pharmaxsolutions.com Open in urlscan Pro
160.153.0.160 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://intip.in/Q8tH
Effective URL:
https://pharmaxsolutions.com/.tmb/sso/login.php
Submission: On March 27 via manual (March 27th 2023, 5:20:23 pm UTC) from PH — Scanned from NL

Summary HTTP 53 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 11 domains to perform 53 HTTP transactions. The main IP is 160.153.0.160, located in and belongs to . The main domain is pharmaxsolutions.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 13th 2023. Valid for: a year.

This is the only time pharmaxsolutions.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
2 8	160.153.0.160 160.153.0.160	() ()
53	14

8 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

intip.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 160.153.0.160 (None, ) 2 redirects

ASN- ()

pharmaxsolutions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 135	235 KB
8	pharmaxsolutions.com 2 redirects pharmaxsolutions.com	17 KB
8	intip.in 1 redirects intip.in	27 KB
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 29	40 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	72 KB
3	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 ajax.googleapis.com — Cisco Umbrella Rank: 309	84 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 187	49 KB
1	google.nl adservice.google.nl — Cisco Umbrella Rank: 14604	531 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 886	598 B
0	bdo.com.ph Failed online.bdo.com.ph Failed
53	11

	Domain	Requested by
8	pharmaxsolutions.com	2 redirects intip.in pharmaxsolutions.com
8	pagead2.googlesyndication.com	intip.in pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	intip.in	1 redirects intip.in
7	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	intip.in googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.nl	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ajax.googleapis.com	intip.in
0	online.bdo.com.ph Failed	pharmaxsolutions.com
53	15

This site contains links to these domains. Also see Links.

Domain
pharmaxsolutions.com
www.cscpro.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
pharmaxsolutions.com Cloudflare Inc ECC CA-3	`2023-01-13` - `2024-01-12`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://pharmaxsolutions.com/.tmb/sso/login.php
Frame ID: D8666627F13A56061C0D9BC8E220F7EC
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20190131/zrt_lookup.html
Frame ID: D3227BD465AC48BE703AB4E9A67DA675
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5143560101123176&output=html&adk=1812271804&adf=3025194257&lmt=1679937619&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fintip.in%2FQ8tH%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679937619383&bpp=3&bdt=278&idt=223&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3224870962683&frm=20&pv=2&ga_vid=1179054308.1679937620&ga_sid=1679937620&ga_hid=599314840&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C44759842%2C31073015%2C44786631&oid=2&pvsid=1655953421506574&tmod=606444264&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=242
Frame ID: C355F3111DC0FF2E79B120A56039D79C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5143560101123176&output=html&h=280&slotname=7688690932&adk=2817215078&adf=2471047639&pi=t.ma~as.7688690932&w=1050&fwrn=4&fwrnh=100&lmt=1679937619&rafmt=1&format=1050x280&url=https%3A%2F%2Fintip.in%2FQ8tH%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679937619386&bpp=2&bdt=280&idt=244&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3224870962683&frm=20&pv=1&ga_vid=1179054308.1679937620&ga_sid=1679937620&ga_hid=599314840&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=680&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C44759842%2C31073015%2C44786631&oid=2&pvsid=1655953421506574&tmod=606444264&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CaE%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=w9SYnmbGhm&p=https%3A//intip.in&dtd=248
Frame ID: 5BE1928A8B27992E7B84A99B4F24AE1C
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4E6B630267163A59E27B5AFF4C7FC2D0
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js
Frame ID: 33D6DCAA262DA617DB324F12A617F36E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2AB1BA41B56D4BBD62325A1DEC7C232F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 03EDCD85FECD700C240DB6D1407A5BE7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Intip.in - Q8tH

Page URL History Show full URLs

https://intip.in/Q8tH HTTP 302
https://intip.in/Q8tH/ Page URL
https://pharmaxsolutions.com/.tmb HTTP 301
https://pharmaxsolutions.com/.tmb/ HTTP 302
https://pharmaxsolutions.com/.tmb/sso/login.php Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

53
Requests

89 %
HTTPS

92 %
IPv6

11
Domains

15
Subdomains

14
IPs

2
Countries

525 kB
Transfer

1335 kB
Size

5
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://pharmaxsolutions.com/.tmb
Title: www.bdo.com.ph@pharmaxsolutions.com

Search URL Search Domain Scan URL

URL: https://www.cscpro.org/
Title: Cscpro Labs

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://intip.in/Q8tH HTTP 302
https://intip.in/Q8tH/ Page URL
https://pharmaxsolutions.com/.tmb HTTP 301
https://pharmaxsolutions.com/.tmb/ HTTP 302
https://pharmaxsolutions.com/.tmb/sso/login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://intip.in/Q8tH HTTP 302
https://intip.in/Q8tH/

Request Chain 31

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

53 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
intip.in/Q8tH/
Redirect Chain

https://intip.in/Q8tH
https://intip.in/Q8tH/

6 KB
3 KB

203ms
203ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://intip.in/Q8tH/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

