join.katusaresearch.com Open in urlscan Pro
67.43.13.197 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://link.mail.beehiiv.com/ss/c/u001.UU_sZMdtQOIZjgpngIrRiEG_M7QNT6iu_w1y5TLc5Hk4bmRXr0-MrwmK47XJmDu-VDC4_jU5QvaHn_TXpAP_Kj...
Effective URL:
https://join.katusaresearch.com/rmm-thank-you-page-rmm/?utm_source=io&utm_medium=cto&utm_campaign=rmm&utm_content=apr-2024
Submission: On April 29 via api (April 29th 2024, 7:07:27 am UTC) from BE — Scanned from DE

Summary HTTP 30 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 10 domains to perform 30 HTTP transactions. The main IP is 67.43.13.197, located in and belongs to . The main domain is join.katusaresearch.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on April 5th 2024. Valid for: 3 months.

This is the only time join.katusaresearch.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700::68... 2606:4700::6812:4528	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	54.211.190.162 54.211.190.162	14618 (AMAZON-AES) (AMAZON-AES)
1 1	34.197.163.17 34.197.163.17	14618 (AMAZON-AES) (AMAZON-AES)
3 5	54.156.254.128 54.156.254.128	14618 (AMAZON-AES) (AMAZON-AES)
2	142.250.186.68 142.250.186.68	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	16.182.104.176 16.182.104.176	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
15	67.43.13.197 67.43.13.197	() ()
1	34.120.188.153 34.120.188.153	() ()
30	8

1 2606:4700::6812:4528 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

link.mail.beehiiv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.211.190.162 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-190-162.compute-1.amazonaws.com

dsadserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.197.163.17 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-163-17.compute-1.amazonaws.com

ioadserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.156.254.128 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-254-128.compute-1.amazonaws.com

intof.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 16.182.104.176 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 67.43.13.197 (None, )

ASN- ()

join.katusaresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.188.153 (None, )

ASN- ()

e.ftntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	katusaresearch.com join.katusaresearch.com	135 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	330 KB
5	intof.io 3 redirects intof.io — Cisco Umbrella Rank: 373433	7 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	2 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	927 B
1	ftntrk.com e.ftntrk.com
1	amazonaws.com s3.amazonaws.com	2 KB
1	ioadserve.com 1 redirects ioadserve.com — Cisco Umbrella Rank: 261438	765 B
1	dsadserve.com 1 redirects dsadserve.com	377 B
1	beehiiv.com 1 redirects link.mail.beehiiv.com — Cisco Umbrella Rank: 51899	391 B
30	10

	Domain	Requested by
15	join.katusaresearch.com	join.katusaresearch.com
6	fonts.gstatic.com	fonts.googleapis.com
5	intof.io	3 redirects
2	fonts.googleapis.com	intof.io join.katusaresearch.com
2	www.google.com	intof.io www.gstatic.com
1	e.ftntrk.com	join.katusaresearch.com
1	www.gstatic.com	www.google.com
1	s3.amazonaws.com	intof.io
1	ioadserve.com	1 redirects
1	dsadserve.com	1 redirects
1	link.mail.beehiiv.com	1 redirects
30	11

This site contains links to these domains. Also see Links.

Domain
katusaresearch.com
subscribers.katusaresearch.com

Subject Issuer	Validity	Valid
*.intof.io GeoTrust TLS RSA CA G1	`2024-04-19` - `2025-04-21`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2024-02-08` - `2025-01-11`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
join.katusaresearch.com cPanel, Inc. Certification Authority	`2024-04-05` - `2024-07-04`	3 months	crt.sh
34.120.188.153.nip.io GTS CA 1D4	`2024-03-22` - `2024-06-20`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://join.katusaresearch.com/rmm-thank-you-page-rmm/?utm_source=io&utm_medium=cto&utm_campaign=rmm&utm_content=apr-2024
Frame ID: 758D7F02C941F26CC6BB2B854083BDB4
Requests: 29 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcyDKIfAAAAAMfG39onevA4nwLVKYxKokXovulR&co=aHR0cHM6Ly9pbnRvZi5pbzo0NDM.&hl=de&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=jfjfgxrk2yia
Frame ID: 23153051DCF66D6433E1FCC7998E17B6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Thank You Page RMM - Katusa Research

Page URL History Show full URLs

https://link.mail.beehiiv.com/ss/c/u001.UU_sZMdtQOIZjgpngIrRiEG_M7QNT6iu_w1y5TLc5Hk4bmRXr0-MrwmK47XJmDu-VD... HTTP 302
http://dsadserve.com/2152/1582/166154eeb71563/ann.dhave@24plus.be/redirect HTTP 307
https://dsadserve.com/2152/1582/166154eeb71563/ann.dhave@24plus.be/redirect HTTP 302
http://ioadserve.com/email/166154eeb71563/2152:0:1582/ann.dhave@24plus.be/redirect HTTP 307
https://ioadserve.com/email/166154eeb71563/2152:0:1582/ann.dhave@24plus.be/redirect HTTP 302
https://intof.io/cto/click.php?email=ann.dhave@24plus.be&cid=20001&pid=2152&aid=2145&au=1582&... HTTP 302
https://intof.io/cto/capcha.php?email=ann.dhave@24plus.be&adid=2145&au=1582&type=2&pubid=2152... Page URL
https://intof.io/cto/capcha.php?email=ann.dhave@24plus.be&adid=2145&au=1582&type=2&pubid=2152... HTTP 302
https://intof.io/cto/process.php?email=ann.dhave@24plus.be&adid=2145&pubid=2152&campaign=2000... HTTP 302
https://join.katusaresearch.com/rmm-thank-you-page-rmm/?utm_source=io&utm_medium=cto&utm_campaign=rmm&utm_co... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

30
Requests

97 %
HTTPS

36 %
IPv6

10
Domains

11
Subdomains

8
IPs

2
Countries

476 kB
Transfer

1046 kB
Size

3
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://katusaresearch.com/white-list-katusa-research/
Title: White-list

Search URL Search Domain Scan URL

URL: https://subscribers.katusaresearch.com/subscribe-17/
Title: Learn more about our member's exclusive: Katusa's Resource Opportunities

Search URL Search Domain Scan URL

URL: https://katusaresearch.com/contact-us/
Title: Contact Us.

