RetirementCampaign_3ColumnFlex_457x644_TP.jpg
www.macu.com/media/3-column-images/ 148 KB
149 KB 1382ms
1381ms Image
image/jpeg 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/media/3-column-images/2023_RetirementCampaign_3ColumnFlex_457x644_TP.jpg
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 65b29100391c0314c91900f518d4c796373f084b3eb7cab153a892ecd5b7f36e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:30:15 GMT
last-modified: Fri, 05 May 2023 20:47:38 GMT
x-cdn: Imperva
etag: "163ecd7ca9285504467cbc146ba19979"
content-type: image/jpeg
x-iinfo: 12-47228182-47228097 2VNN RT(1683351013622 39) q(0 12 12 2) r(14 14)
cache-control: max-age=1, public
content-length: 151798
expires: Sat, 06 May 2023 05:30:16 GMT

GET
H/1.1

200
OK

svrGP
elq.macu.com/visitor/v200/
Redirect Chain

https://elq.macu.com/visitor/v200/svrGP?pps=3&siteid=2213&ref=https%3A%2F%2Fintiwin.sa.com%2Fservice2%2Fmon%2Ftain%2Fsafe%2Fmountain1.html&ref2=https%3A%2F%2Fjuleacapulco.com%2F&tzo=0&ms=738&optin=...
https://elq.macu.com/visitor/v200/svrGP?pps=3&siteid=2213&ref=https%3A%2F%2Fintiwin.sa.com%2Fservice2%2Fmon%2Ftain%2Fsafe%2Fmountain1.html&ref2=https%3A%2F%2Fjuleacapulco.com%2F&tzo=0&ms=738&optin=...

49 B
497 B

279ms
279ms

Image
image/gif

142.0.173.12
NETDYNAMICS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://elq.macu.com/visitor/v200/svrGP?pps=3&siteid=2213&ref=https%3A%2F%2Fintiwin.sa.com%2Fservice2%2Fmon%2Ftain%2Fsafe%2Fmountain1.html&ref2=https%3A%2F%2Fjuleacapulco.com%2F&tzo=0&ms=738&optin=disabled&elq1pcGUID=2C1C2C213ACE41C98C6DE4E733009368

Requested by

Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html

Protocol

HTTP/1.1

Server

142.0.173.12 Toronto, Canada, ASN7160 (NETDYNAMICS, US),

Reverse DNS

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 May 2023 05:30:13 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-Xss-Protection: 1; mode=block
Expires: -1

Redirect headers

Pragma: no-cache
Date: Sat, 06 May 2023 05:30:13 GMT
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=utf-8
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Location: https://elq.macu.com/visitor/v200/svrGP?pps=3&siteid=2213&ref=https%3A%2F%2Fintiwin.sa.com%2Fservice2%2Fmon%2Ftain%2Fsafe%2Fmountain1.html&ref2=https%3A%2F%2Fjuleacapulco.com%2F&tzo=0&ms=738&optin=disabled&elq1pcGUID=2C1C2C213ACE41C98C6DE4E733009368
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 394
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 122ms
38ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 06 May 2023 05:05:02 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 1511
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Sat, 06 May 2023 07:05:02 GMT

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ 45 KB
17 KB 61ms
18ms Script
text/javascript 2a00:1450:400c:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 06 May 2023 04:05:22 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 5091
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17093
expires: Sat, 06 May 2023 06:05:22 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/979871099/ 3 KB
2 KB 151ms
51ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/979871099/?random=1683351013864&cv=11&fst=1683351013864&bg=ffffff&guid=ON&async=1&gtm=45He3530&u_w=1600&u_h=1200&url=https%3A%2F%2Fintiwin.sa.com%2Fservice2%2Fmon%2Ftain%2Fsafe%2Fmountain1.html&ref=https%3A%2F%2Fjuleacapulco.com%2F&hn=www.googleadservices.com&frm=0&tiba=Mountain%20America%20Credit%20Union%20in%20Utah%20%26%20the%20West&auid=734040632.1683351014&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfadb872cfa128e09e03f3ded68d44e9789166b0317c20111505e2b6b4611843

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 May 2023 05:30:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6538.js Show response
script.crazyegg.com/pages/scripts/0033/ 6 KB
2 KB 95ms
42ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0033/6538.js
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8ad5bc1f66678e135b2f907f8c42de1c5a8ffddccf77a8eb05f315561d85c40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:30:13 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 26138
cf-polished: origSize=6063
ce-version: 11.5.73
cf-bgj: minify
last-modified: Fri, 05 May 2023 22:14:35 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-ray: 7c2ed47d0fb0914a-FRA

GET
H2 200 loader.js Show response
www.gstatic.com/wcm/ 3 KB
2 KB 121ms
37ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/wcm/loader.js

Requested by

Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1546
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1339
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 16:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 06 May 2023 06:04:27 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 38ms
7ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:30:13 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-etou8220069-FRA

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 35ms
7ms Script
application/x-javascript 2a02:26f0:3500:16::215:148d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:30:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=16402
accept-ranges: bytes
content-length: 4777

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 42ms
7ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 06 May 2023 05:30:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27538
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: vTzehhenH7JSY+poz2U4En34XKZwU0ctPOpycWLNB02cPM/IlThERPHyzeIHlgi99i6CqgWsoIeRLnuUg8DUGA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 events.js Show response
tags.srv.stackadapt.com/ 17 KB
6 KB 315ms
103ms Script
text/javascript 3.224.163.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.163.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-163-117.compute-1.amazonaws.com
Software: /
Resource Hash: 8f2823c6e5bbd625751a8d371c579b5a160469cc862bfc8a1aa841dc207973f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 06 May 2023 05:30:14 GMT
cache-control: max-age=5
content-encoding: gzip
content-type: text/javascript

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 41ms
7ms Script
application/x-javascript 108.138.15.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-15-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 01:26:19 GMT
Content-Encoding: gzip
Via: 1.1 099a327961f82798658bf21aa210d4a0.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P7
Age: 14635
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: 5qVFFjvqV1RjBeDzGe-P6HoJo2-6yAcTT5B0MPardWRv9ezd2AdwBg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 252 KB
84 KB 61ms
60ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-D0FC4ZRQT5&l=dataLayer&cx=c

Requested by

Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

238ef4f692083a7f831d8078153dec81e924c739ad790d21f3d4f76309f9f0bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:30:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86012
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 06 May 2023 05:30:13 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 244 KB
83 KB 52ms
52ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q50Z8XJ82V&l=dataLayer&cx=c

Requested by

Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

111610f98549241682fc11b117eeb0eb0d5af18847f0c69ccbf82d7d5004a918

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:30:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84751
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 06 May 2023 05:30:13 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/5049985,540924/domain/intiwin.sa.com/ 36 B
402 B 65ms
9ms XHR
application/json 2600:9000:20eb:6c00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/5049985,540924/domain/intiwin.sa.com/token
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6c00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://intiwin.sa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 00:13:03 GMT
content-encoding: gzip
via: 1.1 eab88762658052b4a1e386f8521a38ce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 19030
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=25039
x-amz-cf-id: SVIN5HHsYh9j8jFIjQkxRDillnkuKlRzA6xYMSCQBcPdniI4eq5n5A==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5049985%2C540924&time=1683351013915&url=https%3A%2F%2Fintiwin.sa.com%2Fservice2%2Fmon%2Ftain%2Fsafe%2Fmountain1.html&tm=gtmv2
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D5049985%252C540924%26time%3D1683351013915%26url%3Dhttps%253A%252F%252Fintiwin.sa....
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5049985%2C540924&time=1683351013915&url=https%3A%2F%2Fintiwin.sa.com%2Fservice2%2Fmon%2Ftain%2Fsafe%2Fmountain1.html&tm=gtmv2&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5049985%2C540924&time=1683351013915&url=https%3A%2F%2Fintiwin.sa.com%2Fservice2%2Fmon%2Ftain%2Fsafe%2Fmountain1.html&tm=gtmv2&liSync=true&e_ipv6=...