753fc751b120d2f279e3c166af14c756624c07551aa1805e2e2e51c48a4a4ee2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7ae94da62df0b7f5-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 27 Mar 2023 17:20:19 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ENfhdAmGIgtukt493oGBXeY4EiyFp%2FbnpSA9bfwEA0nVV%2FGOe13l4gHzwGB78kXz%2Ffm4vzC%2FXfHuheO9SWswWqxnxMA0xTrD78dpw5ajHibbuy1GgHufbw1YqbbNqTEpbwiICeDsHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7ae94da3db6eb7f5-AMS
content-type: text/html; charset=UTF-8
date: Mon, 27 Mar 2023 17:20:18 GMT
location: /Q8tH/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LNUU%2FTrOrGyz9Z512uNrXjhD7yuK%2BlGf3tVATRGR%2B9k6u41Bg60RoY9Eygnpe2GZrX%2BNRXxxgqjh%2B5dQI%2BHMMqbHFBSbNV8ZMEhAewX%2B9YqF%2FpGX1L0pWO5P0ydtqq%2FMW2%2Bav4FkIA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains

GET
H2 200 basic.15.02.css
intip.in/static/style/ 10 KB
4 KB 21ms
20ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://intip.in/static/style/basic.15.02.css

Requested by

Host: intip.in
URL: https://intip.in/Q8tH/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c0ed05a1aca3cd7ad3d89d6cd910c248ad1c865efadd5a137e853f14671e8ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://intip.in/Q8tH/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 17:20:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 20 Feb 2017 23:53:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6125
etag: W/"58ab8172-29a1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ogz2ii1wvu2pDL2GDFASKkrRDw1H%2BPYDcmDp29Jrt1xt5ewTj7my%2FKX8i%2Bc18Lo9UejcAj%2FHYp4VNUAx3tjPu9KzlPKI9mQUGgcl17zPJNaNzDRu0ogefGX4VpfbKH3cxq2d8biGQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7ae94da77f83b7f5-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 main.css
intip.in/static/style/ 2 KB
886 B 22ms
20ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://intip.in/static/style/main.css

Requested by

Host: intip.in
URL: https://intip.in/Q8tH/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61ba2a18fd88cbb9ee90d2003d60738a8a5d870636431252199f4ec9ecc00a78

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://intip.in/Q8tH/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 17:20:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 20 Feb 2017 23:53:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6125
etag: W/"58ab8172-649"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O8ov8K3qdbz9ML62ilJrQ4FgpdnUMwDfN71w1lTxvgQcu%2FFeiSZohoHJkxrLicd%2BTzCHW2E2SHnkjfaMMP4LBh%2FxqifUWt3xpa6cHwL35UtMpBx%2BVV19Qae0GZubA7wnHAkmTWIPKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7ae94da77f84b7f5-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 intip.css
intip.in/static/style/ 3 KB
1 KB 22ms
21ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://intip.in/static/style/intip.css?D7NgH8GG3T0ZHrU6zD2xqthuQdmRCwn6

Requested by

Host: intip.in
URL: https://intip.in/Q8tH/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a7cee70c7b27770320fdcc1bb12ff9ccb6ffd926dbce1f66293618fbba19a5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://intip.in/Q8tH/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 17:20:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 May 2017 19:21:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6125
etag: W/"5913682f-d4f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ff%2FM394ufzHwHHknwovtog0J3kHJYKM74lm%2FIzpL3jjCMQG0JHeCI7beo%2FOMqj7r%2BEyj%2FVyrEekqNc78DIBYpgr5qER7oJ%2FQwAZakv6YJagj1Xittyva1zf9ZhiwIU5XGZzJVzsZYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7ae94da77f86b7f5-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bv4.min.css
intip.in/static/style/ 63 KB
10 KB 25ms
24ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://intip.in/static/style/bv4.min.css?D7NgH8GG3T0ZHrU6zD2xqthuQdmRCwn6

Requested by

Host: intip.in
URL: https://intip.in/Q8tH/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58920e276e3191657a716b5aa9402af8e120964d92e59d3bb28d124adb2629d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://intip.in/Q8tH/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 17:20:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 05 May 2017 12:23:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6125
etag: W/"590c6ec7-fdab"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vQyx2H7hSp0PhkFqCyuTBz%2FuqxZJd46SOzN62rJ7Knp9SHJNNt8V5l%2Ff1t0o6tea2c0g%2BuSZartdyRJNI%2BmymjdBt%2Bi4Ip%2BH%2FqzQVDf7fy3i0Xf4WThPJgC1GrmmtO5O0ZjdhRPtpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7ae94da77f87b7f5-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 2 KB
932 B 102ms
31ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:500

Requested by

Host: intip.in
URL: https://intip.in/Q8tH/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8397e8f2e9c03c8e3bbd567258b57c38e85062ae84cbbeb630e1c47b626da8f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://intip.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 27 Mar 2023 17:20:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 15:26:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Mar 2023 17:20:19 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.0.3/ 82 KB
82 KB 71ms
20ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.0.3/jquery.min.js

Requested by

Host: intip.in
URL: https://intip.in/Q8tH/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://intip.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 22:11:39 GMT
x-content-type-options: nosniff
age: 155320
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83606
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Mar 2024 22:11:39 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 140 KB
48 KB 119ms
70ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5143560101123176

Requested by

Host: intip.in
URL: https://intip.in/Q8tH/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3eedc4ece02f0cfbcae71ba1164d64fbc0f5e187b0df14e41e353c4640a99fa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://intip.in/
Origin: https://intip.in
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 17:20:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48681
x-xss-protection: 0
server: cafe
etag: 4412801070574423915
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 27 Mar 2023 17:20:19 GMT