Search URL Search Domain Scan URL

URL: https://katusaresearch.com/privacy-policy/
Title: Privacy Policy.

Search URL Search Domain Scan URL

URL: https://katusaresearch.com/terms-conditions-use/
Title: Terms and Conditions.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://link.mail.beehiiv.com/ss/c/u001.UU_sZMdtQOIZjgpngIrRiEG_M7QNT6iu_w1y5TLc5Hk4bmRXr0-MrwmK47XJmDu-VDC4_jU5QvaHn_TXpAP_KjTfVsZxC5IEFsgTkDHbceskpJQ_R4ZNbXZY8HhfXjWG/45o/VGZgAB-PQW21VL6_cJ1YXA/h2/h001.SKW6zhsmwWmmtVJ0Dq6qWxQAtyCf5AOOZbVxHXDl-lY HTTP 302
http://dsadserve.com/2152/1582/166154eeb71563/ann.dhave@24plus.be/redirect HTTP 307
https://dsadserve.com/2152/1582/166154eeb71563/ann.dhave@24plus.be/redirect HTTP 302
http://ioadserve.com/email/166154eeb71563/2152:0:1582/ann.dhave@24plus.be/redirect HTTP 307
https://ioadserve.com/email/166154eeb71563/2152:0:1582/ann.dhave@24plus.be/redirect HTTP 302
https://intof.io/cto/click.php?email=ann.dhave@24plus.be&cid=20001&pid=2152&aid=2145&au=1582&r=aHR0cHM6Ly9qb2luLmthdHVzYXJlc2VhcmNoLmNvbS9ybW0tdGhhbmsteW91LXBhZ2Utcm1tLz91dG1fc291cmNlPWlvJnV0bV9tZWRpdW09Y3RvJnV0bV9jYW1wYWlnbj1ybW0mdXRtX2NvbnRlbnQ9YXByLTIwMjQ=&ck=78a783c66fa0149632ac50038aa7ce0c93f85662 HTTP 302
https://intof.io/cto/capcha.php?email=ann.dhave@24plus.be&adid=2145&au=1582&type=2&pubid=2152&campaign=20001&ts=1714374440&ck=bef6f7bf0b9a8e77f60fe69c920a5b6a782087e8&redirect=aHR0cHM6Ly9qb2luLmthdHVzYXJlc2VhcmNoLmNvbS9ybW0tdGhhbmsteW91LXBhZ2Utcm1tLz91dG1fc291cmNlPWlvJnV0bV9tZWRpdW09Y3RvJnV0bV9jYW1wYWlnbj1ybW0mdXRtX2NvbnRlbnQ9YXByLTIwMjQ= Page URL
https://intof.io/cto/capcha.php?email=ann.dhave@24plus.be&adid=2145&au=1582&type=2&pubid=2152&campaign=20001&ts=1714374440&ck=bef6f7bf0b9a8e77f60fe69c920a5b6a782087e8&redirect=aHR0cHM6Ly9qb2luLmthdHVzYXJlc2VhcmNoLmNvbS9ybW0tdGhhbmsteW91LXBhZ2Utcm1tLz91dG1fc291cmNlPWlvJnV0bV9tZWRpdW09Y3RvJnV0bV9jYW1wYWlnbj1ybW0mdXRtX2NvbnRlbnQ9YXByLTIwMjQ= HTTP 302
https://intof.io/cto/process.php?email=ann.dhave@24plus.be&adid=2145&pubid=2152&campaign=20001&creative=0&au=1582&type=2&ts=1714374442&ck=fc440836d96bf9986bf78c6bad8ebeca53a4abb5&redirect=aHR0cHM6Ly9qb2luLmthdHVzYXJlc2VhcmNoLmNvbS9ybW0tdGhhbmsteW91LXBhZ2Utcm1tLz91dG1fc291cmNlPWlvJnV0bV9tZWRpdW09Y3RvJnV0bV9jYW1wYWlnbj1ybW0mdXRtX2NvbnRlbnQ9YXByLTIwMjQ%3D&sub= HTTP 302
https://join.katusaresearch.com/rmm-thank-you-page-rmm/?utm_source=io&utm_medium=cto&utm_campaign=rmm&utm_content=apr-2024 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://link.mail.beehiiv.com/ss/c/u001.UU_sZMdtQOIZjgpngIrRiEG_M7QNT6iu_w1y5TLc5Hk4bmRXr0-MrwmK47XJmDu-VDC4_jU5QvaHn_TXpAP_KjTfVsZxC5IEFsgTkDHbceskpJQ_R4ZNbXZY8HhfXjWG/45o/VGZgAB-PQW21VL6_cJ1YXA/h2/h001.SKW6zhsmwWmmtVJ0Dq6qWxQAtyCf5AOOZbVxHXDl-lY HTTP 302
http://dsadserve.com/2152/1582/166154eeb71563/ann.dhave@24plus.be/redirect HTTP 307
https://dsadserve.com/2152/1582/166154eeb71563/ann.dhave@24plus.be/redirect HTTP 302
http://ioadserve.com/email/166154eeb71563/2152:0:1582/ann.dhave@24plus.be/redirect HTTP 307
https://ioadserve.com/email/166154eeb71563/2152:0:1582/ann.dhave@24plus.be/redirect HTTP 302
https://intof.io/cto/click.php?email=ann.dhave@24plus.be&cid=20001&pid=2152&aid=2145&au=1582&r=aHR0cHM6Ly9qb2luLmthdHVzYXJlc2VhcmNoLmNvbS9ybW0tdGhhbmsteW91LXBhZ2Utcm1tLz91dG1fc291cmNlPWlvJnV0bV9tZWRpdW09Y3RvJnV0bV9jYW1wYWlnbj1ybW0mdXRtX2NvbnRlbnQ9YXByLTIwMjQ=&ck=78a783c66fa0149632ac50038aa7ce0c93f85662 HTTP 302
https://intof.io/cto/capcha.php?email=ann.dhave@24plus.be&adid=2145&au=1582&type=2&pubid=2152&campaign=20001&ts=1714374440&ck=bef6f7bf0b9a8e77f60fe69c920a5b6a782087e8&redirect=aHR0cHM6Ly9qb2luLmthdHVzYXJlc2VhcmNoLmNvbS9ybW0tdGhhbmsteW91LXBhZ2Utcm1tLz91dG1fc291cmNlPWlvJnV0bV9tZWRpdW09Y3RvJnV0bV9jYW1wYWlnbj1ybW0mdXRtX2NvbnRlbnQ9YXByLTIwMjQ=