0
265 B

190ms
148ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5049985%2C540924&time=1683351013915&url=https%3A%2F%2Fintiwin.sa.com%2Fservice2%2Fmon%2Ftain%2Fsafe%2Fmountain1.html&tm=gtmv2&liSync=true&e_ipv6=AQK6FWhJAy1arAAAAYfviguM9d2qF2pJDnu9NbHKBLM0B4gEPV0qXDaxaolcoYF7hx2gl5OJ
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:30:13 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 6F8A675E3465499E8C71A4884C709C29 Ref B: FRAEDGE1817 Ref C: 2023-05-06T05:30:14Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX6/7M/8pvFKDZ6VBMLrw==

Redirect headers

date: Sat, 06 May 2023 05:30:14 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 2B293B5087FF4929A4BE73D651D1105E Ref B: FRAEDGE1405 Ref C: 2023-05-06T05:30:14Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5049985%2C540924&time=1683351013915&url=https%3A%2F%2Fintiwin.sa.com%2Fservice2%2Fmon%2Ftain%2Fsafe%2Fmountain1.html&tm=gtmv2&liSync=true&e_ipv6=AQK6FWhJAy1arAAAAYfviguM9d2qF2pJDnu9NbHKBLM0B4gEPV0qXDaxaolcoYF7hx2gl5OJ
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX6/7M9B9/4JIHGnZLIBQ==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/5049985,540924/domain/intiwin.sa.com/ 36 B
400 B 63ms
9ms XHR
application/json 2600:9000:20eb:6c00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/5049985,540924/domain/intiwin.sa.com/token
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6c00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://intiwin.sa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 00:13:03 GMT
content-encoding: gzip
via: 1.1 eab88762658052b4a1e386f8521a38ce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 19030
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=25039
x-amz-cf-id: hu-27TWsmuHcxpxH1qFGrNXBrDhVzwMeiW1XytTjKgkbP3GAWES2Rw==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5049985%2C540924&time=1683351013918&url=https%3A%2F%2Fintiwin.sa.com%2Fservice2%2Fmon%2Ftain%2Fsafe%2Fmountain1.html&tm=gtmv2
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D5049985%252C540924%26time%3D1683351013918%26url%3Dhttps%253A%252F%252Fintiwin.sa....
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5049985%2C540924&time=1683351013918&url=https%3A%2F%2Fintiwin.sa.com%2Fservice2%2Fmon%2Ftain%2Fsafe%2Fmountain1.html&tm=gtmv2&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5049985%2C540924&time=1683351013918&url=https%3A%2F%2Fintiwin.sa.com%2Fservice2%2Fmon%2Ftain%2Fsafe%2Fmountain1.html&tm=gtmv2&liSync=true&e_ipv6=...

0
142 B

154ms
153ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5049985%2C540924&time=1683351013918&url=https%3A%2F%2Fintiwin.sa.com%2Fservice2%2Fmon%2Ftain%2Fsafe%2Fmountain1.html&tm=gtmv2&liSync=true&e_ipv6=AQIUsVq_BXrKhAAAAYfvigvk4l4QYR-5rExI1mlNfs3zKb3k2M_LgZYy1hJ2PvQzCxsreL9e
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:30:14 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 4AB4B7AF051A4BE493396D8BA66F21BB Ref B: FRAEDGE1817 Ref C: 2023-05-06T05:30:14Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX6/7NAoUR9VlQvz254EA==

Redirect headers

date: Sat, 06 May 2023 05:30:14 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 5D26D48C7F2D4DE68651D4F07BABCB7F Ref B: FRAEDGE1405 Ref C: 2023-05-06T05:30:14Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5049985%2C540924&time=1683351013918&url=https%3A%2F%2Fintiwin.sa.com%2Fservice2%2Fmon%2Ftain%2Fsafe%2Fmountain1.html&tm=gtmv2&liSync=true&e_ipv6=AQIUsVq_BXrKhAAAAYfvigvk4l4QYR-5rExI1mlNfs3zKb3k2M_LgZYy1hJ2PvQzCxsreL9e
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX6/7M+Xm+iIQvSxVXK4g==

GET
H2 200 adsct
t.co/i/ 43 B
377 B 145ms
118ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=d93e5e50-17a1-4642-ba91-087a70d9c8dd&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=f6d7682d-0988-4ce9-af1a-809a0f9b7eff&tw_document_href=https%3A%2F%2Fintiwin.sa.com%2Fservice2%2Fmon%2Ftain%2Fsafe%2Fmountain1.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3vv6&type=javascript&version=2.3.29

Requested by

Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-response-time: 112
date: Sat, 06 May 2023 05:30:13 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 88b67e91b5826121
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: fea9c95c691e9ddbb4bcf252c7ed6c5d41c8a83283a13211d4d775e892ff6c53
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
394 B 152ms
113ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=d93e5e50-17a1-4642-ba91-087a70d9c8dd&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=f6d7682d-0988-4ce9-af1a-809a0f9b7eff&tw_document_href=https%3A%2F%2Fintiwin.sa.com%2Fservice2%2Fmon%2Ftain%2Fsafe%2Fmountain1.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3vv6&type=javascript&version=2.3.29

Requested by

Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-response-time: 106
date: Sat, 06 May 2023 05:30:13 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 5ea12cfffd0e3fa5
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 9258a76d9864b50083114a61ce50311a5068189011451118a4fc379b7142275f
content-length: 43

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.104

Requested by

Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 06 May 2023 05:30:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 3sNq11EXbNTmfYy0arWxppBCmjNBpSXXQDX52va78IrpkDclahot0ayh8w3T9ZRlrbrCzU4kECpBO+iSkwldGQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 837421743000518 Show response
connect.facebook.net/signals/config/ 74 KB
21 KB 76ms
76ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/837421743000518?v=2.9.104&r=stable

Requested by

Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2cf2dace1c4f33e2cf824cb79fc498dc4a62e2daf62e8b0b44017cc442dafa50

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 06 May 2023 05:30:14 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 7CVtfTjA7dCDhF4Js5pKLNUYkrKLoy/I7rpZwJw+T6uzH9fN70fgpBYN4ErCE1j45O/P8g1LBoVOopbLa1ODxQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 intiwin.sa.com.json Show response
script.crazyegg.com/pages/data-scripts/0033/6538/site/ Frame B682 5 KB
2 KB 148ms
132ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0033/6538/site/intiwin.sa.com.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0033/6538.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9841b70cd5589b1c0cdc6be259aaca53788da02181d44ef24f10698ae06b9888

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:30:14 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sat, 06 May 2023 05:30:14 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
ce-version: 11.5.73
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c2ed47d8ac12c3d-FRA
content-length: 1712

POST
H2 204 collect
region1.analytics.google.com/g/ 0
253 B 75ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-D0FC4ZRQT5&gtm=45je3530&_p=474121732&_gaz=1&cid=1267918708.1683351014&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1683351014&sct=1&seg=0&dl=https%3A%2F%2Fintiwin.sa.com%2Fservice2%2Fmon%2Ftain%2Fsafe%2Fmountain1.html&dr=https%3A%2F%2Fjuleacapulco.com%2F&dt=Mountain%20America%20Credit%20Union%20in%20Utah%20%26%20the%20West&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D0FC4ZRQT5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 May 2023 05:30:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://intiwin.sa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
161 B 19ms
19ms Ping
text/plain 2a00:1450:400c:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-D0FC4ZRQT5&cid=1267918708.1683351014&gtm=45je3530&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D0FC4ZRQT5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 May 2023 05:30:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://intiwin.sa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 131ms
47ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-D0FC4ZRQT5&cid=1267918708.1683351014&gtm=45je3530&aip=1&z=1983087683

Requested by

Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 May 2023 05:30:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 18ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Q50Z8XJ82V&gtm=45je3530&_p=474121732&cid=1267918708.1683351014&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1683351014&sct=1&seg=0&dl=https%3A%2F%2Fintiwin.sa.com%2Fservice2%2Fmon%2Ftain%2Fsafe%2Fmountain1.html&dr=https%3A%2F%2Fjuleacapulco.com%2F&dt=Mountain%20America%20Credit%20Union%20in%20Utah%20%26%20the%20West&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q50Z8XJ82V&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 May 2023 05:30:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://intiwin.sa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 call-tracking_7.js Show response
www.gstatic.com/call-tracking/ 54 KB
55 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/call-tracking/call-tracking_7.js

Requested by

Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 05:19:04 GMT
x-content-type-options: nosniff
age: 519070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-telephony
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55675
x-xss-protection: 0
last-modified: Wed, 03 Feb 2021 22:45:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-telephony"
vary: Accept-Encoding
report-to: {"group":"ads-telephony","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-telephony"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 29 Apr 2024 05:19:04 GMT

GET
H3

200

ga-audiences Show response
www.google.de/ads/
Redirect Chain

https://gtm.macu.com/j/collect?v=1&_v=j100&a=474121732&t=pageview&_s=1&dl=https%3A%2F%2Fintiwin.sa.com%2Fservice2%2Fmon%2Ftain%2Fsafe%2Fmountain1.html&dr=https%3A%2F%2Fjuleacapulco.com%2F&ul=en-us&...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-42841702-1&cid=wxcp7t%2BVm3IEdrSQSAfkFsS6jRq4pobv0tPDC1wHGBg%3D.1683351014&jid=1920139971&_gid=673672004.1683351014&gjid=1421992...
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42841702-1&cid=wxcp7t%2BVm3IEdrSQSAfkFsS6jRq4pobv0tPDC1wHGBg%3D.1683351014&jid=1920139971&_v=j100&z=1648813560
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42841702-1&cid=wxcp7t%2BVm3IEdrSQSAfkFsS6jRq4pobv0tPDC1wHGBg%3D.1683351014&jid=1920139971&_v=j100&z=1648813560&slf_rd=1&random=1334...