GET
H2 200 icon_128.png
intip.in/image/ 6 KB
6 KB 21ms
21ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://intip.in/image/icon_128.png

Requested by

Host: intip.in
URL: https://intip.in/Q8tH/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e60dfce5f0a1fc8478e74e952d113b0d52151e498fe242c9d30c126a8a1036c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://intip.in/Q8tH/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 17:20:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6123
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5758
last-modified: Thu, 02 Mar 2017 19:22:54 GMT
server: cloudflare
etag: "58b8710e-167e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Hum%2FLfrIGmA7llhf%2By8oux%2Bs8z%2B3gOoJUZAyZF0s0V1k%2FEaFqOjuB8J10tI70OrfBQ7E2cZTQxgoXQ8xjFtK2a96CLpiwyssiWDQTCdJOh8kj3pbjK9ZUvzgFAuf5nCPbA50h60DQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ae94da8389ab7f5-AMS

GET
H2 200 email-decode.min.js Show response
intip.in/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 18ms
18ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://intip.in/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: intip.in
URL: https://intip.in/Q8tH/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://intip.in/Q8tH/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 17:20:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 21 Mar 2023 12:31:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: gzip
etag: W/"6419a395-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GG44p0wFUxRHrc8SucIz0ptnYkFvz%2FkJfqVQo3HnK%2B8VtDe2UpOvvaQoSLlQZEO6IA%2FJDJbELBGhkbw%2BeZ1eNq5zHrplqezpGpQ%2BMRgjPVRJbOrIT95IVmVk5CgwgRdDaC%2BIX72GuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7ae94da8187eb7f5-AMS
expires: Wed, 29 Mar 2023 17:20:19 GMT

GET
H2 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvoorCIPrE.woff2
fonts.gstatic.com/s/raleway/v28/ 20 KB
21 KB 78ms
22ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvoorCIPrE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

263105b83da311cd76db478c2d958dfded7cc73be6233045a3d3a2b57b86882f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://intip.in
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:39:06 GMT
x-content-type-options: nosniff
age: 549673
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20704
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:57:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:39:06 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303210101/ 350 KB
117 KB 127ms
85ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5143560101123176&plah=intip.in

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5143560101123176

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce61241b89c94c103abc396392d313a223b24b9baaad8f06598558833293915d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://intip.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 17:20:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119750
x-xss-protection: 0
server: cafe
etag: 14399067549183994631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 27 Mar 2023 17:20:19 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230322/r20190131/ Frame D322 10 KB
5 KB 68ms
19ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230322/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5143560101123176

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://intip.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 14650
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Mar 2023 13:16:09 GMT
etag: 2378337311435320485
expires: Mon, 10 Apr 2023 13:16:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 383 B
598 B 77ms
29ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=intip.in&callback=_gfp_s_&client=ca-pub-5143560101123176

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5143560101123176&plah=intip.in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b5539eaa96da44d0e0cca954e18d1430ca6e5f1437adad3de5657c06ce6cb63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://intip.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 17:20:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 246
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
531 B 98ms
29ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=intip.in

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://intip.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 17:20:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 93ms
29ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=intip.in

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://intip.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 17:20:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C355 0
19 B 387ms
387ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5143560101123176&output=html&adk=1812271804&adf=3025194257&lmt=1679937619&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fintip.in%2FQ8tH%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679937619383&bpp=3&bdt=278&idt=223&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3224870962683&frm=20&pv=2&ga_vid=1179054308.1679937620&ga_sid=1679937620&ga_hid=599314840&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C44759842%2C31073015%2C44786631&oid=2&pvsid=1655953421506574&tmod=606444264&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=242

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://intip.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Mar 2023 17:20:19 GMT
expires: Mon, 27 Mar 2023 17:20:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5BE1 100 KB
35 KB 786ms
785ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5143560101123176&output=html&h=280&slotname=7688690932&adk=2817215078&adf=2471047639&pi=t.ma~as.7688690932&w=1050&fwrn=4&fwrnh=100&lmt=1679937619&rafmt=1&format=1050x280&url=https%3A%2F%2Fintip.in%2FQ8tH%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679937619386&bpp=2&bdt=280&idt=244&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3224870962683&frm=20&pv=1&ga_vid=1179054308.1679937620&ga_sid=1679937620&ga_hid=599314840&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=680&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C44759842%2C31073015%2C44786631&oid=2&pvsid=1655953421506574&tmod=606444264&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CaE%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=w9SYnmbGhm&p=https%3A//intip.in&dtd=248

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7ed7b0c7f28982275c3c3028659dfa883073f74aab9045d316ed793ebc8f471

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://intip.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 35333
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Mar 2023 17:20:20 GMT
expires: Mon, 27 Mar 2023 17:20:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 914be99cd47eba54dcad56263af893ff.js Show response
www.gstatic.com/mysidia/ Frame 5BE1 10 KB
5 KB 72ms
22ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/914be99cd47eba54dcad56263af893ff.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5143560101123176&output=html&h=280&slotname=7688690932&adk=2817215078&adf=2471047639&pi=t.ma~as.7688690932&w=1050&fwrn=4&fwrnh=100&lmt=1679937619&rafmt=1&format=1050x280&url=https%3A%2F%2Fintip.in%2FQ8tH%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679937619386&bpp=2&bdt=280&idt=244&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3224870962683&frm=20&pv=1&ga_vid=1179054308.1679937620&ga_sid=1679937620&ga_hid=599314840&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=680&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C44759842%2C31073015%2C44786631&oid=2&pvsid=1655953421506574&tmod=606444264&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CaE%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=w9SYnmbGhm&p=https%3A//intip.in&dtd=248