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

capcha.php Show response
intof.io/cto/
Redirect Chain

https://link.mail.beehiiv.com/ss/c/u001.UU_sZMdtQOIZjgpngIrRiEG_M7QNT6iu_w1y5TLc5Hk4bmRXr0-MrwmK47XJmDu-VDC4_jU5QvaHn_TXpAP_KjTfVsZxC5IEFsgTkDHbceskpJQ_R4ZNbXZY8HhfXjWG/45o/VGZgAB-PQW21VL6_cJ1YXA/h...
http://dsadserve.com/2152/1582/166154eeb71563/ann.dhave@24plus.be/redirect
https://dsadserve.com/2152/1582/166154eeb71563/ann.dhave@24plus.be/redirect
http://ioadserve.com/email/166154eeb71563/2152:0:1582/ann.dhave@24plus.be/redirect
https://ioadserve.com/email/166154eeb71563/2152:0:1582/ann.dhave@24plus.be/redirect
https://intof.io/cto/click.php?email=ann.dhave@24plus.be&cid=20001&pid=2152&aid=2145&au=1582&r=aHR0cHM6Ly9qb2luLmthdHVzYXJlc2VhcmNoLmNvbS9ybW0tdGhhbmsteW91LXBhZ2Utcm1tLz91dG1fc291cmNlPWlvJnV0bV9tZW...
https://intof.io/cto/capcha.php?email=ann.dhave@24plus.be&adid=2145&au=1582&type=2&pubid=2152&campaign=20001&ts=1714374440&ck=bef6f7bf0b9a8e77f60fe69c920a5b6a782087e8&redirect=aHR0cHM6Ly9qb2luLmthd...

5 KB
5 KB

124ms
123ms

Document
text/html

54.156.254.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://intof.io/cto/capcha.php?email=ann.dhave@24plus.be&adid=2145&au=1582&type=2&pubid=2152&campaign=20001&ts=1714374440&ck=bef6f7bf0b9a8e77f60fe69c920a5b6a782087e8&redirect=aHR0cHM6Ly9qb2luLmthdHVzYXJlc2VhcmNoLmNvbS9ybW0tdGhhbmsteW91LXBhZ2Utcm1tLz91dG1fc291cmNlPWlvJnV0bV9tZWRpdW09Y3RvJnV0bV9jYW1wYWlnbj1ybW0mdXRtX2NvbnRlbnQ9YXByLTIwMjQ=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.156.254.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-254-128.compute-1.amazonaws.com
Software: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.25 / PHP/7.0.25
Resource Hash: 5eb384a7e45b44298ed919a983ebfbfd604c32dc13781b3910856d54ecf61279

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Connection: Keep-Alive
Content-Length: 5107
Content-Type: text/html; charset=UTF-8
Date: Mon, 29 Apr 2024 07:07:21 GMT
Keep-Alive: timeout=5, max=99
Server: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.25
X-Powered-By: PHP/7.0.25

Redirect headers

Connection: Keep-Alive
Content-Length: 174
Content-Type: text/html; charset=UTF-8
Date: Mon, 29 Apr 2024 07:07:20 GMT
Keep-Alive: timeout=5, max=100
Location: https://intof.io/cto/capcha.php?email=ann.dhave@24plus.be&adid=2145&au=1582&type=2&pubid=2152&campaign=20001&ts=1714374440&ck=bef6f7bf0b9a8e77f60fe69c920a5b6a782087e8&redirect=aHR0cHM6Ly9qb2luLmthdHVzYXJlc2VhcmNoLmNvbS9ybW0tdGhhbmsteW91LXBhZ2Utcm1tLz91dG1fc291cmNlPWlvJnV0bV9tZWRpdW09Y3RvJnV0bV9jYW1wYWlnbj1ybW0mdXRtX2NvbnRlbnQ9YXByLTIwMjQ=
Server: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.25
X-Powered-By: PHP/7.0.25

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ 1 KB
927 B 146ms
57ms Script
text/javascript 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6LcyDKIfAAAAAMfG39onevA4nwLVKYxKokXovulR