42 B
65 B

50ms
50ms

XHR
image/gif

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42841702-1&cid=wxcp7t%2BVm3IEdrSQSAfkFsS6jRq4pobv0tPDC1wHGBg%3D.1683351014&jid=1920139971&_v=j100&z=1648813560&slf_rd=1&random=1334418559

Requested by

Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html

Protocol

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 May 2023 05:30:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 06 May 2023 05:30:14 GMT
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42841702-1&cid=wxcp7t%2BVm3IEdrSQSAfkFsS6jRq4pobv0tPDC1wHGBg%3D.1683351014&jid=1920139971&_v=j100&z=1648813560&slf_rd=1&random=1334418559
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/979871099/ 42 B
455 B 139ms
49ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/979871099/?random=1683351013864&cv=11&fst=1683349200000&bg=ffffff&guid=ON&async=1&gtm=45He3530&u_w=1600&u_h=1200&url=https%3A%2F%2Fintiwin.sa.com%2Fservice2%2Fmon%2Ftain%2Fsafe%2Fmountain1.html&ref=https%3A%2F%2Fjuleacapulco.com%2F&frm=0&tiba=Mountain%20America%20Credit%20Union%20in%20Utah%20%26%20the%20West&fmt=3&is_vtc=1&random=3841228752&rmt_tld=0&ipr=y

Requested by

Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 May 2023 05:30:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/979871099/ 42 B
154 B 52ms
51ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/979871099/?random=1683351013864&cv=11&fst=1683349200000&bg=ffffff&guid=ON&async=1&gtm=45He3530&u_w=1600&u_h=1200&url=https%3A%2F%2Fintiwin.sa.com%2Fservice2%2Fmon%2Ftain%2Fsafe%2Fmountain1.html&ref=https%3A%2F%2Fjuleacapulco.com%2F&frm=0&tiba=Mountain%20America%20Credit%20Union%20in%20Utah%20%26%20the%20West&fmt=3&is_vtc=1&random=3841228752&rmt_tld=1&ipr=y

Requested by

Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 May 2023 05:30:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 inferredevents.js Show response
connect.facebook.net/signals/plugins/ 71 KB
21 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.104

Requested by

Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0b56dd809f978c08d4d736c90412e7d66e54aa4059d2e0b2b79f444dd734200f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 06 May 2023 05:30:14 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 21675
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: yGGm20TwNLHXrN09nynz4igVNHtbXkyEBYrFR1612jgvGkhiWJJRsyRm9Xdymt1bOJc6cyF7lZvC8xVMIiCxeA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 54ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=837421743000518&ev=PageView&dl=https%3A%2F%2Fintiwin.sa.com%2Fservice2%2Fmon%2Ftain%2Fsafe%2Fmountain1.html&rl=https%3A%2F%2Fjuleacapulco.com%2F&if=false&ts=1683351014105&sw=1600&sh=1200&ud[fn]=eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&ud[ln]=eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&v=2.9.104&r=stable&ec=0&o=60&fbp=fb.2.1683351014103.1313435220&it=1683351013968&coo=false&rqm=GET

Requested by

Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 06 May 2023 05:30:14 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 8ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=837421743000518&ev=ViewContent&dl=https%3A%2F%2Fintiwin.sa.com%2Fservice2%2Fmon%2Ftain%2Fsafe%2Fmountain1.html&rl=https%3A%2F%2Fjuleacapulco.com%2F&if=false&ts=1683351014107&sw=1600&sh=1200&ud[fn]=eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&ud[ln]=eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&v=2.9.104&r=stable&ec=1&o=60&fbp=fb.2.1683351014103.1313435220&it=1683351013968&coo=false&rqm=GET

Requested by

Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 06 May 2023 05:30:14 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 759ced533b68f06bbc5d8a775605b45b.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 72 KB
24 KB 22ms
22ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/759ced533b68f06bbc5d8a775605b45b.js
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1857d1bc1fe229e7ca9313cf1270171e6c6e95c82f70820bde5a5a3baa22e30b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:30:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 24 Apr 2023 15:32:13 GMT
server: cloudflare
age: 26525
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c2ed47e5914914a-FRA
content-length: 24814

GET
H2 200 intiwin.sa.com.json Show response
script.crazyegg.com/pages/data-scripts/0033/6538/sampling/ Frame B682 151 B
207 B 136ms
136ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0033/6538/sampling/intiwin.sa.com.json?t=467597
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/759ced533b68f06bbc5d8a775605b45b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b783e1b85ca59998661958a7e2d7576c8bc937c03b28ab68b8bc0c5a4086045

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:30:14 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sat, 06 May 2023 05:30:14 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
ce-version: 11.5.73
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c2ed47e8b922c3d-FRA
content-length: 143

GET
H2

200

wcm Show response
www.google.de/pagead/attribution/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/979871099/wcm?cc=ZZ&dn=18007484302&cl=or7rCKbAuqwBEPvKntMD&ref=https%3A%2F%2Fjuleacapulco.com%2F&ct_eid=2
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18007484302&cl=or7rCKbAuqwBEPvKntMD

80 B
244 B

46ms
46ms

XHR
application/json

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18007484302&cl=or7rCKbAuqwBEPvKntMD

Requested by

Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html

Protocol

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:30:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: null
content-type: application/json; charset=UTF-8
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87
x-xss-protection: 0

Redirect headers

date: Sat, 06 May 2023 05:30:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=18007484302&cl=or7rCKbAuqwBEPvKntMD
access-control-allow-origin: https://intiwin.sa.com
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sa.css
tags.srv.stackadapt.com/ 65 B
203 B 103ms
102ms Stylesheet
text/css 3.224.163.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.163.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-163-117.compute-1.amazonaws.com
Software: /
Resource Hash: 724f1ee3000ace68f4845807dd13619dae3262e4c9b6a252a13dfb215fa26d6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 06 May 2023 05:30:14 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 65
content-type: text/css

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ 0
793 B 317ms
106ms Fetch
image/jpeg 3.224.163.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.163.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-163-117.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 06 May 2023 05:30:14 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
content-type: image/jpeg

GET
H2 200 saq_pxl Show response
tags.srv.stackadapt.com/ 94 B
286 B 103ms
102ms XHR
text/plain 3.224.163.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=QxbTKJPCybzFS5lQI24njA&is_js=true&landing_url=https%3A%2F%2Fintiwin.sa.com%2Fservice2%2Fmon%2Ftain%2Fsafe%2Fmountain1.html&t=Mountain%20America%20Credit%20Union%20in%20Utah%20%26%20the%20West&tip=VZ7phE6ClRt23lNZOoGfjOmE0gCK8dElHMToYXrGnPk&host=https://intiwin.sa.com&sa_conv_data_css_value=%270-93d92494-0759-56f2-7523-e75418697f86%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd993d92494075956f27523e75418697f86b9d59bc4&sa-user-id-v2=s%253Ak9kklAdZVvJ1I-dUGGl_hrnVm8Q.bvRAvxgSkPzsOTChcsoJqeEWFeCg3kGVEUXJEWvnVhk&sa-user-id=s%253A0-93d92494-0759-56f2-7523-e75418697f86.7SdMj3cPYLan%252FdBfutKwBHEkf77DXt4KOLp0bICGQ4Y
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.163.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-163-117.compute-1.amazonaws.com
Software: /
Resource Hash: 078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin: https://intiwin.sa.com
date: Sat, 06 May 2023 05:30:14 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 94
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK elqCfg.min.js Show response
img.en25.com/i/ 6 KB
3 KB 72ms
72ms Script
application/x-javascript 23.32.242.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img.en25.com/i/elqCfg.min.js

Requested by

Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.32.242.89 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-32-242-89.deploy.static.akamaitechnologies.com

Software

Resource Hash

3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sat, 06 May 2023 05:30:15 GMT
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 2183
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Wed, 11 Jan 2023 20:34:04 GMT
ETag: "39c1adbfc25d91:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-store
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Expires: Sat, 06 May 2023 05:30:15 GMT