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1665e53681ca0c9d196425fb71f94996ef4a495a489c7dda67bead9799615d98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 11:58:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 451308
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4426
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 21:58:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 20 Jun 2023 11:58:32 GMT

GET
H2 200 4471e8cf2b0d0f14a71f816ec3ea39a0.js Show response
www.gstatic.com/mysidia/ Frame 5BE1 11 KB
5 KB 75ms
26ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4471e8cf2b0d0f14a71f816ec3ea39a0.js?tag=text/vanilla_highlight_ms

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad89e0a7ba5bc269ae857d3d45bbf5ce07e8092879ed4c27d72e3e8809878217

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 11:58:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 451308
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4799
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 21:56:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 20 Jun 2023 11:58:32 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5BE1 8 KB
991 B 35ms
32ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 27 Mar 2023 17:20:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 16:51:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Mar 2023 17:20:20 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 5BE1 2 KB
818 B 24ms
21ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 16:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3469
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Apr 2023 16:22:31 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/ Frame 5BE1 22 KB
9 KB 79ms
20ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78a0b7266f642f96b673c4065063dba46a80f651ff12352eb82aa877c23b9186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 16:24:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3374
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9109
x-xss-protection: 0
server: cafe
etag: 16040247357158217350
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Apr 2023 16:24:06 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 5BE1 3 KB
1 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 13:41:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13126
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Apr 2023 13:41:34 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 5BE1 20 KB
9 KB 83ms
26ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 16:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3469
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8627
x-xss-protection: 0
server: cafe
etag: 8620137988422272387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Apr 2023 16:22:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5BE1 158 KB
49 KB 87ms
30ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc5e5e5fcb0512d00c16a63f06157a3d039a2810e184226ffede0b5f2f223293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 17:20:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49540
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679493709445325"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 27 Mar 2023 17:20:20 GMT

GET
H2 200 23cf7cdae9f50ee7270380e7f4964b21.js Show response
www.gstatic.com/mysidia/ Frame 5BE1 34 KB
14 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/23cf7cdae9f50ee7270380e7f4964b21.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfb251ab625fc65ba9da3b27cc16fc25459480c929e6e8ff1efb2fa87fd72659

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 11:58:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 451309
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14432
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 21:58:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 20 Jun 2023 11:58:31 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5BE1 0
0 64ms
63ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CNUPMU9AhZPG8MsiV8wP_1L_IB66TqqNv-oa0t6oPhNOX0qwwEAEg3amgSWCRBKAB__GM_gPIAQGoAwHIA8sEqgTqAU_QhlB1TrHs63DYTs7iBSOI1GBkt2DE6OdQc_v5crQ6AEeZczrxC0-y61JKcSowxrFIu-PGU3scdDcvPXfhhRS3TaekqdjD3hbESDKAp9RhO00R4EURPln1sUcg_Fb03f_5JFrzQgUQzLdxbKfsUYQCzyzrjS4yoygPxEpxm3xov4u8sVoZMJG2c8oTsjhAwY7vY_AgKtukcl77442HhxOCydKWnEVmXJK8ny_woF4J8JWFF2EAT04FlXXJ8DbljpF8YoKIsTGXWNOG5Z2cJhFTNDrcrPwNpst5v7vOislj8xKL9zxuR8vAh8AEwpvI7oEEkgUECAQYAZIFBAgFGASAB-jBjguoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCI2UnSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi01MTQzNTYwMTAxMTIzMTc2GAA&sigh=0D6AtRJg-XU&uach_m=[UACH]&cid=CAQSGwDUE5ymaqhhXNO7SmeEiJnczbenvZkbqnh5aBgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5143560101123176&output=html&h=280&slotname=7688690932&adk=2817215078&adf=2471047639&pi=t.ma~as.7688690932&w=1050&fwrn=4&fwrnh=100&lmt=1679937619&rafmt=1&format=1050x280&url=https%3A%2F%2Fintip.in%2FQ8tH%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679937619386&bpp=2&bdt=280&idt=244&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3224870962683&frm=20&pv=1&ga_vid=1179054308.1679937620&ga_sid=1679937620&ga_hid=599314840&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=680&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C44759842%2C31073015%2C44786631&oid=2&pvsid=1655953421506574&tmod=606444264&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CaE%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=w9SYnmbGhm&p=https%3A//intip.in&dtd=248
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 27 Mar 2023 17:20:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 27 Mar 2023 17:20:20 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4E6B 143 B
166 B 20ms
20ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5143560101123176&output=html&h=280&slotname=7688690932&adk=2817215078&adf=2471047639&pi=t.ma~as.7688690932&w=1050&fwrn=4&fwrnh=100&lmt=1679937619&rafmt=1&format=1050x280&url=https%3A%2F%2Fintip.in%2FQ8tH%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679937619386&bpp=2&bdt=280&idt=244&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3224870962683&frm=20&pv=1&ga_vid=1179054308.1679937620&ga_sid=1679937620&ga_hid=599314840&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=680&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44777876%2C44759842%2C31073015%2C44786631&oid=2&pvsid=1655953421506574&tmod=606444264&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CaE%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=w9SYnmbGhm&p=https%3A//intip.in&dtd=248
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 3308
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Mar 2023 16:25:12 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5BE1 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc6d81e371f6227245ff3199f7593337e59589e0ab794536e5fb07f1d8dabf38