Requested by

Host: intof.io
URL: https://intof.io/cto/capcha.php?email=ann.dhave@24plus.be&adid=2145&au=1582&type=2&pubid=2152&campaign=20001&ts=1714374440&ck=bef6f7bf0b9a8e77f60fe69c920a5b6a782087e8&redirect=aHR0cHM6Ly9qb2luLmthdHVzYXJlc2VhcmNoLmNvbS9ybW0tdGhhbmsteW91LXBhZ2Utcm1tLz91dG1fc291cmNlPWlvJnV0bV9tZWRpdW09Y3RvJnV0bV9jYW1wYWlnbj1ybW0mdXRtX2NvbnRlbnQ9YXByLTIwMjQ=

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

3a73e22cb2ecdd89b953349a35b27d8916a13d25d7126aa48dc9d07088f6dc9b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://intof.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 07:07:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 29 Apr 2024 07:07:21 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
1017 B 157ms
62ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@500&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d84708b189c2eaa665ae431f8bcbdd7f160172491d7c97ed095b7fb7f3df3937

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://intof.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 29 Apr 2024 07:07:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 29 Apr 2024 06:22:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Apr 2024 07:07:21 GMT

GET
H/1.1 200
OK iopreload.svg
s3.amazonaws.com/iocreatives/ 1 KB
2 KB 412ms
158ms Image
image/svg+xml 16.182.104.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/iocreatives/iopreload.svg
Requested by: Host: intof.io
URL: https://intof.io/cto/capcha.php?email=ann.dhave@24plus.be&adid=2145&au=1582&type=2&pubid=2152&campaign=20001&ts=1714374440&ck=bef6f7bf0b9a8e77f60fe69c920a5b6a782087e8&redirect=aHR0cHM6Ly9qb2luLmthdHVzYXJlc2VhcmNoLmNvbS9ybW0tdGhhbmsteW91LXBhZ2Utcm1tLz91dG1fc291cmNlPWlvJnV0bV9tZWRpdW09Y3RvJnV0bV9jYW1wYWlnbj1ybW0mdXRtX2NvbnRlbnQ9YXByLTIwMjQ=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 16.182.104.176 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: fe6411d3e7064877072fb25000544525e1a6b72cb296c8aab16e8ef5c7a714b7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://intof.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 29 Apr 2024 07:07:22 GMT
Last-Modified: Wed, 18 May 2022 17:45:02 GMT
Server: AmazonS3
x-amz-request-id: D9961D0NTA55CB00
ETag: "111701cf8194a5e4a6d43e932ee5e834"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 1278
x-amz-id-2: XdjKBzdIDwzWLuheIJNHm3X8q61DFj4g4/T9CSXzG/NOdHkHNrllHDXmlbNlJkKbjDJWpbkIHtk=

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/ 509 KB
203 KB 146ms
47ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6LcyDKIfAAAAAMfG39onevA4nwLVKYxKokXovulR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

352a6d9b12a5ae3949d370ff42a338ba8bb6ff455d9ba995b1755fb7b99e8824

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://intof.io/
Origin: https://intof.io
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 22:06:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207268
x-xss-protection: 0
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 28 Apr 2025 22:06:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 142ms
41ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://intof.io
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 18:30:08 GMT
x-content-type-options: nosniff
age: 563833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Apr 2025 18:30:08 GMT

GET
H3 200 anchor
www.google.com/recaptcha/enterprise/ Frame 2315 0
0 162ms
73ms Document
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcyDKIfAAAAAMfG39onevA4nwLVKYxKokXovulR&co=aHR0cHM6Ly9pbnRvZi5pbzo0NDM.&hl=de&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=jfjfgxrk2yia

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-r4e9UQLVBI5rTR273xBVew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://intof.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-r4e9UQLVBI5rTR273xBVew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 29 Apr 2024 07:07:21 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 404
Not Found favicon.ico
intof.io/ 209 B
456 B 121ms
120ms Other
text/html 54.156.254.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://intof.io/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.156.254.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-254-128.compute-1.amazonaws.com
Software: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.25 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://intof.io/cto/capcha.php?email=ann.dhave@24plus.be&adid=2145&au=1582&type=2&pubid=2152&campaign=20001&ts=1714374440&ck=bef6f7bf0b9a8e77f60fe69c920a5b6a782087e8&redirect=aHR0cHM6Ly9qb2luLmthdHVzYXJlc2VhcmNoLmNvbS9ybW0tdGhhbmsteW91LXBhZ2Utcm1tLz91dG1fc291cmNlPWlvJnV0bV9tZWRpdW09Y3RvJnV0bV9jYW1wYWlnbj1ybW0mdXRtX2NvbnRlbnQ9YXByLTIwMjQ=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 29 Apr 2024 07:07:22 GMT
Server: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.25
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 209
Content-Type: text/html; charset=iso-8859-1

GET
H2

200

Primary Request / Show response
join.katusaresearch.com/rmm-thank-you-page-rmm/
Redirect Chain

https://intof.io/cto/capcha.php?email=ann.dhave@24plus.be&adid=2145&au=1582&type=2&pubid=2152&campaign=20001&ts=1714374440&ck=bef6f7bf0b9a8e77f60fe69c920a5b6a782087e8&redirect=aHR0cHM6Ly9qb2luLmthd...
https://intof.io/cto/process.php?email=ann.dhave@24plus.be&adid=2145&pubid=2152&campaign=20001&creative=0&au=1582&type=2&ts=1714374442&ck=fc440836d96bf9986bf78c6bad8ebeca53a4abb5&redirect=aHR0cHM6L...
https://join.katusaresearch.com/rmm-thank-you-page-rmm/?utm_source=io&utm_medium=cto&utm_campaign=rmm&utm_content=apr-2024