GET
H2 200 async-api.61caf4d9-1228.min.js Show response
js-agent.newrelic.com/ 2 KB
1 KB 37ms
7ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/async-api.61caf4d9-1228.min.js

Requested by

Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

079c85d823b588108b623f842c5aca6c805c4f1b2c9af00d5aff193224d0d477

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: J0GluopGath26np.0jFNgGyfwhEN0LgG
content-encoding: gzip
via: 1.1 varnish
date: Sat, 06 May 2023 05:30:15 GMT
strict-transport-security: max-age=300
x-amz-request-id: GKTFBYERYG5HQXWZ
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1122
x-amz-id-2: oev3KzZKEaEm6A9pwlIRprNrUutgyGxOYnD146vIzuQI4VfBSqfDBT7Ii1r1A0pGrjx99lYZQ1k=
x-served-by: cache-fra-eddf8230064-FRA
last-modified: Mon, 20 Mar 2023 23:57:31 GMT
server: AmazonS3
x-timer: S1683351015.127969,VS0,VE0
etag: "5a15fa90d5c9cf59729e937de488758b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 133

GET
H2 200 lazy-loader.37550b27-1228.min.js Show response
js-agent.newrelic.com/ 928 B
908 B 36ms
7ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/lazy-loader.37550b27-1228.min.js

Requested by

Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

83c6c18f8719320cbd6cd83248055a13a92e1c7866c23a347c08c92c7d1fe391

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: veSIorK788CursSmiZNo6DAf4uBLqr8D
content-encoding: gzip
via: 1.1 varnish
date: Sat, 06 May 2023 05:30:15 GMT
strict-transport-security: max-age=300
x-amz-request-id: GKTD8EV63Z3HGZHQ
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 415
x-amz-id-2: z5WfDil7UKeNVy3TtLELTQGddqlYgmWR0NxVSHepzNiQHyz1miq/9JkeETD5DpHX9MA4jVAG09M=
x-served-by: cache-fra-eddf8230064-FRA
last-modified: Mon, 20 Mar 2023 23:57:31 GMT
server: AmazonS3
x-timer: S1683351015.127949,VS0,VE0
etag: "b6eaf4dad9b3e3384b0e9366ff9d0080"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 122

GET
H2 200 aem.js Show response
wsmcdn.audioeye.com/ 1020 B
685 B 49ms
15ms Script
application/javascript 2606:4700:4400::ac40:97de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsmcdn.audioeye.com/aem.js
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:97de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e56bd6105d6e24d804d3db97049f580c26390f475a87f7535e066bdc815b2f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

cache-tags
date: Sat, 06 May 2023 05:30:15 GMT
content-encoding: br
surrogate-keys
cf-cache-status: HIT
server: cloudflare
age: 1468
etag: W/"c5f5d23dbd841fb0868078e4bfbbd713"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=3600
cf-ray: 7c2ed4849d021947-FRA

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 7AA5 0
182 B 103ms
32ms Document
text/html 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=mptvp60&ref=https%3A%2F%2Fintiwin.sa.com%2Fservice2%2Fmon%2Ftain%2Fsafe%2Fmountain1.html&upid=dq1k7ca&upv=1.1.0
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intiwin.sa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Sat, 06 May 2023 05:30:15 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2 200 862.e74e95d2-1228.min.js Show response
js-agent.newrelic.com/ 8 KB
3 KB 7ms
6ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/862.e74e95d2-1228.min.js

Requested by

Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4f4f57044cd0b10b29ffb36a590e48ab912275a5daf264cd58241b25cac03e5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: gDL8cpdspH3IxcZPeLUXHRvPqJEXPWmp
content-encoding: gzip
via: 1.1 varnish
date: Sat, 06 May 2023 05:30:15 GMT
strict-transport-security: max-age=300
x-amz-request-id: GKTD1J9DNPK1QXXW
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3271
x-amz-id-2: X+EXNQ+Obx9POeBzegJDLeK23dFK1/nteaLgMQctS+AMMuCClhtGotGoO+MMVs7e6yInWo/Zq/0=
x-served-by: cache-fra-eddf8230064-FRA
last-modified: Mon, 20 Mar 2023 23:57:31 GMT
server: AmazonS3
x-timer: S1683351015.137530,VS0,VE0
etag: "ff02f82193fd2ec047cb131aa65a0dd8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 132

GET
H2 200 page_view_event-aggregate.46b69e61-1228.min.js Show response
js-agent.newrelic.com/ 4 KB
2 KB 7ms
7ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_view_event-aggregate.46b69e61-1228.min.js

Requested by

Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

22051e5464f07018297c13799b1db21f39f6b0676c72fce70dbbc6b9a4793c0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: KBeqQAET2qZgk2U9E4XZJmVRm1HOq8Rk
content-encoding: gzip
via: 1.1 varnish
date: Sat, 06 May 2023 05:30:15 GMT
strict-transport-security: max-age=300
x-amz-request-id: GKT4WW2E2DFK8J4Z
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1729
x-amz-id-2: 0BB0+l2wZ5hOrKvrYTMVHq1t9+Z2OKiFovDzo3EzGfbGRnJ7KpkU2Xoh2B5v0/cNZSHbKUg6ijM=
x-served-by: cache-fra-eddf8230064-FRA
last-modified: Mon, 20 Mar 2023 23:57:31 GMT
server: AmazonS3
x-timer: S1683351015.137923,VS0,VE0
etag: "75e56b9529bc3582d1ee120d4a1d49e9"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 133

GET
H2 200 page_view_timing-aggregate.ced8c919-1228.min.js Show response
js-agent.newrelic.com/ 5 KB
2 KB 7ms
6ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_view_timing-aggregate.ced8c919-1228.min.js

Requested by

Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cf4c54ffc8c78d41d423befa6d5ec511b8e125470ff7deb69bc462dfbb70d780

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: ktDXvd_Dmea2UVJNoozUGAPGaGpVn1ZV
content-encoding: gzip
via: 1.1 varnish
date: Sat, 06 May 2023 05:30:15 GMT
strict-transport-security: max-age=300
x-amz-request-id: W5DRM81VDYX939R5
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2225
x-amz-id-2: VRKV+kznuIT0xLANoxxKqzkpf/aaFNP/xA5egAw2WP8s7n1z4e3NVvsHHmAvzQHs8JKuLLMcnBY=
x-served-by: cache-fra-eddf8230064-FRA
last-modified: Mon, 20 Mar 2023 23:57:31 GMT
server: AmazonS3
x-timer: S1683351015.138670,VS0,VE0
etag: "ddb946a277f5c644d555e8e1bcf23b77"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 131

GET
H2 200 metrics-aggregate.56d9a464-1228.min.js Show response
js-agent.newrelic.com/ 4 KB
2 KB 7ms
7ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/metrics-aggregate.56d9a464-1228.min.js

Requested by

Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fb5175866e24b14e6c800a230af050366c0dcf144254dcdb0ceca4c10549dbe3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: cAHIZ8FQmEPf2jyMvAgXJXAVQ_Jrw1XM
content-encoding: gzip
via: 1.1 varnish
date: Sat, 06 May 2023 05:30:15 GMT
strict-transport-security: max-age=300
x-amz-request-id: W5DKPNHPH53SBQHR
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1751
x-amz-id-2: tKSblmfOpPUw8116I5P5tj1eYeWc+1x0Mc582JexOatINPEc/iphoQq19O3LqTwIDv7zK5IczHQ=
x-served-by: cache-fra-eddf8230064-FRA
last-modified: Mon, 20 Mar 2023 23:57:31 GMT
server: AmazonS3
x-timer: S1683351015.139420,VS0,VE0
etag: "04475d81e10a8c7213d39d14e581c599"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 132

GET
H2 200 jserrors-aggregate.64f61365-1228.min.js Show response
js-agent.newrelic.com/ 7 KB
3 KB 7ms
7ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/jserrors-aggregate.64f61365-1228.min.js

Requested by

Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

73e9fd5d1e48f63c04fc67135326a3e83eb635050aab2536c39dfa9e8989e269

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: 7blonOgQSCw8rfW7sCjHyJm0L6QYtp4X
content-encoding: gzip
via: 1.1 varnish
date: Sat, 06 May 2023 05:30:15 GMT
strict-transport-security: max-age=300
x-amz-request-id: GKTD4VNVVWHVVHHB
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2938
x-amz-id-2: WV5sRljUiHD7144Fr/AIA17oADVh5hU00+OFstbYajNiYH3R7rK+bECeC2/7X0wn8HYVwdumCT8=
x-served-by: cache-fra-eddf8230064-FRA
last-modified: Mon, 20 Mar 2023 23:57:31 GMT
server: AmazonS3
x-timer: S1683351015.140043,VS0,VE0
etag: "06e9895d210a73225fa4b9a47e6e9c5a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 130