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 5BE1 28 KB
28 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:38 GMT
x-content-type-options: nosniff
age: 549762
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:38 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4E6B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

32ms
32ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Mar 2023 17:20:20 GMT
expires: Mon, 27 Mar 2023 17:20:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Mar 2023 17:20:20 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 70ms
68ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230322&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

797028da71827bb55b742cd0d54e3d74e3d3300498edd79c53d8f2aabe4517d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://intip.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 17:20:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11261
x-xss-protection: 0

GET
H3 200 5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js Show response
pagead2.googlesyndication.com/bg/ Frame 33D6 36 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e592e8401ff3d3643307f847aad9397d506bf2329b6b67939cc2b7b226b5783f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 17:54:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170738
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14308
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 24 Mar 2024 17:54:42 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://intip.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 17:20:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 27 Mar 2023 17:20:20 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2AB1 13 KB
5 KB 20ms
20ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://intip.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 13126
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Mar 2023 13:41:34 GMT
expires: Tue, 26 Mar 2024 13:41:34 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 03ED 783 B
965 B 30ms
30ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a5c061492a62b5136c8a4537003aa78e296f9f206be5c08da4f96bba8ee52e3f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IhvtvyEhol8C0cNApsUurw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://intip.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 509
content-security-policy: script-src 'report-sample' 'nonce-IhvtvyEhol8C0cNApsUurw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 27 Mar 2023 17:20:20 GMT
expires: Mon, 27 Mar 2023 17:20:20 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js Show response
pagead2.googlesyndication.com/bg/ Frame 2AB1 36 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e592e8401ff3d3643307f847aad9397d506bf2329b6b67939cc2b7b226b5783f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 17:54:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170738
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14308
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 24 Mar 2024 17:54:42 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 03ED 0
0 54ms
54ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230322&jk=1655953421506574&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2AB1 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?6F8WFw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 17:20:21 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 57ms
57ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230322&jk=1655953421506574&bg=!7O-l77vNAAbO2UOH7tk7ADkAdvg8WsddP47h86rEN-Xt5yXA-ZXuitBy7RiRDwy5yZhYVG1PmgqkJueQi1TlGjnlCY_P9cupcIYCAAAAVVIAAAADaAEHCgCBLNgmZNId4JUe5iouuHt55a0nCoTYaJ2PvE4uwhdL8wEXlOCGN2Z_hzo8XR0AmYl1Ukj4VvKdLEBEI7M8lWCfXcOmJxefeObM6y1dlctt1bdm8T9137eFU_zvIqQerXD4CaUyMgZKkPtyarYpN2fshldr43i3CqCvDc2w4-2y13icmQKZbK2JoJ8njUqkN7jQoL3jvwrSU-9zIsFr0ZFIOVVAaIusIvTaImUyPcmzovlr-ziSczyjDxtzDxJPxr1SSwW8FZYUwc73-DnKc4yVwcn6kYDTUEThH5vdC2HwV6YBnasMvdTJSeka21zFB1OOAaNlZnWTUVv2y8Z28O8zQOF3vxb9Zr-h1w-w2PjxqHN7UxdNFEBFV1vZesi1gnYApGMFvs3MUN3PVHf1n_-G0Mr_xXUjyihg9ma5S3oGmXNKNl_hUnIv6S57IPRIK3IA8dugWHkogaIUcnyMkRg5H6OaxbQ1BsYU5siBP8FIl1xWGUP_xpM3xgE72kyqZ1ay_NGuS4R91eOeWoGbdfiEkdouYEtCzSmWPaLsTvCXI3RBWA6LfBTYvUoazWPkl9hiDffr-TufskAMc8biFbeBw6FZVs5ANOYFwNL87oiOncjtoNBcQlF6mW1nvYkS_BlFrdlzKbqwjAUpvOk6aAp6G0Ws1x2jZmsJCqbD5GPstj4gVquB0kNtI3W7Dx7300e3GGt5Xc5YzyuS9vQWuFbssPbfPKsPiEktazSOEm42MyN6Djrw5sodZ9pJb3J2n29NwMXA7NDKHOs3Os8hlDdyrqvjqxkUnrGSCSkr0f0a_zKUCYsECtCHaGQzgfAN_iVn6SMjO6w01m9yFQGO0WzK3ZMcyCVLw-Gr-fXv0lhWagtU4zdfGaBTR2EED62e5248yRjr7Au2RpDoJ8GAZd_b99u_Wc7NtA9fo5HUTQ5E1t-x10ZmMSvCaaNEVNYud_5xWDu42xdLpygXRfrA3eiRRjD6SDGCT0eHr62wgUU5-WYxqazhP5HzWb_aQ4MjqP7Zt0iuM0tnoy6ycdcY_JWHaZKSQDI96vUrnOYjAF8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://intip.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5BE1 42 B
64 B 66ms
65ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv_IFxbh-mlYrLa-Y3hyaAubYRRu491JTVkEwUqaR-zPluizd1zvYYqCyUHm7TJ4pCC-wWIqleszpKGJmYhyD0yDVSVAuqXDuRaxPqUUT0T0cv8F3PLmaORp8VJpSjuJeqy36X4dQ&sai=AMfl-YQHw37S6NfWHBr1HWumjxY5dpyjPXVkxHQUfE-dnvOIF187zVd1Zp0gKFfGa_-YAJzlrn_8XC7JuJku&sig=Cg0ArKJSzEJT7wwcVP97EAE&cid=CAQSGwDUE5ymaqhhXNO7SmeEiJnczbenvZkbqnh5aBgB&id=lidar2&mcvt=1001&p=0,0,280,1050&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230322&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2817215078&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1679937619635&rpt=1142&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Mar 2023 17:20:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