64 KB
18 KB

648ms
349ms

Document
text/html

67.43.13.197

General

Check archive.org

Show headers Download Go to

Full URL: https://join.katusaresearch.com/rmm-thank-you-page-rmm/?utm_source=io&utm_medium=cto&utm_campaign=rmm&utm_content=apr-2024
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.43.13.197 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 1b75ea99f8ee9903f3b5b899809cc319fb3c7a8b9008c2f6898467ac9b14e367

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Content-Type: application/x-www-form-urlencoded
Origin: https://intof.io
Referer: https://intof.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=0
content-encoding: gzip
content-length: 18704
content-type: text/html; charset=UTF-8
date: Mon, 29 Apr 2024 07:07:24 GMT
expires: Mon, 29 Apr 2024 07:07:24 GMT
last-modified: Mon, 29 Apr 2024 01:08:54 GMT
server: Apache
vary: Accept-Encoding,User-Agent

Redirect headers

Access-Control-Allow-Origin: *
Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Mon, 29 Apr 2024 07:07:22 GMT
Keep-Alive: timeout=5, max=96
Location: https://join.katusaresearch.com/rmm-thank-you-page-rmm/?utm_source=io&utm_medium=cto&utm_campaign=rmm&utm_content=apr-2024
Server: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.25
X-Powered-By: PHP/7.0.25

GET
H2 200 c817ceed0def6ea2deef37353be937c0.css
join.katusaresearch.com/wp-content/cache/min/1/ 88 KB
28 KB 174ms
173ms Stylesheet
text/css 67.43.13.197

General

Check archive.org

Show headers Download Go to

Full URL: https://join.katusaresearch.com/wp-content/cache/min/1/c817ceed0def6ea2deef37353be937c0.css
Requested by: Host: join.katusaresearch.com
URL: https://join.katusaresearch.com/rmm-thank-you-page-rmm/?utm_source=io&utm_medium=cto&utm_campaign=rmm&utm_content=apr-2024
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.43.13.197 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1bb29f959fcae5afcf1733cd70e6e1787f520f4a52ff9e3c8c6597fa82201d1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://join.katusaresearch.com/rmm-thank-you-page-rmm/?utm_source=io&utm_medium=cto&utm_campaign=rmm&utm_content=apr-2024
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 07:07:25 GMT
content-encoding: gzip
last-modified: Fri, 26 Apr 2024 19:17:18 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 28354
expires: Tue, 29 Apr 2025 07:07:25 GMT

GET
H2 200 css
fonts.googleapis.com/ 16 KB
1 KB 138ms
53ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CMontserrat%3A400%2C700%7CInconsolata%3A400&subset=latin%2Clatin-ext&display=swap

Requested by

Host: join.katusaresearch.com
URL: https://join.katusaresearch.com/rmm-thank-you-page-rmm/?utm_source=io&utm_medium=cto&utm_campaign=rmm&utm_content=apr-2024

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1cc7c9c01e3d16a2f8d42289bbfa874f8e59d9630c997468b1708a6159d0e1e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://join.katusaresearch.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 29 Apr 2024 07:07:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 29 Apr 2024 07:07:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Apr 2024 07:07:25 GMT

GET
H2 200 jquery.min.js Show response
join.katusaresearch.com/wp-includes/js/jquery/ 87 KB
30 KB 315ms
315ms Script
application/javascript 67.43.13.197

General

Check archive.org

Show headers Download Go to

Full URL: https://join.katusaresearch.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: join.katusaresearch.com
URL: https://join.katusaresearch.com/rmm-thank-you-page-rmm/?utm_source=io&utm_medium=cto&utm_campaign=rmm&utm_content=apr-2024
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.43.13.197 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://join.katusaresearch.com/rmm-thank-you-page-rmm/?utm_source=io&utm_medium=cto&utm_campaign=rmm&utm_content=apr-2024
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 07:07:25 GMT
content-encoding: gzip
last-modified: Fri, 02 Jul 2021 18:58:13 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 30916
expires: Tue, 29 Apr 2025 07:07:25 GMT

GET
H2 200 jquery-migrate.min.js Show response
join.katusaresearch.com/wp-includes/js/jquery/ 11 KB
4 KB 154ms
154ms Script
application/javascript 67.43.13.197

General

Check archive.org

Show headers Download Go to

Full URL: https://join.katusaresearch.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: join.katusaresearch.com
URL: https://join.katusaresearch.com/rmm-thank-you-page-rmm/?utm_source=io&utm_medium=cto&utm_campaign=rmm&utm_content=apr-2024
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.43.13.197 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://join.katusaresearch.com/rmm-thank-you-page-rmm/?utm_source=io&utm_medium=cto&utm_campaign=rmm&utm_content=apr-2024
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 07:07:25 GMT
content-encoding: gzip
last-modified: Fri, 02 Jul 2021 18:58:14 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 4169
expires: Tue, 29 Apr 2025 07:07:25 GMT

GET
H2 200 imagesloaded.min.js Show response
join.katusaresearch.com/wp-includes/js/ 5 KB
2 KB 161ms
161ms Script
application/javascript 67.43.13.197

General

Check archive.org

Show headers Download Go to

Full URL: https://join.katusaresearch.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by: Host: join.katusaresearch.com
URL: https://join.katusaresearch.com/rmm-thank-you-page-rmm/?utm_source=io&utm_medium=cto&utm_campaign=rmm&utm_content=apr-2024
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.43.13.197 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://join.katusaresearch.com/rmm-thank-you-page-rmm/?utm_source=io&utm_medium=cto&utm_campaign=rmm&utm_content=apr-2024
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 07:07:25 GMT
content-encoding: gzip
last-modified: Wed, 16 Sep 2020 18:46:24 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 1834
expires: Tue, 29 Apr 2025 07:07:25 GMT

GET
H2 200 masonry.min.js Show response
join.katusaresearch.com/wp-includes/js/ 24 KB
7 KB 159ms
157ms Script
application/javascript 67.43.13.197