GET
H2 200 ajax-aggregate.e6085a9a-1228.min.js Show response
js-agent.newrelic.com/ 5 KB
3 KB 7ms
6ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/ajax-aggregate.e6085a9a-1228.min.js

Requested by

Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

35d5e3136036964661cc94855e1028e063341e3cf4b41a410930fb149cfed5ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: Z4Nlcg06uCyBNWwjTtAHDtnTc5kadigL
content-encoding: gzip
via: 1.1 varnish
date: Sat, 06 May 2023 05:30:15 GMT
strict-transport-security: max-age=300
x-amz-request-id: GKT0HRYS3VNVVBAJ
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2365
x-amz-id-2: L7esGuKdbdCB/vLpBMSE5uF0jiMYQzaB71Qz7liBB1Ed0VYs2lRSHTIUp3lrap5XaEQEyY32qZU=
x-served-by: cache-fra-eddf8230064-FRA
last-modified: Mon, 20 Mar 2023 23:57:31 GMT
server: AmazonS3
x-timer: S1683351015.140551,VS0,VE0
etag: "61554094cde63c6eec39f630c32a828f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 131

GET
H2 200 session_trace-aggregate.ada8b15b-1228.min.js Show response
js-agent.newrelic.com/ 10 KB
4 KB 7ms
6ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/session_trace-aggregate.ada8b15b-1228.min.js

Requested by

Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

531b518173a4f9ac1a1aab5ad10c610d45437166fd39adc0d8208e51dc60f8d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: CejlNuOfipmDjtAs.g7oae_1BhJQzddr
content-encoding: gzip
via: 1.1 varnish
date: Sat, 06 May 2023 05:30:15 GMT
strict-transport-security: max-age=300
x-amz-request-id: W5DZNHTDYPSWP3V3
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3732
x-amz-id-2: JQ584+CtuFpPW6u69dpIwsgJ+aifH7Hn5bpe5dvgRs5pcOj7XjTc63tfwipcVQEhjmsVqDwnmLw=
x-served-by: cache-fra-eddf8230064-FRA
last-modified: Mon, 20 Mar 2023 23:57:31 GMT
server: AmazonS3
x-timer: S1683351015.141069,VS0,VE0
etag: "69d309900c2caeef33af662ddf91affc"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 129

GET
H2 200 page_action-aggregate.1ef08094-1228.min.js Show response
js-agent.newrelic.com/ 3 KB
1 KB 7ms
7ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_action-aggregate.1ef08094-1228.min.js

Requested by

Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0ec14af764fc18154e349ac3889637b2dc64debe89d7759dbcbb1db6cfe79ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: ZC9wFZ_QkK2B08VVIX3wzqk3DACA4ZFm
content-encoding: gzip
via: 1.1 varnish
date: Sat, 06 May 2023 05:30:15 GMT
strict-transport-security: max-age=300
x-amz-request-id: W5DR196SK8M7SW82
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1202
x-amz-id-2: VN3IH/8pZwwrjzE5I1ptajZMRnkIuA8EFl8PX023tfb+VNVpv804ksD9HsUHxHCC4oBr4cD1dDs=
x-served-by: cache-fra-eddf8230064-FRA
last-modified: Mon, 20 Mar 2023 23:57:31 GMT
server: AmazonS3
x-timer: S1683351015.141381,VS0,VE0
etag: "9c1563b1437a04e5cd75285b2f4bffb0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 131

GET
H2 200 spa-aggregate.7222cbb6-1228.min.js Show response
js-agent.newrelic.com/ 18 KB
7 KB 8ms
8ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/spa-aggregate.7222cbb6-1228.min.js

Requested by

Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

af92ff4576df40958f74249a9e167171305a5c842c886a2b1127bc46d727244a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: 8nTKqPmpPpJMnC7V_9l7a.Xfo0rf._qG
content-encoding: gzip
via: 1.1 varnish
date: Sat, 06 May 2023 05:30:15 GMT
strict-transport-security: max-age=300
x-amz-request-id: W5DHRC55PMGWSWJ3
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 6663
x-amz-id-2: BJxpSdiO5TtBIb5pqegS+w+HNMCXcs4hWHzKlSZ3QttUfx8/DIF2wU46qLaDARHx7vGA5kLkg10=
x-served-by: cache-fra-eddf8230064-FRA
last-modified: Mon, 20 Mar 2023 23:57:31 GMT
server: AmazonS3
x-timer: S1683351015.141617,VS0,VE0
etag: "5d22b006d12752c6dafe1b5f41318762"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 108

GET
H/1.1 200
OK NRJS-57dbf2945a0939ba8a1 Show response
bam.nr-data.net/1/ 49 B
397 B 170ms
143ms Script
text/javascript 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-57dbf2945a0939ba8a1?a=594402685&sa=1&v=1228.PROD&t=Unnamed%20Transaction&rst=3189&ck=0&s=d611d8cc88aa2dc8&ref=https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html&be=1643&fe=1496&dc=120&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1683351011959,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:194,%22c%22:194,%22s%22:371,%22ce%22:554,%22rq%22:554,%22rp%22:732,%22rpe%22:1625,%22dl%22:734,%22di%22:1760,%22ds%22:1760,%22de%22:1763,%22dc%22:3138,%22l%22:3138,%22le%22:3141%7D,%22navigation%22:%7B%7D%7D&fp=1683&fcp=1683&jsonp=NREUM.setToken
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:30:15 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 49
x-served-by: cache-fra-eddf8230139-FRA

GET
H2 200 bootstrap.js Show response
wsv3cdn.audioeye.com/ 34 KB
13 KB 768ms
720ms Script
application/javascript 2606:4700:4400::6812:2422
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/bootstrap.js?h=1eaf374938c05884b322c4a1a93b682c
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2422 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79febec8609691e74d91eaf0f751e90edcbe2970fd5b57e451d28046a211be3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

cache-tags: 1eaf374938c05884b322c4a1a93b682c
date: Sat, 06 May 2023 05:30:15 GMT
content-encoding: br
surrogate-keys: 1eaf374938c05884b322c4a1a93b682c
cf-cache-status: HIT
server: cloudflare
etag: W/"32f00a256a8ea317a976a5cf049a2387"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=120
cf-ray: 7c2ed4850dbb043a-FRA

GET
H/1.1 200
OK svrGP Show response
elq.macu.com/visitor/v200/ 0
338 B 152ms
152ms Script
application/javascript 142.0.173.12
NETDYNAMICS

General

Check archive.org

Show headers Download Go to

Full URL

https://elq.macu.com/visitor/v200/svrGP?pps=50&siteid=2213&DLKey=f30397214b8a46999ee05dc731734107&DLLookup=&ms=201&firstPartyCookieDomain=elq.macu.com

Requested by

Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

142.0.173.12 Toronto, Canada, ASN7160 (NETDYNAMICS, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 May 2023 05:30:14 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 0
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H/1.1 200
OK svrGP
elq.macu.com/visitor/v200/ 49 B
375 B 309ms
156ms Image
image/gif 142.0.173.12
NETDYNAMICS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://elq.macu.com/visitor/v200/svrGP?pps=3&siteid=2213&ref=https%3A%2F%2Fintiwin.sa.com%2Fservice2%2Fmon%2Ftain%2Fsafe%2Fmountain1.html&ref2=https%3A%2F%2Fjuleacapulco.com%2F&tzo=0&ms=201&optin=disabled&firstPartyCookieDomain=elq.macu.com

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

142.0.173.12 Toronto, Canada, ASN7160 (NETDYNAMICS, US),

Reverse DNS

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 May 2023 05:30:14 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-Xss-Protection: 1; mode=block
Expires: -1

POST
H/1.1 200
OK NRJS-57dbf2945a0939ba8a1 Show response
bam.nr-data.net/events/1/ 24 B
343 B 231ms
231ms XHR
image/gif 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/NRJS-57dbf2945a0939ba8a1?a=594402685&sa=1&v=1228.PROD&t=Unnamed%20Transaction&rst=3370&ck=0&s=d611d8cc88aa2dc8&ref=https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://intiwin.sa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 06 May 2023 05:30:15 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://intiwin.sa.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 24
x-served-by: cache-fra-eddf8230139-FRA

GET
H2 200 loader.js Show response
wsv3cdn.audioeye.com/v2/scripts/ 136 KB
29 KB 566ms
550ms Script
text/javascript 2606:4700:4400::6812:2422
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/scripts/loader.js?h=1eaf374938c05884b322c4a1a93b682c&lang=en&cb=de1cf08
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2422 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8c71f259dded69aa06ef0c91ce74ddf378758f29a1a9fde886282ca09a23e33