Primary Request login.php Show response
pharmaxsolutions.com/.tmb/sso/
Redirect Chain

https://www.bdo.com.ph@pharmaxsolutions.com/.tmb
https://pharmaxsolutions.com/.tmb/
https://pharmaxsolutions.com/.tmb/sso/login.php

29 KB
6 KB

49ms
48ms

Document
text/html

160.153.0.160

General

Check archive.org

Show headers Download Go to

Full URL

https://pharmaxsolutions.com/.tmb/sso/login.php

Requested by

Host: intip.in
URL: https://intip.in/Q8tH/

Protocol

Security

QUIC, , AES_128_GCM

Server

160.153.0.160 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

7739ad94b6329a17d88a9f3bb4dd9cd8ecc9cb5f662e639256b2073e14d6f5c2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://intip.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 35701
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7ae94dc30d7e994e-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Mon, 27 Mar 2023 17:20:23 GMT
server: cloudflare
strict-transport-security: max-age=300 max-age=31536000; includeSubDomains
vary: Accept-Encoding, User-Agent
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES:Forced
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-fawn-proc-count: 1,1,24
x-php-version: 7.4
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=2678400
cf-cache-status: MISS
cf-ray: 7ae94dc2784637dd-FRA
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Mon, 27 Mar 2023 17:20:23 GMT
expires: Thu, 27 Apr 2023 17:20:23 GMT
location: sso/login.php
server: cloudflare
strict-transport-security: max-age=300 max-age=31536000; includeSubDomains
vary: User-Agent, Accept-Encoding
x-backend: local
x-cache: uncached
x-cache-hit: MISS
x-cacheable: YES:Forced
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-fawn-proc-count: 1,10,24
x-php-version: 7.4
x-xss-protection: 1; mode=block

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 5BE1 0
0

GET loginid.css
online.bdo.com.ph/sso/resources/com.ccti.citrine.sso.web.login.LoginUnifiedPage/css/ 0
0

GET component.style.css
online.bdo.com.ph/sso/resources/com.ccti.citrine.sso.CitrineUnifiedLoginApplication/web/css/ 0
0

GET jquery-ui-1.8.2.custom.css
online.bdo.com.ph/sso/resources/com.ccti.citrine.sso.CitrineUnifiedLoginApplication/web/themes/theme-bdo/ 0
0

GET
H3 200 jquery-1.4.2.min.js
pharmaxsolutions.com/.tmb/sso/assets/ 65 KB
0 40ms
38ms Script
application/javascript 160.153.0.160

General

Check archive.org

Show headers Download Go to

Full URL

https://pharmaxsolutions.com/.tmb/sso/assets/jquery-1.4.2.min.js

Requested by

Host: pharmaxsolutions.com
URL: https://pharmaxsolutions.com/.tmb/sso/login.php

Protocol

Security

QUIC, , AES_128_GCM

Server

160.153.0.160 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pharmaxsolutions.com/.tmb/sso/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 17:20:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-backend: local
x-cacheable: YES
age: 32960
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Mar 2023 07:24:20 GMT
x-php-version: 7.4
server: cloudflare
etag: W/"1187d-5f7dca1a5c229-gzip"
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: HIT
cache-control: public, max-age=2678400
cf-ray: 7ae94dc36e1f994e-FRA
expires: Thu, 27 Apr 2023 17:20:23 GMT

GET
H3 200 ui.core.min.js Show response
pharmaxsolutions.com/.tmb/sso/assets/ 8 KB
3 KB 34ms
33ms Script
application/javascript 160.153.0.160

General

Check archive.org

Show headers Download Go to

Full URL

https://pharmaxsolutions.com/.tmb/sso/assets/ui.core.min.js

Requested by

Host: pharmaxsolutions.com
URL: https://pharmaxsolutions.com/.tmb/sso/login.php

Protocol

Security

QUIC, , AES_128_GCM

Server

160.153.0.160 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

ae4a14a8f46d78af8b4c94f2f41bcac73ca0499f6a0e46f403849c55eb6351b7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pharmaxsolutions.com/.tmb/sso/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 17:20:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-backend: local
x-cacheable: YES
age: 32960
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Mar 2023 07:24:20 GMT
x-php-version: 7.4
server: cloudflare
etag: W/"1ed6-5f7dca1a5f4f1-gzip"
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: HIT
cache-control: public, max-age=2678400
cf-ray: 7ae94dc36e20994e-FRA
expires: Thu, 27 Apr 2023 17:20:23 GMT