General

Check archive.org

Show headers Download Go to

Full URL: https://join.katusaresearch.com/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by: Host: join.katusaresearch.com
URL: https://join.katusaresearch.com/rmm-thank-you-page-rmm/?utm_source=io&utm_medium=cto&utm_campaign=rmm&utm_content=apr-2024
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.43.13.197 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://join.katusaresearch.com/rmm-thank-you-page-rmm/?utm_source=io&utm_medium=cto&utm_campaign=rmm&utm_content=apr-2024
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 07:07:25 GMT
content-encoding: gzip
last-modified: Wed, 16 Sep 2020 18:46:24 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 7382
expires: Tue, 29 Apr 2025 07:07:25 GMT

GET
H2 200 jquery.masonry.min.js Show response
join.katusaresearch.com/wp-includes/js/jquery/ 2 KB
773 B 157ms
156ms Script
application/javascript 67.43.13.197

General

Check archive.org

Show headers Download Go to

Full URL: https://join.katusaresearch.com/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
Requested by: Host: join.katusaresearch.com
URL: https://join.katusaresearch.com/rmm-thank-you-page-rmm/?utm_source=io&utm_medium=cto&utm_campaign=rmm&utm_content=apr-2024
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.43.13.197 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://join.katusaresearch.com/rmm-thank-you-page-rmm/?utm_source=io&utm_medium=cto&utm_campaign=rmm&utm_content=apr-2024
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 07:07:25 GMT
content-encoding: gzip
last-modified: Fri, 19 Aug 2016 04:25:30 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 716
expires: Tue, 29 Apr 2025 07:07:25 GMT

GET
H2 200 general.min.js Show response
join.katusaresearch.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/ 71 KB
24 KB 315ms
314ms Script
application/javascript 67.43.13.197

General

Check archive.org

Show headers Download Go to

Full URL: https://join.katusaresearch.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/general.min.js?ver=3.30
Requested by: Host: join.katusaresearch.com
URL: https://join.katusaresearch.com/rmm-thank-you-page-rmm/?utm_source=io&utm_medium=cto&utm_campaign=rmm&utm_content=apr-2024
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.43.13.197 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 465516b14cf7a68b59268e49f444e0cddf3226a3786c198d56dab2e7f1809b8b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://join.katusaresearch.com/rmm-thank-you-page-rmm/?utm_source=io&utm_medium=cto&utm_campaign=rmm&utm_content=apr-2024
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 07:07:25 GMT
content-encoding: gzip
last-modified: Wed, 27 Mar 2024 20:49:48 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 24055
expires: Tue, 29 Apr 2025 07:07:25 GMT

GET
H2 404 everflow.js
e.ftntrk.com/scripts/sdk/ 0
0 755ms
620ms Script
text/plain 34.120.188.153

General

Check archive.org

Show headers Download Go to

Full URL: https://e.ftntrk.com/scripts/sdk/everflow.js
Requested by: Host: join.katusaresearch.com
URL: https://join.katusaresearch.com/rmm-thank-you-page-rmm/?utm_source=io&utm_medium=cto&utm_campaign=rmm&utm_content=apr-2024
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.188.153 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://join.katusaresearch.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 07:07:25 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 social-share.min.js Show response
join.katusaresearch.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/ 6 KB
2 KB 313ms
312ms Script
application/javascript 67.43.13.197

General

Check archive.org

Show headers Download Go to

Full URL: https://join.katusaresearch.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/social-share.min.js?v=3.30&ver=3.30
Requested by: Host: join.katusaresearch.com
URL: https://join.katusaresearch.com/rmm-thank-you-page-rmm/?utm_source=io&utm_medium=cto&utm_campaign=rmm&utm_content=apr-2024
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.43.13.197 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 99628dbda2fd0f03264eb7435c220863b29363a8c5896afefa9211f73958f09c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://join.katusaresearch.com/rmm-thank-you-page-rmm/?utm_source=io&utm_medium=cto&utm_campaign=rmm&utm_content=apr-2024
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 07:07:25 GMT
content-encoding: gzip
last-modified: Wed, 27 Mar 2024 20:49:48 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 2308
expires: Tue, 29 Apr 2025 07:07:25 GMT

GET
H2 200 skip-link-focus-fix-0be71d1e1b91d23e27c02aee837dc3d0.js Show response
join.katusaresearch.com/wp-content/cache/min/1/wp-content/themes/twentysixteen/js/ 597 B
374 B 315ms
315ms Script
application/javascript 67.43.13.197

General

Check archive.org

Show headers Download Go to

Full URL: https://join.katusaresearch.com/wp-content/cache/min/1/wp-content/themes/twentysixteen/js/skip-link-focus-fix-0be71d1e1b91d23e27c02aee837dc3d0.js
Requested by: Host: join.katusaresearch.com
URL: https://join.katusaresearch.com/rmm-thank-you-page-rmm/?utm_source=io&utm_medium=cto&utm_campaign=rmm&utm_content=apr-2024
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.43.13.197 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 95bea745a95f1e8095fe02f728b6d06bfbbd0460199502d53c559a1b03512a37

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://join.katusaresearch.com/rmm-thank-you-page-rmm/?utm_source=io&utm_medium=cto&utm_campaign=rmm&utm_content=apr-2024
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 07:07:25 GMT
content-encoding: gzip
last-modified: Fri, 26 Apr 2024 19:17:18 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 340
expires: Tue, 29 Apr 2025 07:07:25 GMT

GET
H2 200 functions-300fad55b0e852a36c0540d5d6c199c1.js Show response
join.katusaresearch.com/wp-content/cache/min/1/wp-content/themes/twentysixteen/js/ 5 KB
1 KB 316ms
315ms Script
application/javascript 67.43.13.197