Request headers

Referer: https://intiwin.sa.com/
Origin: https://intiwin.sa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:30:16 GMT
content-encoding: br
surrogate-key: prod 1eaf374938c05884b322c4a1a93b682c de1cf08
last-modified: Sat, 06 May 2023 02:06:47 GMT
server: cloudflare
cf-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60, s-maxage=7200, max-stale=86400, stale-while-revalidate=86400, public
cf-ray: 7c2ed489bb41917c-FRA

GET
H2 200 jquery.bundle.de1cf08.js Show response
wsv3cdn.audioeye.com/v2/build/ 95 KB
34 KB 23ms
23ms Script
application/javascript 2606:4700:4400::6812:2422
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/jquery.bundle.de1cf08.js
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2422 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: faae8cd84f56e4510f6673c933b795421594da326e5198e169b8ab371fa27a12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:30:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 06 May 2023 00:14:40 GMT
server: cloudflare
age: 5104
etag: W/"64559bf0-17d8a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c2ed48999b4043a-FRA
expires: Sun, 05 May 2024 05:30:15 GMT

GET
H2 200 startup.bundle.de1cf08.js Show response
wsv3cdn.audioeye.com/v2/build/ 428 KB
115 KB 30ms
30ms Script
application/javascript 2606:4700:4400::6812:2422
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.de1cf08.js
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2422 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 818eef17348d840c44ac6ebfe60b465ec6666bcf0c522c872eadb6faf37c75e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:30:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 06 May 2023 00:14:40 GMT
server: cloudflare
age: 4930
etag: W/"64559bf0-6b173"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c2ed48999b5043a-FRA
expires: Sun, 05 May 2024 05:30:15 GMT

GET
H2 200 smartrems.bundle.de1cf08.js Show response
wsv3cdn.audioeye.com/v2/build/ 135 KB
40 KB 27ms
27ms Script
application/javascript 2606:4700:4400::6812:2422
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/smartrems.bundle.de1cf08.js
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2422 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffdb48563181bd0358b05141802c1778951164489cba1186592f1782176cfe12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:30:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 05 May 2023 22:12:13 GMT
server: cloudflare
age: 5077
etag: W/"64557f3d-21d7d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c2ed48dcdbc043a-FRA
expires: Sun, 05 May 2024 05:30:16 GMT

GET
H2 200 cookieStorage.html Show response
wsv3cdn.audioeye.com/v2/frame/ Frame E945 1 KB
725 B 23ms
22ms Document
text/html 2606:4700:4400::6812:2422
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/frame/cookieStorage.html?build=prod/m&pscb=&cb=de1cf08
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2422 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdd357508c4cd326fd421f0893d124d018d55acb5dbb457d7eca24fecfbe4c8c

Request headers

Referer: https://intiwin.sa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 33830
cache-control: public, max-age=365000000, immutable
cf-cache-status: HIT
cf-ray: 7c2ed48e8e46043a-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 06 May 2023 05:30:16 GMT
last-modified: Fri, 05 May 2023 20:04:42 GMT
server: cloudflare
vary: Accept-Encoding

POST
H2 200 send
analytics.audioeye.com/air/v0/ 0
61 B 549ms
175ms Ping
text/plain 34.218.219.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.audioeye.com/air/v0/send
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.de1cf08.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.218.219.143 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-218-219-143.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intiwin.sa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 06 May 2023 05:30:17 GMT
content-length: 0

GET
H2 200 3772.bundle.de1cf08.js Show response
wsv3cdn.audioeye.com/v2/build/ 480 B
331 B 20ms
20ms Script
application/javascript 2606:4700:4400::6812:2422
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/3772.bundle.de1cf08.js
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2422 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6db9473433810ec1cb3117726b26aab3d002201382e526a11c5ef6b16aa514f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:30:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 05 May 2023 22:12:13 GMT
server: cloudflare
age: 5104
etag: W/"64557f3d-1e0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c2ed48e9e54043a-FRA
expires: Sun, 05 May 2024 05:30:16 GMT

GET
H2 200 5121.bundle.de1cf08.js Show response
wsv3cdn.audioeye.com/v2/build/ 382 B
306 B 26ms
26ms Script
application/javascript 2606:4700:4400::6812:2422
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/5121.bundle.de1cf08.js
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2422 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 903cf6b79d15c1159628f9edf09b933327c9a54efb41023641c09db4696ded7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:30:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 06 May 2023 00:14:40 GMT
server: cloudflare
age: 5069
etag: W/"64559bf0-17e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c2ed48e9e55043a-FRA
expires: Sun, 05 May 2024 05:30:16 GMT

GET
H2 200 874.bundle.de1cf08.js Show response
wsv3cdn.audioeye.com/v2/build/ 193 B
224 B 20ms
20ms Script
application/javascript 2606:4700:4400::6812:2422
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/874.bundle.de1cf08.js
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2422 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20f86b062157fbf2af91b2a5013cb09570b608b2993b430e2b41ae0c34ed4d75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:30:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 06 May 2023 00:14:40 GMT
server: cloudflare
age: 5069
etag: W/"64559bf0-c1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c2ed48e9e58043a-FRA
expires: Sun, 05 May 2024 05:30:16 GMT

GET
H2 200 launcher.bundle.de1cf08.js Show response
wsv3cdn.audioeye.com/v2/build/ 80 KB
20 KB 22ms
22ms Script
application/javascript 2606:4700:4400::6812:2422
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/launcher.bundle.de1cf08.js
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2422 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9b074865c89d0fa43a3d519fbc3b8b6fdb2c2da7b66e6381f01a6e307b6a86f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:30:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 06 May 2023 00:14:40 GMT
server: cloudflare
age: 5068
etag: W/"64559bf0-13f4b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c2ed4a1484e043a-FRA
expires: Sun, 05 May 2024 05:30:19 GMT

GET
H2 200 compliance.bundle.de1cf08.js Show response
wsv3cdn.audioeye.com/v2/build/ 151 KB
44 KB 23ms
23ms Script
application/javascript 2606:4700:4400::6812:2422
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/compliance.bundle.de1cf08.js
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2422 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40c478cabd03f86e0b414cdf1fdc7f683d7f7982650b73947e86120d2ab9438e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:30:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 05 May 2023 22:12:13 GMT
server: cloudflare
age: 4873
etag: W/"64557f3d-25c35"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c2ed4a14850043a-FRA
expires: Sun, 05 May 2024 05:30:19 GMT

GET
H2 200 6365.bundle.de1cf08.js Show response
wsv3cdn.audioeye.com/v2/build/ 1 KB
485 B 23ms
22ms Script
application/javascript 2606:4700:4400::6812:2422
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/6365.bundle.de1cf08.js
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2422 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e68086b07bd9a58d95d52ea6e81b61913d54ed3c0985d4864d686d2ca4b25b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:30:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 06 May 2023 00:14:40 GMT
server: cloudflare
age: 4886
etag: W/"64559bf0-42e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c2ed4a1a89c043a-FRA
expires: Sun, 05 May 2024 05:30:19 GMT

GET
H2 200 site-menu.bundle.de1cf08.js Show response
wsv3cdn.audioeye.com/v2/build/ 53 KB
15 KB 21ms
21ms Script
application/javascript 2606:4700:4400::6812:2422
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/site-menu.bundle.de1cf08.js
Requested by: Host: intiwin.sa.com
URL: https://intiwin.sa.com/service2/mon/tain/safe/mountain1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2422 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d60139f58477d38a3af4ad413b885e8899664f0e3a8ae93922032c57eff7f504

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intiwin.sa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:30:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 06 May 2023 00:14:40 GMT
server: cloudflare
age: 4936
etag: W/"64559bf0-d357"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c2ed4a1a89f043a-FRA
expires: Sun, 05 May 2024 05:30:19 GMT

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
font/truetype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d08ca522e8eb6a6a776784fe81d91d8aec8e7a2ba7fd76c6309f30a900105c35

Request headers

Referer
Origin: https://intiwin.sa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: font/truetype

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v22/ 14 KB
14 KB 128ms
38ms Font
font/woff2 2a00:1450:4001:811::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://intiwin.sa.com/
Origin: https://intiwin.sa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 14:44:35 GMT
x-content-type-options: nosniff
age: 571544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13976
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 14:44:35 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v22/ 14 KB
14 KB 38ms
38ms Font
font/woff2 2a00:1450:4001:811::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

fdfdf90531f4bce8ee5fbb9da2e6736f462011670e5af0b0db44d6152c049076

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://intiwin.sa.com/
Origin: https://intiwin.sa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 16:39:16 GMT
x-content-type-options: nosniff
age: 564665
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13904
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:18:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 16:39:16 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Mountain America Credit Union (Banking)