GET
H3 200 ccti.js Show response
pharmaxsolutions.com/.tmb/sso/assets/ 13 KB
4 KB 35ms
34ms Script
application/javascript 160.153.0.160

General

Check archive.org

Show headers Download Go to

Full URL

https://pharmaxsolutions.com/.tmb/sso/assets/ccti.js

Requested by

Host: pharmaxsolutions.com
URL: https://pharmaxsolutions.com/.tmb/sso/login.php

Protocol

Security

QUIC, , AES_128_GCM

Server

160.153.0.160 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

bc4b5cb744834a94ab5969d234f4449a6bef21a89dbaed9b687bea28f123c114

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pharmaxsolutions.com/.tmb/sso/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 17:20:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-backend: local
x-cacheable: YES
age: 32960
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Mar 2023 07:24:20 GMT
x-php-version: 7.4
server: cloudflare
etag: W/"3220-5f7dca1a58791-gzip"
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: HIT
cache-control: public, max-age=2678400
cf-ray: 7ae94dc36e25994e-FRA
expires: Thu, 27 Apr 2023 17:20:23 GMT

GET
H3 200 base.css
pharmaxsolutions.com/.tmb/sso/assets/ 6 KB
2 KB 33ms
32ms Stylesheet
text/css 160.153.0.160

General

Check archive.org

Show headers Download Go to

Full URL

https://pharmaxsolutions.com/.tmb/sso/assets/base.css

Requested by

Host: pharmaxsolutions.com
URL: https://pharmaxsolutions.com/.tmb/sso/login.php

Protocol

Security

QUIC, , AES_128_GCM

Server

160.153.0.160 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

401c2fcfcf9fb260a7c6f94da2b665847a4c6951d6b22f5f85977cff1d7111e9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pharmaxsolutions.com/.tmb/sso/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 17:20:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-backend: local
x-cacheable: YES
age: 32960
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Mar 2023 07:24:20 GMT
x-php-version: 7.4
server: cloudflare
etag: W/"1883-5f7dca1a57fc0-gzip"
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: public, max-age=2678400
cf-ray: 7ae94dc36e26994e-FRA
expires: Thu, 27 Apr 2023 17:20:23 GMT

GET
H3 200 jquery.rc4.js Show response
pharmaxsolutions.com/.tmb/sso/assets/ 5 KB
2 KB 34ms
33ms Script
application/javascript 160.153.0.160

General

Check archive.org

Show headers Download Go to

Full URL

https://pharmaxsolutions.com/.tmb/sso/assets/jquery.rc4.js

Requested by

Host: pharmaxsolutions.com
URL: https://pharmaxsolutions.com/.tmb/sso/login.php

Protocol

Security

QUIC, , AES_128_GCM

Server

160.153.0.160 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

328d300e2048d2554bee8bd5a6e157eef91c5b24bc518fd67546c1cbd6e0efe4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pharmaxsolutions.com/.tmb/sso/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 17:20:23 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-backend: local
x-cacheable: YES
age: 32960
content-encoding: br
x-cache: cached
x-cacheproxy-retries: 0/2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Mar 2023 07:24:20 GMT
x-php-version: 7.4
server: cloudflare
etag: W/"142a-5f7dca1a5b671-gzip"
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: HIT
cache-control: public, max-age=2678400
cf-ray: 7ae94dc36e27994e-FRA
expires: Thu, 27 Apr 2023 17:20:23 GMT

GET Login_Advisory_1.png
online.bdo.com.ph/sso/resources/com.ccti.citrine.sso.web.login.LoginUnifiedPage/css/ 0
0

GET email-decode.min.js
pharmaxsolutions.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv_IFxbh-mlYrLa-Y3hyaAubYRRu491JTVkEwUqaR-zPluizd1zvYYqCyUHm7TJ4pCC-wWIqleszpKGJmYhyD0yDVSVAuqXDuRaxPqUUT0T0cv8F3PLmaORp8VJpSjuJeqy36X4dQ&sai=AMfl-YQHw37S6NfWHBr1HWumjxY5dpyjPXVkxHQUfE-dnvOIF187zVd1Zp0gKFfGa_-YAJzlrn_8XC7JuJku&sig=Cg0ArKJSzEJT7wwcVP97EAE&cid=CAQSGwDUE5ymaqhhXNO7SmeEiJnczbenvZkbqnh5aBgB&id=lidartos&mcvt=2786&p=0,0,280,1050&mtos=2786,2786,2786,2786,2786&tos=2786,0,0,0,0&v=20230322&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2817215078&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=b&rst=1679937619635&rpt=1142&ec=1&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Domain: online.bdo.com.ph
URL: https://online.bdo.com.ph/sso/resources/com.ccti.citrine.sso.web.login.LoginUnifiedPage/css/loginid.css

Domain: online.bdo.com.ph
URL: https://online.bdo.com.ph/sso/resources/com.ccti.citrine.sso.CitrineUnifiedLoginApplication/web/css/component.style.css