General

Check archive.org

Show headers Download Go to

Full URL: https://join.katusaresearch.com/wp-content/cache/min/1/wp-content/themes/twentysixteen/js/functions-300fad55b0e852a36c0540d5d6c199c1.js
Requested by: Host: join.katusaresearch.com
URL: https://join.katusaresearch.com/rmm-thank-you-page-rmm/?utm_source=io&utm_medium=cto&utm_campaign=rmm&utm_content=apr-2024
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.43.13.197 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 28c01acd9d2862c19497b0dc1cfb19ca1505c5e191466c5f614c9f1d04cd86f7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://join.katusaresearch.com/rmm-thank-you-page-rmm/?utm_source=io&utm_medium=cto&utm_campaign=rmm&utm_content=apr-2024
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 07:07:25 GMT
content-encoding: gzip
last-modified: Fri, 26 Apr 2024 19:17:18 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 1421
expires: Tue, 29 Apr 2025 07:07:25 GMT

GET
H2 200 frontend.min.js Show response
join.katusaresearch.com/wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/ 2 KB
1 KB 315ms
314ms Script
application/javascript 67.43.13.197

General

Check archive.org

Show headers Download Go to

Full URL: https://join.katusaresearch.com/wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/frontend.min.js?ver=3.43
Requested by: Host: join.katusaresearch.com
URL: https://join.katusaresearch.com/rmm-thank-you-page-rmm/?utm_source=io&utm_medium=cto&utm_campaign=rmm&utm_content=apr-2024
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.43.13.197 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: ed77fc2cbbcf4cd716fbf7f4ace9c8d1612bf6140a5996e4f38f8caa142edcb8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://join.katusaresearch.com/rmm-thank-you-page-rmm/?utm_source=io&utm_medium=cto&utm_campaign=rmm&utm_content=apr-2024
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 07:07:25 GMT
content-encoding: gzip
last-modified: Wed, 27 Mar 2024 20:49:48 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 992
expires: Tue, 29 Apr 2025 07:07:25 GMT

GET
H2 200 lazyload.min.js Show response
join.katusaresearch.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ 8 KB
3 KB 313ms
313ms Script
application/javascript 67.43.13.197

General

Check archive.org

Show headers Download Go to

Full URL: https://join.katusaresearch.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
Requested by: Host: join.katusaresearch.com
URL: https://join.katusaresearch.com/rmm-thank-you-page-rmm/?utm_source=io&utm_medium=cto&utm_campaign=rmm&utm_content=apr-2024
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.43.13.197 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://join.katusaresearch.com/rmm-thank-you-page-rmm/?utm_source=io&utm_medium=cto&utm_campaign=rmm&utm_content=apr-2024
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 07:07:25 GMT
content-encoding: gzip
last-modified: Wed, 27 Jan 2021 17:42:40 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 2704
expires: Tue, 29 Apr 2025 07:07:25 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 205ms
111ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CMontserrat%3A400%2C700%7CInconsolata%3A400&subset=latin%2Clatin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://join.katusaresearch.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 17:34:04 GMT
x-content-type-options: nosniff
age: 567201
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Apr 2025 17:34:04 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
19 KB 299ms
205ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6b9eebb05461840790fc804b4590323ef12a57fe5af7fcdeed2d798e572844b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://join.katusaresearch.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 23 Apr 2024 05:10:59 GMT
x-content-type-options: nosniff
age: 525386
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19816
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:08:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Apr 2025 05:10:59 GMT

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ 20 KB
20 KB 239ms
144ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://join.katusaresearch.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 18:38:30 GMT
x-content-type-options: nosniff
age: 563335
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20028
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:41:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Apr 2025 18:38:30 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
19 KB 213ms
119ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://join.katusaresearch.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 27 Apr 2024 13:26:09 GMT
x-content-type-options: nosniff
age: 150076
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19740
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Apr 2025 13:26:09 GMT

GET
H2 200 u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
20 KB 142ms
47ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://join.katusaresearch.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 20:16:33 GMT
x-content-type-options: nosniff
age: 557452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19780
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Apr 2025 20:16:33 GMT

GET
H2 200 marin-katusa-300x300.jpeg
join.katusaresearch.com/wp-content/uploads/2019/03/ 12 KB
12 KB 283ms
283ms Image
image/jpeg 67.43.13.197

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://join.katusaresearch.com/wp-content/uploads/2019/03/marin-katusa-300x300.jpeg
Requested by: Host: join.katusaresearch.com
URL: https://join.katusaresearch.com/rmm-thank-you-page-rmm/?utm_source=io&utm_medium=cto&utm_campaign=rmm&utm_content=apr-2024
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.43.13.197 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 908deb7b9a741e6ac5b119fe3fe0e6c042342de3ba00f9e6de80cbd3749aef12

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://join.katusaresearch.com/rmm-thank-you-page-rmm/?utm_source=io&utm_medium=cto&utm_campaign=rmm&utm_content=apr-2024
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 07:07:25 GMT
last-modified: Tue, 12 Mar 2019 17:32:11 GMT
server: Apache
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 12643
expires: Tue, 27 Aug 2024 07:07:25 GMT

GET
H2 200 cropped-Favicon-min-32x32.jpg
join.katusaresearch.com/wp-content/uploads/2019/03/ 1012 B
1 KB 156ms
155ms Other
image/jpeg 67.43.13.197

General

Check archive.org

Show headers Download Go to

Full URL: https://join.katusaresearch.com/wp-content/uploads/2019/03/cropped-Favicon-min-32x32.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.43.13.197 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: c84250cee23fa8474d1ee355f45d5820d84a815b2fe18018867f67ee80c55436