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.demdex.net/	1970-01-20 15:55:03	Name: demdex Value: 47952012306200206772761966976906625279
.intiwin.sa.com/	1969-12-31 23:59:59	Name: AMCVS_BF06317853BFD2160A490D4E%40AdobeOrg Value: 1
.everesttech.net/	1970-01-20 20:21:27	Name: everest_g_v2 Value: g_surferid~ZFXl5QAAAGvgGgNx
.dpm.demdex.net/	1970-01-20 15:55:03	Name: dpm Value: 47952012306200206772761966976906625279
.intiwin.sa.com/	1970-01-20 13:45:27	Name: _gcl_au Value: 1.1.734040632.1683351014
.intiwin.sa.com/	1970-01-20 21:11:51	Name: AMCV_BF06317853BFD2160A490D4E%40AdobeOrg Value: -2121179033%7CMCIDTS%7C19484%7CMCMID%7C48197389387601759442755261031274344050%7CMCAAMLH-1683955813%7C6%7CMCAAMB-1683955813%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1683358213s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19491%7CvVersion%7C5.3.0
intiwin.sa.com/	1970-01-20 11:37:17	Name: ln_or Value: eyI1MDQ5OTg1LDU0MDkyNCI6ImQifQ%3D%3D
.doubleclick.net/	1970-01-20 11:35:51	Name: test_cookie Value: CheckForPermission
.intiwin.sa.com/	1970-01-20 21:11:51	Name: _ga_D0FC4ZRQT5 Value: GS1.1.1683351014.1.0.1683351014.60.0.0
.intiwin.sa.com/	1970-01-20 21:11:51	Name: _ga_Q50Z8XJ82V Value: GS1.1.1683351014.1.0.1683351014.0.0.0
.intiwin.sa.com/	1970-01-20 21:11:51	Name: _ga Value: GA1.3.1267918708.1683351014
.intiwin.sa.com/	1970-01-20 11:37:17	Name: _gid Value: GA1.3.673672004.1683351014
.intiwin.sa.com/	1970-01-20 11:35:51	Name: _gat_UA-42841702-1 Value: 1
.intiwin.sa.com/	1970-01-20 13:45:27	Name: _fbp Value: fb.2.1683351014103.1313435220
.t.co/	1970-01-20 21:11:51	Name: muc_ads Value: 332d8589-f095-408b-953d-b052dc7e1c99
.linkedin.com/	1970-01-20 12:19:03	Name: UserMatchHistory Value: AQKopIVJQxQ77AAAAYfvigq03KJXw5yzn3j85NgHMbwxLM5JTMFcIjoV-fmhH3BYTrCyhQiagGrAMQ
.linkedin.com/	1970-01-20 12:19:03	Name: AnalyticsSyncHistory Value: AQK_Xi9sAQsqhAAAAYfvigq03_56n4i75Bcl--tf3rC_w9c98f7GQP6ncfDP_Jb27KQT5GPOtjo6HGDUEUMfCQ
.linkedin.com/	1970-01-20 20:21:27	Name: bcookie Value: "v=2&0a716931-7255-40fd-884c-b74d5f8f8820"
.linkedin.com/	1970-01-20 11:37:17	Name: lidc Value: "b=TGST08:s=T:r=T:a=T:p=T:g=2525:u=1:x=1:i=1683351014:t=1683437414:v=2:sig=AQGz7HzLu5WU2rNnz2l9UEw5VLboaZLq"
.twitter.com/	1970-01-20 21:11:51	Name: personalization_id Value: "v1_9C5WXPNZFa6OL+o5JP5r1g=="
tags.srv.stackadapt.com/	1970-01-20 20:21:27	Name: sa-user-id Value: s%3A0-93d92494-0759-56f2-7523-e75418697f86.7SdMj3cPYLan%2FdBfutKwBHEkf77DXt4KOLp0bICGQ4Y
tags.srv.stackadapt.com/	1970-01-20 20:21:27	Name: sa-user-id-v2 Value: s%3Ak9kklAdZVvJ1I-dUGGl_hrnVm8Q.bvRAvxgSkPzsOTChcsoJqeEWFeCg3kGVEUXJEWvnVhk
.srv.stackadapt.com/	1970-01-20 20:21:27	Name: sa-user-id-v2 Value: s%3Ak9kklAdZVvJ1I-dUGGl_hrnVm8Q.bvRAvxgSkPzsOTChcsoJqeEWFeCg3kGVEUXJEWvnVhk
intiwin.sa.com/	1970-01-20 20:21:27	Name: sa-user-id Value: s%253A0-93d92494-0759-56f2-7523-e75418697f86.7SdMj3cPYLan%252FdBfutKwBHEkf77DXt4KOLp0bICGQ4Y
intiwin.sa.com/	1970-01-20 20:21:27	Name: sa-user-id-v2 Value: s%253Ak9kklAdZVvJ1I-dUGGl_hrnVm8Q.bvRAvxgSkPzsOTChcsoJqeEWFeCg3kGVEUXJEWvnVhk
.www.linkedin.com/	1970-01-20 20:21:27	Name: bscookie Value: "v=1&20230506053014d4a61d26-6995-4cba-8633-1b10e72d1ccaAQFXEUVtFd2dykl1m2iznWtpR664ZVgF"
.linkedin.com/	1970-01-20 15:55:03	Name: li_gc Value: MTswOzE2ODMzNTEwMTQ7MjswMjH4afRoiEYWO2oNtSwT53XTJQ7/aGz8gRlQIoTniP4+4w==
.intiwin.sa.com/	1969-12-31 23:59:59	Name: cebs Value: 1
.intiwin.sa.com/	1970-01-20 20:21:27	Name: _ce.s Value: v~de1ecf02440ef8391a9fd7b528081f55e2a80036~vpv~0
intiwin.sa.com/	1970-01-20 20:21:27	Name: _aeaid Value: d8900df6-62d4-40f1-a0ae-9cf926b0a420