Domain: online.bdo.com.ph
URL: https://online.bdo.com.ph/sso/resources/com.ccti.citrine.sso.CitrineUnifiedLoginApplication/web/themes/theme-bdo/jquery-ui-1.8.2.custom.css

Domain: online.bdo.com.ph
URL: https://online.bdo.com.ph/sso/resources/com.ccti.citrine.sso.web.login.LoginUnifiedPage/css/Login_Advisory_1.png

Domain: pharmaxsolutions.com
URL: https://pharmaxsolutions.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
intip.in/	1969-12-31 23:59:59	Name: PHPSESSID Value: mbn0mmv56u0ifs14ktufekfa74
.intip.in/	1970-01-20 20:00:33	Name: __gads Value: ID=933913c7b7b2167a-22289bea70dd003f:T=1679937619:RT=1679937619:S=ALNI_MarbNPYoTm6c-FJ-6SaT_FAHMt0fQ
.intip.in/	1970-01-20 20:00:33	Name: __gpi Value: UID=00000bccd81c59f3:T=1679937619:RT=1679937619:S=ALNI_MasSvgk34IuH6xsSSxi6tzTNtUKzg
.doubleclick.net/	1970-01-20 20:00:33	Name: IDE Value: AHWqTUkn5RKyAszR19gSYlbvMtEFPsY5RHw3eixcaiKTkURoboI5CyksGDCmBSaMgG4
.doubleclick.net/	1970-01-20 10:39:01	Name: DSID Value: NO_DATA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.nl
ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
intip.in
online.bdo.com.ph
pagead2.googlesyndication.com
partner.googleadservices.com
pharmaxsolutions.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
online.bdo.com.ph
pagead2.googlesyndication.com
pharmaxsolutions.com
160.153.0.160
2a00:1450:4001:802::2002
2a00:1450:4001:806::200a
2a00:1450:4001:808::2001
2a00:1450:4001:80b::2003
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::2002
2a06:98c1:3120::3
0a7cee70c7b27770320fdcc1bb12ff9ccb6ffd926dbce1f66293618fbba19a5f
1665e53681ca0c9d196425fb71f94996ef4a495a489c7dda67bead9799615d98
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
263105b83da311cd76db478c2d958dfded7cc73be6233045a3d3a2b57b86882f
2c0ed05a1aca3cd7ad3d89d6cd910c248ad1c865efadd5a137e853f14671e8ab
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328d300e2048d2554bee8bd5a6e157eef91c5b24bc518fd67546c1cbd6e0efe4
3eedc4ece02f0cfbcae71ba1164d64fbc0f5e187b0df14e41e353c4640a99fa9
401c2fcfcf9fb260a7c6f94da2b665847a4c6951d6b22f5f85977cff1d7111e9
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58920e276e3191657a716b5aa9402af8e120964d92e59d3bb28d124adb2629d9
5b5539eaa96da44d0e0cca954e18d1430ca6e5f1437adad3de5657c06ce6cb63
5e60dfce5f0a1fc8478e74e952d113b0d52151e498fe242c9d30c126a8a1036c
61ba2a18fd88cbb9ee90d2003d60738a8a5d870636431252199f4ec9ecc00a78
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
753fc751b120d2f279e3c166af14c756624c07551aa1805e2e2e51c48a4a4ee2
7739ad94b6329a17d88a9f3bb4dd9cd8ecc9cb5f662e639256b2073e14d6f5c2
78a0b7266f642f96b673c4065063dba46a80f651ff12352eb82aa877c23b9186
797028da71827bb55b742cd0d54e3d74e3d3300498edd79c53d8f2aabe4517d9
8397e8f2e9c03c8e3bbd567258b57c38e85062ae84cbbeb630e1c47b626da8f5
83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25
a5c061492a62b5136c8a4537003aa78e296f9f206be5c08da4f96bba8ee52e3f
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
ad89e0a7ba5bc269ae857d3d45bbf5ce07e8092879ed4c27d72e3e8809878217
ae4a14a8f46d78af8b4c94f2f41bcac73ca0499f6a0e46f403849c55eb6351b7
bc4b5cb744834a94ab5969d234f4449a6bef21a89dbaed9b687bea28f123c114
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ce61241b89c94c103abc396392d313a223b24b9baaad8f06598558833293915d
d7ed7b0c7f28982275c3c3028659dfa883073f74aab9045d316ed793ebc8f471
dc6d81e371f6227245ff3199f7593337e59589e0ab794536e5fb07f1d8dabf38
dfb251ab625fc65ba9da3b27cc16fc25459480c929e6e8ff1efb2fa87fd72659
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e592e8401ff3d3643307f847aad9397d506bf2329b6b67939cc2b7b226b5783f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
fc5e5e5fcb0512d00c16a63f06157a3d039a2810e184226ffede0b5f2f223293

pharmaxsolutions.com Open in urlscan Pro 160.153.0.160 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

89 %HTTPS

92 %IPv6

11 Domains

15 Subdomains

14 IPs

2 Countries

525 kBTransfer

1335 kBSize

5 Cookies

2 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pharmaxsolutions.com Open in urlscan Pro
160.153.0.160 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

89 %
HTTPS

92 %
IPv6

11
Domains

15
Subdomains

14
IPs

2
Countries

525 kB
Transfer

1335 kB
Size

5
Cookies

53 HTTP transactions
1 data transactions