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://join.katusaresearch.com/rmm-thank-you-page-rmm/?utm_source=io&utm_medium=cto&utm_campaign=rmm&utm_content=apr-2024
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 07:07:26 GMT
last-modified: Wed, 13 Mar 2019 17:59:48 GMT
server: Apache
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 1012
expires: Tue, 27 Aug 2024 07:07:26 GMT

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-21 00:32:06	Name: _GRECAPTCHA Value: 09AN_JpP_RJXKOWy1jb9XrgGIWlwtNEKdZSS_FLJMT830l3V5l2788o6LCpvANqUXPc9Y8Cn2bcnJr8AqwsN1JpAQ
.beehiiv.com/	1970-01-20 20:12:56	Name: __cf_bm Value: gtmpl_CaGw_Zb3zKg0XCemIDV8SfxFi0wbC2w3iktMY-1714374439-1.0.1.1-s_erwqqj4Op71kNkUELxTaM_fA8AmzjctrHvVZcjSkKVYlCL1bywh66rHAjC10vnilBXUzwObkn7Q58bc1x03Q
.ioadserve.com/	1970-01-20 20:14:20	Name: e87636cb66b0a9f6aa2c9758d0594f39047cac01 Value: %257B%252220240429%2522%253A%255Bnull%255D%257D

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://intof.io/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)
other	warning	URL: https://intof.io/cto/capcha.php?email=ann.dhave@24plus.be&adid=2145&au=1582&type=2&pubid=2152&campaign=20001&ts=1714374440&ck=bef6f7bf0b9a8e77f60fe69c920a5b6a782087e8&redirect=aHR0cHM6Ly9qb2luLmthdHVzYXJlc2VhcmNoLmNvbS9ybW0tdGhhbmsteW91LXBhZ2Utcm1tLz91dG1fc291cmNlPWlvJnV0bV9tZWRpdW09Y3RvJnV0bV9jYW1wYWlnbj1ybW0mdXRtX2NvbnRlbnQ9YXByLTIwMjQ= Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://intof.io/cto/capcha.php?email=ann.dhave@24plus.be&adid=2145&au=1582&type=2&pubid=2152&campaign=20001&ts=1714374440&ck=bef6f7bf0b9a8e77f60fe69c920a5b6a782087e8&redirect=aHR0cHM6Ly9qb2luLmthdHVzYXJlc2VhcmNoLmNvbS9ybW0tdGhhbmsteW91LXBhZ2Utcm1tLz91dG1fc291cmNlPWlvJnV0bV9tZWRpdW09Y3RvJnV0bV9jYW1wYWlnbj1ybW0mdXRtX2NvbnRlbnQ9YXByLTIwMjQ= Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://e.ftntrk.com/scripts/sdk/everflow.js Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dsadserve.com
e.ftntrk.com
fonts.googleapis.com
fonts.gstatic.com
intof.io
ioadserve.com
join.katusaresearch.com
link.mail.beehiiv.com
s3.amazonaws.com
www.google.com
www.gstatic.com
142.250.186.68
16.182.104.176
2606:4700::6812:4528
2a00:1450:4001:800::2003
2a00:1450:4001:801::200a
2a00:1450:4001:80e::2003
34.120.188.153
34.197.163.17
54.156.254.128
54.211.190.162
67.43.13.197
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
1b75ea99f8ee9903f3b5b899809cc319fb3c7a8b9008c2f6898467ac9b14e367
1cc7c9c01e3d16a2f8d42289bbfa874f8e59d9630c997468b1708a6159d0e1e2
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
28c01acd9d2862c19497b0dc1cfb19ca1505c5e191466c5f614c9f1d04cd86f7
352a6d9b12a5ae3949d370ff42a338ba8bb6ff455d9ba995b1755fb7b99e8824
3a73e22cb2ecdd89b953349a35b27d8916a13d25d7126aa48dc9d07088f6dc9b
465516b14cf7a68b59268e49f444e0cddf3226a3786c198d56dab2e7f1809b8b
499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
5eb384a7e45b44298ed919a983ebfbfd604c32dc13781b3910856d54ecf61279
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
908deb7b9a741e6ac5b119fe3fe0e6c042342de3ba00f9e6de80cbd3749aef12
95bea745a95f1e8095fe02f728b6d06bfbbd0460199502d53c559a1b03512a37
99628dbda2fd0f03264eb7435c220863b29363a8c5896afefa9211f73958f09c
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1bb29f959fcae5afcf1733cd70e6e1787f520f4a52ff9e3c8c6597fa82201d1
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
c84250cee23fa8474d1ee355f45d5820d84a815b2fe18018867f67ee80c55436
d84708b189c2eaa665ae431f8bcbdd7f160172491d7c97ed095b7fb7f3df3937
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
ed77fc2cbbcf4cd716fbf7f4ace9c8d1612bf6140a5996e4f38f8caa142edcb8
f6b9eebb05461840790fc804b4590323ef12a57fe5af7fcdeed2d798e572844b
fe6411d3e7064877072fb25000544525e1a6b72cb296c8aab16e8ef5c7a714b7
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

join.katusaresearch.com Open in urlscan Pro 67.43.13.197 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

30 Requests

97 %HTTPS

36 %IPv6

10 Domains

11 Subdomains

8 IPs

2 Countries

476 kBTransfer

1046 kBSize

3 Cookies

5 Outgoing links

Page URL History

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

join.katusaresearch.com Open in urlscan Pro
67.43.13.197 Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

97 %
HTTPS

36 %
IPv6

10
Domains

11
Subdomains

8
IPs

2
Countries

476 kB
Transfer

1046 kB
Size

3
Cookies

30 HTTP transactions
0 data transactions