20 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://intiwin.sa.com/webpack-runtime-884b2d773e3a7ffe2c40.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://intiwin.sa.com/framework-d57f860b8956cf8c9f70.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://intiwin.sa.com/aaa5778d-04a131f86a008b57859b.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://intiwin.sa.com/service2/mon/tain/safe/happ-d272f87d6b2df3a675bd.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://intiwin.sa.com/service2/mon/tain/safe/hcb1608f2-0057d41c6bdf4bfeb908.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://intiwin.sa.com/service2/mon/tain/safe/h84b384f4-046c54ac5dba593827d2.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://intiwin.sa.com/commons-3365dfddf1ca2e24c21f.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://intiwin.sa.com/service2/mon/tain/safe/hcomponent---src-pages-index-mdx-b8351effa489dd13739d.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://intiwin.sa.com/page-data/index/page-data.json Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://intiwin.sa.com/service2/mon/tain/safe/hpage-data/sq/d/2013016621.json Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://intiwin.sa.com/service2/mon/tain/safe/hpage-data/app-data.json Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://intiwin.sa.com/page-data/sq/d/63159454.json Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://intiwin.sa.com/component---src-pages-index-mdx-b8351effa489dd13739d.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://intiwin.sa.com/service2/mon/tain/safe/hommons-3365dfddf1ca2e24c21f.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://intiwin.sa.com/service2/mon/tain/safe/htb384f4-046c54ac5dba593827d2.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://intiwin.sa.com/service2/mon/tain/safe/http608f2-0057d41c6bdf4bfeb908.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://intiwin.sa.com/service2/mon/tain/safe/http-d272f87d6b2df3a675bd.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://intiwin.sa.com/service2/mon/tain/safe/http5778d-04a131f86a008b57859b.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://intiwin.sa.com/service2/mon/tain/safe/httpmework-d57f860b8956cf8c9f70.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://intiwin.sa.com/service2/mon/tain/safe/httbpack-runtime-884b2d773e3a7ffe2c40.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.audioeye.com
analytics.twitter.com
assets.adobedtm.com
bam.nr-data.net
cdn.jsdelivr.net
cdn.linkedin.oribi.io
cdn.polyfill.io
cm.everesttech.net
code.jquery.com
connect.facebook.net
dpm.demdex.net
elq.macu.com
fonts.gstatic.com
googleads.g.doubleclick.net
gtm.macu.com
img.en25.com
insight.adsrvr.org
intiwin.sa.com
js-agent.newrelic.com
js.adsrvr.org
juleacapulco.com
macu.d2.sc.omtrdc.net
macu.demdex.net
p.typekit.net
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
region1.google-analytics.com
script.crazyegg.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tags.srv.stackadapt.com
use.typekit.net
wsmcdn.audioeye.com
wsv3cdn.audioeye.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.macu.com
104.244.42.197
104.244.42.3
108.138.15.119
13.107.42.14
142.0.173.12
146.75.120.157
151.101.130.137
162.247.243.29
172.217.18.2
2001:4860:4802:32::36
2001:4860:4802:36::15
2001:4de0:ac18::1:a:2b
201.131.21.96
23.32.242.89
2600:9000:20eb:6c00:2:53b2:240:93a1
2606:4700:4400::6812:2422
2606:4700:4400::ac40:97de
2606:4700::6813:9308
2620:1ec:21::14
2a00:1450:4001:800::2002
2a00:1450:4001:801::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:811::2003
2a00:1450:4001:827::2008
2a00:1450:4001:829::2003
2a00:1450:4001:82a::200e
2a00:1450:400c:c0b::9a
2a02:26f0:3500:16::215:148d
2a02:26f0:3500:16::215:1495
2a02:26f0:3500:591::1e80
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:600::282
2a04:4e42::485
3.224.163.117
3.248.155.70
34.218.219.143
35.71.131.137
45.60.46.50
45.74.8.8
52.48.138.69
63.140.62.135
03bf8fec823b2c223b27122d09a534ab3ba1c5fa35ba1b2faf8f7079410d44fb
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4
079c85d823b588108b623f842c5aca6c805c4f1b2c9af00d5aff193224d0d477
07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988
0b56dd809f978c08d4d736c90412e7d66e54aa4059d2e0b2b79f444dd734200f
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0ec14af764fc18154e349ac3889637b2dc64debe89d7759dbcbb1db6cfe79ef8
111610f98549241682fc11b117eeb0eb0d5af18847f0c69ccbf82d7d5004a918
138376ba413b29d8a4354768884cfa9f31417e682385990bdc02136cc2616087
1857d1bc1fe229e7ca9313cf1270171e6c6e95c82f70820bde5a5a3baa22e30b
19126b874a32753d42c12dfa6c17892bfd93820a5a5100ba1b34da4d07599b49
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1e68086b07bd9a58d95d52ea6e81b61913d54ed3c0985d4864d686d2ca4b25b2
20f86b062157fbf2af91b2a5013cb09570b608b2993b430e2b41ae0c34ed4d75
22051e5464f07018297c13799b1db21f39f6b0676c72fce70dbbc6b9a4793c0a
238ef4f692083a7f831d8078153dec81e924c739ad790d21f3d4f76309f9f0bd
2cf2dace1c4f33e2cf824cb79fc498dc4a62e2daf62e8b0b44017cc442dafa50
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
35d5e3136036964661cc94855e1028e063341e3cf4b41a410930fb149cfed5ce
40c478cabd03f86e0b414cdf1fdc7f683d7f7982650b73947e86120d2ab9438e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4ca2d921b84e49dbe231d9885bd2ef8fdfb4c1d957bf35fa2b4bd642fe336929
4f4f57044cd0b10b29ffb36a590e48ab912275a5daf264cd58241b25cac03e5f
52ab6be1b9ef2881a8cad2684bc5848a00b67a2c82d848c770a76e152f9024b8
531b518173a4f9ac1a1aab5ad10c610d45437166fd39adc0d8208e51dc60f8d6
5a80a666e32d21dd695c31ea49b744e5651dceff994f4fcf2397b7df5135b095
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
65b29100391c0314c91900f518d4c796373f084b3eb7cab153a892ecd5b7f36e
6b783e1b85ca59998661958a7e2d7576c8bc937c03b28ab68b8bc0c5a4086045
6db9473433810ec1cb3117726b26aab3d002201382e526a11c5ef6b16aa514f1
724f1ee3000ace68f4845807dd13619dae3262e4c9b6a252a13dfb215fa26d6e
737472d1ebf560cc3c2eebadaab70cc3560a10954f3b178704791136b10d17c1
73e9fd5d1e48f63c04fc67135326a3e83eb635050aab2536c39dfa9e8989e269
79febec8609691e74d91eaf0f751e90edcbe2970fd5b57e451d28046a211be3e
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
818eef17348d840c44ac6ebfe60b465ec6666bcf0c522c872eadb6faf37c75e0
83c6c18f8719320cbd6cd83248055a13a92e1c7866c23a347c08c92c7d1fe391
8d7b050def2d324b2a09d3ef158f1d15e09be476aee22cbdfd7fa3660952df0a
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
8f2823c6e5bbd625751a8d371c579b5a160469cc862bfc8a1aa841dc207973f8
903cf6b79d15c1159628f9edf09b933327c9a54efb41023641c09db4696ded7e
936aaa639be8fa6c83d6090a016cf175282c6102980ebb6ef79e84cd25ecf950
9841b70cd5589b1c0cdc6be259aaca53788da02181d44ef24f10698ae06b9888
99d7790aa855f59628f5538eb7a239829e05bd0197daf1c6e82b1b0809338cf7
9e56bd6105d6e24d804d3db97049f580c26390f475a87f7535e066bdc815b2f2
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
a7a05d6db9fff3ed1d8626f59c88628a08dd321a7bc8682e007f2f8de2f9cd3c
a88b390363b57d9e7da5e24df6c39a99706a5128f00577a3ec15aa3fd6e4ee3f
ab072a017662be34b6ac4da319eeffa3a6b1132ba5fc02875b3e10dfb765471a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af92ff4576df40958f74249a9e167171305a5c842c886a2b1127bc46d727244a
b7331a1509613667f6fe8676501f2c1149a59e27807a177639096c0aa74618cc
b8ad5bc1f66678e135b2f907f8c42de1c5a8ffddccf77a8eb05f315561d85c40
b8c71f259dded69aa06ef0c91ce74ddf378758f29a1a9fde886282ca09a23e33
cc4c6fa45c295e9c8021c6dbaa5fdb7475dbd264eaf672baec264c0a3cb428c0
cf4c54ffc8c78d41d423befa6d5ec511b8e125470ff7deb69bc462dfbb70d780
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d00d22f1cd4c89e84b29833c8877403c5fbbde7fb573ee50e384d38e00bcb88c
d08ca522e8eb6a6a776784fe81d91d8aec8e7a2ba7fd76c6309f30a900105c35
d156f12f98d66cc129c3b0667d04338be8eea26b592dd0838b0f867c03d573fb
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d60139f58477d38a3af4ad413b885e8899664f0e3a8ae93922032c57eff7f504
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dcb3ae25ce4f06b3a348b4db58db5b5c2913e7681708c723309121eed01d7e49
deed0694ab9b434aad2c6afa78bf7a2dac9af09af0783ab35bcfb1dfd61eed7d
dfadb872cfa128e09e03f3ded68d44e9789166b0317c20111505e2b6b4611843
e23b1851926f1f909295d26142dfe45ceabc52fe898f724b4f61a659f6ac6a53
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ed6e7f434ca0748610440d7d2b5903e49325a70406fb695eb91104e42114bdda
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f9b074865c89d0fa43a3d519fbc3b8b6fdb2c2da7b66e6381f01a6e307b6a86f
fa7c2783ee6b79ec8c6a022152d7a7bedcc4f881de735e1de3b026a233f981d4
faae8cd84f56e4510f6673c933b795421594da326e5198e169b8ab371fa27a12
fb5175866e24b14e6c800a230af050366c0dcf144254dcdb0ceca4c10549dbe3
fdbecbd63733ac320b464c156043867a8485520337b5013419a62201f3b241bd
fdd357508c4cd326fd421f0893d124d018d55acb5dbb457d7eca24fecfbe4c8c
fdfdf90531f4bce8ee5fbb9da2e6736f462011670e5af0b0db44d6152c049076
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df
ffdb48563181bd0358b05141802c1778951164489cba1186592f1782176cfe12

intiwin.sa.com Open in urlscan Pro 45.74.8.8 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

118 Requests

95 %HTTPS

55 %IPv6

33 Domains

46 Subdomains

39 IPs

7 Countries

2105 kBTransfer

4226 kBSize

30 Cookies

16 Outgoing links

Page URL History

Redirected requests

118 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

intiwin.sa.com Open in urlscan Pro
45.74.8.8 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

118
Requests

95 %
HTTPS

55 %
IPv6

33
Domains

46
Subdomains

39
IPs

7
Countries

2105 kB
Transfer

4226 kB
Size

30
Cookies

118 HTTP transactions
8 data transactions